www.ilovexs.com Open in urlscan Pro
2606:4700:3030::ac43:8601 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ilovexs.com/
Submission: On January 03 via manual (January 3rd 2022, 2:16:47 pm UTC) from KR — Scanned from DE

Summary HTTP 116 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 34 domains to perform 116 HTTP transactions. The main IP is 2606:4700:3030::ac43:8601, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ilovexs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2021. Valid for: a year.

This is the only time www.ilovexs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3030::ac43:8601	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::6815:3ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700:303... 2606:4700:3035::6815:5c33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:303... 2606:4700:3033::6815:3d17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::6815:4066	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
8	45.133.44.24 45.133.44.24	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	95.211.229.248 95.211.229.248	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	2a02:3d0:623:... 2a02:3d0:623:a000::8	22822 (LLNW) (LLNW)
3	45.133.44.25 45.133.44.25	7018 (ATT-INTER...) (ATT-INTERNET4)
2 2	2a01:4f8:c0:3... 2a01:4f8:c0:33d8::1	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:52... 2a02:128:7:5242::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	2a02:128:7:52... 2a02:128:7:5241::2	50245 (SERVEREL-AS) (SERVEREL-AS)
3	2606:4700:303... 2606:4700:3033::ac43:b8ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	168.119.25.22 168.119.25.22	24940 (HETZNER-AS) (HETZNER-AS)
1	2a01:4f8:e0:1... 2a01:4f8:e0:19cb::1	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:128:7:47... 2a02:128:7:4777::1	50245 (SERVEREL-AS) (SERVEREL-AS)
1	88.198.204.168 88.198.204.168	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:e::7	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:128:7:47... 2a02:128:7:4727::3	() ()
116	28

8 2606:4700:3030::ac43:8601 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ilovexs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:3ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

raion.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3035::6815:5c33 (United States)

ASN13335 (CLOUDFLARENET, US)

tokage.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3033::6815:3d17 (United States)

ASN13335 (CLOUDFLARENET, US)

niwatori.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:4066 (United States)

ASN13335 (CLOUDFLARENET, US)

nezumi.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 45.133.44.24 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3b927b608b.583d46135c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.natsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.248 (Leidschendam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ds03.evo.0x3e.net

syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:3d0:623:a000::8 (United States)

ASN22822 (LLNW, US)

s3t3d2y7.ackcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:c0:33d8::1 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

rtbbnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5242::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tcimp.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5241::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tb.baimgfroggd.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:b8ea (United States)

ASN13335 (CLOUDFLARENET, US)

stream.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.25.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:e0:19cb::1 (Germany)

ASN24940 (HETZNER-AS, DE)

ntvpinp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:128:7:4777::1 (Czech Republic)

ASN50245 (SERVEREL-AS, NL)

vs.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.204.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-204-168.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:e::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr2---sn-4g5edn6r.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:4727::3 (None, )

ASN- ()

vs.javcosplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	tokage.my.id tokage.my.id	2 MB
17	youtube.com www.youtube.com	752 KB
10	googlevideo.com rr2---sn-4g5edn6r.googlevideo.com	433 KB
8	blogspot.com 1.bp.blogspot.com 3.bp.blogspot.com	865 KB
8	niwatori.my.id niwatori.my.id	654 KB
8	ilovexs.com www.ilovexs.com	64 KB
5	bantgoau.com stream.bantgoau.com vs.bantgoau.com	673 KB
4	realsrv.com a.realsrv.com syndication.realsrv.com	7 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
3	ackcdn.net s3t3d2y7.ackcdn.net	103 KB
2	google.com www.google.com	14 KB
2	rtbbnr.com 2 redirects rtbbnr.com	2 KB
2	wpushsdk.com js.wpushsdk.com	28 KB
2	wpshsdk.com js.wpshsdk.com	21 KB
2	wpadmngr.com js.wpadmngr.com	29 KB
2	nezumi.my.id nezumi.my.id	251 KB
2	raion.my.id raion.my.id	171 KB
1	javcosplay.com vs.javcosplay.com	237 B
1	ggpht.com yt3.ggpht.com	2 KB
1	tubecup.net notification.tubecup.net	193 B
1	googleusercontent.com lh3.googleusercontent.com	39 KB
1	ntvpinp.com ntvpinp.com	2 KB
1	nereserv.com nereserv.com	193 B
1	baimgfroggd.site 1 redirects tb.baimgfroggd.site	677 B
1	zog.link 1 redirects tcimp.zog.link	308 B
1	cabnnr.com js.cabnnr.com	10 KB
1	natsdk.com js.natsdk.com	14 KB
1	583d46135c.com 3b927b608b.583d46135c.com	199 B
1	nawpush.com na.nawpush.com	1 KB
1	google-analytics.com www.google-analytics.com	347 B
1	googletagmanager.com www.googletagmanager.com	61 KB
1	cstwpush.com cst.cstwpush.com	598 B
0	bookmsg.com Failed static.bookmsg.com Failed
116	34

	Domain	Requested by
18	tokage.my.id	www.ilovexs.com
17	www.youtube.com	www.google.com www.youtube.com
10	rr2---sn-4g5edn6r.googlevideo.com	www.youtube.com
8	niwatori.my.id	www.ilovexs.com
8	www.ilovexs.com	www.ilovexs.com
7	1.bp.blogspot.com	www.ilovexs.com
3	stream.bantgoau.com	js.cabnnr.com stream.bantgoau.com
3	s3t3d2y7.ackcdn.net	syndication.realsrv.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google.com	stream.bantgoau.com www.youtube.com
2	vs.bantgoau.com	stream.bantgoau.com
2	rtbbnr.com	2 redirects
2	js.wpushsdk.com	js.wpadmngr.com
2	js.wpshsdk.com	js.wpadmngr.com js.wpshsdk.com
2	syndication.realsrv.com	a.realsrv.com www.ilovexs.com
2	js.wpadmngr.com	cst.cstwpush.com js.wpadmngr.com
2	a.realsrv.com	www.ilovexs.com
2	nezumi.my.id	www.ilovexs.com
2	raion.my.id	www.ilovexs.com
1	vs.javcosplay.com	stream.bantgoau.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	notification.tubecup.net
1	lh3.googleusercontent.com	stream.bantgoau.com
1	ntvpinp.com	js.wpushsdk.com
1	nereserv.com	js.wpushsdk.com
1	tb.baimgfroggd.site	1 redirects
1	tcimp.zog.link	1 redirects
1	js.cabnnr.com	js.wpadmngr.com
1	js.natsdk.com	js.wpadmngr.com
1	3b927b608b.583d46135c.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.ilovexs.com
1	cst.cstwpush.com	www.ilovexs.com
1	3.bp.blogspot.com	www.ilovexs.com
0	static.bookmsg.com Failed
116	39

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
*.raion.my.id R3	`2021-12-19` - `2022-03-19`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
realsrv.com R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
cst.cstwpush.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
js.wpadmngr.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
ackcdn.net R3	`2021-10-27` - `2022-01-25`	3 months	crt.sh
na.nawpush.com R3	`2021-12-12` - `2022-03-12`	3 months	crt.sh
3b927b608b.583d46135c.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
js.natsdk.com R3	`2021-11-28` - `2022-02-26`	3 months	crt.sh
js.wpshsdk.com R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh
js.wpushsdk.com R3	`2021-11-18` - `2022-02-16`	3 months	crt.sh
js.cabnnr.com R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
notification.tubecup.net R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
vs.bantgoau.com R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-30` - `2022-02-08`	2 months	crt.sh
vs.javcosplay.com R3	`2021-12-26` - `2022-03-26`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.ilovexs.com/
Frame ID: 535D81FE7E94499D902E56F408DD7499
Requests: 65 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4270810&type=300x250&p=https%3A//www.ilovexs.com/&dt=1641219403570&sub=&tags=&screen_resolution=1600x1200&sticky=1&cookieconsent=true
Frame ID: 21D720529B5D4C45AB892E69ADAB25AF
Requests: 2 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4214752&type=300x250&p=https%3A//www.ilovexs.com/&dt=1641219403573&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: FBD4B3D32621C2FEA61C8768454594B6
Requests: 1 HTTP requests in this frame

Frame: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4214752&type=300x250&p=https%3A//www.ilovexs.com/&dt=1641219403573&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: C76C9FEFB931CFADC1004F8CAA03AC8D
Requests: 2 HTTP requests in this frame

Frame: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14
Frame ID: F7004F202AC7F4C8A07B1EF3CFE21C1C
Requests: 4 HTTP requests in this frame

Frame: https://stream.bantgoau.com/files/ytls/bundle10.js
Frame ID: 5904B472B94B878C1A1D88C077D09C37
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: A4718104AFE0C8E55260313C32C185CA
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: 7F73526FBAF787634F23CFDD2A3DB3BA
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NongMo.Zone

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

95 %
HTTPS

83 %
IPv6

34
Domains

39
Subdomains

28
IPs

4
Countries

5844 kB
Transfer

9568 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiNDI4MzQzNjQ5IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTE0MTJ9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjExNDEyIiwicGFnZSI6Imh0dHBzOi8vd3d3Lmlsb3ZleHMuY29tLyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI3NWY2N2QwMjBhNmMyYzQ1NjFkMWNhNDY3MDM0NWIwYSJ9LCJleHQiOnsiZHQiOjE2NDEyMTk0MDM3OTR9fQ== HTTP 302
https://rtbbnr.com/banner/in/show/?mid=987596396&pid=0&site=11412&sc=DE&usage_type=DCH&subid=428343649&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.ilovexs.com&hostname=auc-banner-hz-4&site_id=0&spot_id=11412&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2001:ac8:36:6:207::1&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&min_cpm=0&ttl=&space_id=1695&url=%2F%2Ftcimp.zog.link%2Fin%2Fbanners%3Fkatds_ep%3Df6RpCUsIoy05uINtxm8bTSReIJdvA1fC2nlglZsBnP9HDAFzwBxa_AjZ_iDdR8vO3iMB0cQVg8edW7UQBWGJuvmtsD4On5WLmhhursvMtAYSoowU0Bum8R0VVoJCo2bkJmZo4x2TeYowgbInPINsKUnz-DmvXDla-vZx1PNc6iPf_m1SAFD8BwyRvAbBZlxYwou3s60FMSy_yUwU1I26v-SyopmjRYQ0B-6oQa8xQcWMhIqH8eaa7mLiMWSEH-UZwoFpNgrbObVAYoPwvFUy2Fl3v7F51upcCjbq-75JwHmOdL1zgGVsXo-0MYS_CR3O5cwNGchWi_RdfYE-S4WEHu2RQ4bAnQQZSlw5AOv90Yd0ZwfKDmkhQBbtgpkNgqpmkOYOpAdoAQHQ1tCSjwf-k-fKO6vCrQ43z1melIOPFzrDQIZjeUDgkCZ3lXTt_d1var7dkm5_oOCzbVY HTTP 302
https://tcimp.zog.link/in/banners?katds_ep=f6RpCUsIoy05uINtxm8bTSReIJdvA1fC2nlglZsBnP9HDAFzwBxa_AjZ_iDdR8vO3iMB0cQVg8edW7UQBWGJuvmtsD4On5WLmhhursvMtAYSoowU0Bum8R0VVoJCo2bkJmZo4x2TeYowgbInPINsKUnz-DmvXDla-vZx1PNc6iPf_m1SAFD8BwyRvAbBZlxYwou3s60FMSy_yUwU1I26v-SyopmjRYQ0B-6oQa8xQcWMhIqH8eaa7mLiMWSEH-UZwoFpNgrbObVAYoPwvFUy2Fl3v7F51upcCjbq-75JwHmOdL1zgGVsXo-0MYS_CR3O5cwNGchWi_RdfYE-S4WEHu2RQ4bAnQQZSlw5AOv90Yd0ZwfKDmkhQBbtgpkNgqpmkOYOpAdoAQHQ1tCSjwf-k-fKO6vCrQ43z1melIOPFzrDQIZjeUDgkCZ3lXTt_d1var7dkm5_oOCzbVY HTTP 302
https://tb.baimgfroggd.site/in/1816/?user_id=eb9d2febbe40555d02d3583ba9df566827bcca2c&bid=0.042350&katds_labels=&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14 HTTP 302
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14

Request Chain 93

https://puwpush.com/popunder/in/show/?mid=1931268693&pid=0&site=native-push&sc=DE&usage_type=DCH&subid=1504098403&sid=411500999&cid=10289&price=0&is_cpm=1&cpm=1.9&ecpm=1.9&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=0&ver=5.1.0&ver_c=&refdom=www.ilovexs.com&hostname=auc-inpage-hz-0-a&site_id=315152&spot_id=5152&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-01-03&is_native=3&auction_queue=0&burl=&pop_winurl=&ip=194.36.108.19&testab=0&px_id=315152&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=&pop_type=1&space_id=1546&url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FDE%2FDE_147f3c21306505f61a7439bc9ada72f6770c3ef2_icon.webp&format=default-slide-t_l-body&mlf=1&cpa=5352a95a-2913-4692-b5ad-a92d67375603 HTTP 302
https://static.bookmsg.com/creatives/DE/DE_147f3c21306505f61a7439bc9ada72f6770c3ef2_icon.webp

Request Chain 101

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

116 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ilovexs.com/ 52 KB
6 KB 859ms
638ms Document
text/html 2606:4700:3030::ac43:8601
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovexs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8601 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad5c058a7c9b97cbc35da4f3c2fd1e2ea6f2e91a3be7c816c55139798710098f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
content-type: text/html;charset=UTF-8
content-language: de-DE
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vW5xgqRVF4ngG8dxbdlEfCUCmTgB8aAGzsjZxqjNVRx49K%2FoBKMJVS%2BfKdCxsXVi6vCW8rPIqxkz0HL6CIzuLb9dsvH3LE6fd4Zz8EIgAb3a6dwfEMbl9yiErLfF4grJwogYU3g%2FxefeM%2FxwhJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c7cd8a85aadd608-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 marjoram.css
www.ilovexs.com/css/ 52 KB
12 KB 643ms
642ms Stylesheet
text/css 2606:4700:3030::ac43:8601
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovexs.com/css/marjoram.css
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8601 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aee5c312b941cf8a2d5f20872d8bd2c578bf878a891a306e33e1236696b5241

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 03 Nov 2021 16:47:59 GMT
server: cloudflare
cf-polished: origSize=83688
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THbj6guSjxtppUEupjwUuf6VarAYVGCS86S3B1ONMYstqwkjHyfPepl%2FMGwYt%2Bx9mSZ2KpgC%2ByjnLLU307SXUF%2BIjv9Dxtdl7MDMg9EhwSnJxlPeR3TjdlAD0fXYInKZKhafAvzrSJ0ZMGdwEVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c7cd8ac795dd608-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H2 200 0000.webp
raion.my.id/wp-content/uploads/2022/01/ 71 KB
72 KB 146ms
37ms Image
image/webp 2606:4700:3033::6815:3ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://raion.my.id/wp-content/uploads/2022/01/0000.webp
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f131980d99a7cc28d60391193165954279b9baebbfde79840227bbb4924adf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3024
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 72706
last-modified: Sat, 01 Jan 2022 20:52:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29lAaaHbyPAg03FBDPWoX6gq%2FZ98PjOyd8zi%2Fq%2FuB5iVgZZ2xerCFeZ43Jqw2C9GX23jDlrYeL5r78Qz2hRcQGkmNQzH3zVDCftghrR3P5lBKYlbMVhWszUiXmKKVRTjlWCfafC3d5tOkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6c7cd8ad2e2cd618-MXP
expires: Tue, 03 Jan 2023 17:01:24 GMT

GET
H2 200 0000-25.webp
tokage.my.id/wp-content/uploads/2022/01/ 71 KB
71 KB 259ms
204ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000-25.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30cb35fc6319e0ee5c12b6d21633c665cfc4158dbbfaf80793bcb02ef4cb65d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 72746
last-modified: Sat, 01 Jan 2022 20:49:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewsK9QnxCGHhCnN307SvOPhZmz3YXwqVXS%2BPrkn3DKuv1pJi%2FutMnxF2CxsHXRkWI5LKU%2BSU51NK%2B8W2I6TPAItFdw0dcrgf3zE2ds7cwjJKXwM%2BVBJ3vgOngo%2FHcAYWfG%2FLdw3MYivxeds%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8acce810e16-MXP
expires: Tue, 03 Jan 2023 17:02:58 GMT

GET
H2 200 0000-19.webp
tokage.my.id/wp-content/uploads/2022/01/ 105 KB
106 KB 246ms
191ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000-19.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71d5ee5062c78a1db5f09e83aae801f61f58843e0c67efc4a8719249cf10c2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107820
last-modified: Sat, 01 Jan 2022 20:29:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1F6ZI02TRX8YFxCOeKc4cGz%2FmmPTTWOatXx6AohCU9Tdw7Ix%2Fu4apdP40746c11K5iROvMBheWLBTlalGvR1xKkgEZQxpvp%2BJww5SDbbtPwiEZlswiOPD707aBy%2B9DMdjhZJOcS9tYm01t8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8acce870e16-MXP
expires: Tue, 03 Jan 2023 17:03:47 GMT

GET
H2 200 000.webp
tokage.my.id/wp-content/uploads/2022/01/ 101 KB
102 KB 99ms
44ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/000.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d10d83d7e75374b6257d6524971ea17e83a232342b8dad9d357c2df14d41869

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18504
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 103404
last-modified: Sat, 01 Jan 2022 18:11:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMhSEP3dUp3C9oWFRH9GTMRVtrpJM88qZaiEXYaOxMPYplINqbpvGMkY7XIMjpcIxz6LMSGP2sVPWoVsfzbWwxAP4SN5r0GHoFp2323Dcnodjd0vKTVLDh1AAmpnci9gz6Q4hKUrsu04Rk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8acce880e16-MXP
expires: Tue, 03 Jan 2023 15:01:17 GMT

GET
H3 200 00000000-5.webp
tokage.my.id/wp-content/uploads/2021/12/ 90 KB
90 KB 70ms
52ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2021/12/00000000-5.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d30cff157018c1a44b2f9f4328429133294027545e642a6e06dcefd28e5ad236

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 91826
last-modified: Sat, 25 Dec 2021 04:56:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JG25LUyrHgnxzqoDrxtHtWOzKdiFoXERjsEBfFiAUzxK36G0Zlqeg6KAzFQdrPGE3yTACOLM9UfZMnOZfFu8NnLAgNI0HOMEVfnfjfT5a%2FBtR9n5L2VaAzvOz1%2BVdKQMM4%2BPtuUvzyoybA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8ae386cdff3-FRA
expires: Tue, 03 Jan 2023 15:02:12 GMT

GET
H3 200 0000-8.webp
tokage.my.id/wp-content/uploads/2022/01/ 86 KB
87 KB 44ms
26ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000-8.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d368d3e7491cb263ef757e719226c947c61d81fde2350c4923bd4f59faff273

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18498
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 87862
last-modified: Sat, 01 Jan 2022 18:16:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=845KXM%2ByfSUuO1KZnKkLGGRutjLTVKzwZOkwD2rdQtt3vFjlU9FyJb%2BcMrl3psgWNLic3iruX8biD7J9%2FFPHQnSzNK26o9rmZN%2F2TZcZxU5mR4D5p6bOC1nCtR8hd2gZHFp9CkJS%2FSc0goo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8ae3872dff3-FRA
expires: Tue, 03 Jan 2023 15:03:30 GMT

GET
H3 200 0000-34.webp
tokage.my.id/wp-content/uploads/2022/01/ 68 KB
69 KB 88ms
70ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000-34.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03e3b6f53d85749630338e31dc03bc82bb0041ea401a991e6a8683c0cbb79e15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 69492
last-modified: Sun, 02 Jan 2022 09:21:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLU%2BTSIO71a5cWjMxvVOZAPFR1o76ZA45pjkZ5rR8iE8TEbJUIMKEss1Wj8854LB%2Bk9Zi9oc8O3fHpSB814KWbl24HSy1HZ4eysLsdI0h1LO3ToRMmqiiHjjIX6ITNLnqc0ttYBpi0ZKekI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8ae3871dff3-FRA
expires: Mon, 02 Jan 2023 15:21:40 GMT

GET
H2 200 0000-41.webp
niwatori.my.id/wp-content/uploads/2022/01/ 88 KB
88 KB 62ms
30ms Image
image/webp 2606:4700:3033::6815:3d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwatori.my.id/wp-content/uploads/2022/01/0000-41.webp
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fa7d3d3cccc77291b02cd052ba237de9fbdceb528c938f179ad3af0cd03c201

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 89772
last-modified: Sat, 01 Jan 2022 17:00:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7Tf%2BjUKWyeQmCaeEU4TZMY0Y1GIPcRGf0xdXMb%2Bu1HwAfPXn4tKcAMAYe7KgIZPUmdZeCZ11cO6eO%2F0nGnhbwNan0G0OflHfacV0oIV1EWM54i3t6P6HNgAO1ismEDmUm5IhEH6fvIrDxkY7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6c7cd8ae4b822b41-FRA
expires: Tue, 03 Jan 2023 13:01:47 GMT

GET
H2 200 0000-42.webp
niwatori.my.id/wp-content/uploads/2022/01/ 120 KB
120 KB 49ms
17ms Image
image/webp 2606:4700:3033::6815:3d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwatori.my.id/wp-content/uploads/2022/01/0000-42.webp
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f532d437985e8776751c63a3ded6d2389279516cf3e5dd951a970cf4b6ffe25e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 122564
last-modified: Sat, 01 Jan 2022 17:02:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRkJiPtVDAl8t5A7%2Ba4%2Bo6J6JAxDmqCLudIuxPoVjnB%2FtEiXNKpPnCrPZUViHgHCn%2FcxRODlszMGAgTpSKgvp%2FkehwC9T5cyHPrWXkgpKe5njpqNjflqaH%2BwCTKcCCFbTPGIph2sMlhOvYSmbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6c7cd8ae4b8e2b41-FRA
expires: Tue, 03 Jan 2023 13:02:40 GMT

GET
H3 200 0000-37.webp
tokage.my.id/wp-content/uploads/2022/01/ 99 KB
100 KB 94ms
77ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000-37.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd881afc57f63763e11e2e34a33b7a1bbf14b506271822337bbe10fba5fed43d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32784
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 101592
last-modified: Sun, 02 Jan 2022 09:28:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aV3Bv6KX98MmLoh8xc8BoXVxmN81UshxuldlbqjKkCU0MsWZNNQbG%2BTwNGD3lUBPnTKjioILAPeTlI%2BD4y2ka2T2bFDbo7DVo13y%2B0gNRIKrCr1%2Bt7KWrj%2BlREpxGWAfCzbWoLR85sSVBM4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8ae3874dff3-FRA
expires: Mon, 02 Jan 2023 15:28:13 GMT

GET
H3 200 0000-36.webp
tokage.my.id/wp-content/uploads/2022/01/ 66 KB
66 KB 86ms
69ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000-36.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89c99b26d304a045144ce981b01813d109de8df8808dcbd14fde95c3efdf1024

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29282
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 67284
last-modified: Sun, 02 Jan 2022 09:25:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQyFKNFMK%2F1aob9hDNjOj3SAMYl1fSj9olL%2FZnEiJ9VM8Pabt7HCpZA76YNb6EnJLajNLG9MHfC6OP%2B2suQ01AiaOwgBr4CiJzLg%2BrIIdIx%2FQy0hTYkzmfJeQMXkWJAzOfTekWMOB5jF068%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8ae3870dff3-FRA
expires: Mon, 02 Jan 2023 15:25:22 GMT

GET
H3 200 0000-35.webp
tokage.my.id/wp-content/uploads/2022/01/ 70 KB
71 KB 35ms
18ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000-35.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebc888354308b2a07f593829eb0133c0c24190c70a59235f9ec8373a799270f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32784
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 71790
last-modified: Sun, 02 Jan 2022 09:23:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHQIXTiyb4sSP5UbZZ2EWG9ZG9IHiXO0iZYrdGliLCuKCCPYW9KDJEDpHFni6MaCOz95pCr8%2FW2b9f4k2DVwFfS5QlBgBC7nfs%2By27%2FHk0IeQehpkK43IjJzpQvgM%2BsF3gg%2Ba5zwpTxp0FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8ae386edff3-FRA
expires: Mon, 02 Jan 2023 15:23:13 GMT

GET
H3 200 0000-40.webp
tokage.my.id/wp-content/uploads/2022/01/ 53 KB
53 KB 113ms
96ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000-40.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b4ab8092d8d17e37d5fb0dda73ef8a830a851a03cdf9b7c7c03b64c656d09d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39438
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53894
last-modified: Sun, 02 Jan 2022 09:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4mr%2BD4S08hQFlHldS20pqUblr4aqKu1VjR5K0NeXXU0XfVByCFp0Ecw%2BI9L52TAFP5TA7pRsgEyS5iA%2FRMhFwER6KvZZ9TcY78fmdOnoBSB1YY%2FbKW%2BdxSMytHWCGNC3g0QHu9QrD5UBxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8ae3878dff3-FRA
expires: Mon, 02 Jan 2023 15:34:34 GMT

GET
H3 200 0000-39.webp
tokage.my.id/wp-content/uploads/2022/01/ 119 KB
120 KB 101ms
84ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000-39.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

204f53ed9323e6e0c6ea23932a312b21638a0ee8525799261f76d06763998b5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39438
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 122304
last-modified: Sun, 02 Jan 2022 09:32:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Y6pt2U1qWlZQI%2BzydyksypvlUjQky2Z0%2Br%2FUXRkMoraJH3USjJxXae8D%2B5oBjzEE4D1dyvK5ydt0U1JRYekepgsrg8w08QsuPalHU%2FdX25EdtMprHdvVmpCx6fv8bT3cCSU%2Fe3bQ1Igl0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8ae3876dff3-FRA
expires: Mon, 02 Jan 2023 15:32:50 GMT

GET
H3 200 0000-38.webp
tokage.my.id/wp-content/uploads/2022/01/ 81 KB
82 KB 114ms
98ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000-38.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ccfb51f4547f5927aacb3dc8cdbc1bf21b87e6decaf9e215405c6e1c9aab62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39438
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 83226
last-modified: Sun, 02 Jan 2022 09:31:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZeBFVUc0hx20227JdxHdrw1HQ6l%2BAaHLqRdGJHmiAQM6R2FjxhNksx%2FHDH2vlTg0%2BwssA4mCCOyKqoHCvVRTlAvBWzlGMc1WT0xf3s1rkwJ3tgLNSRcG%2B68fW80rUkLisftjrjBOS8Qj8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8ae387adff3-FRA
expires: Mon, 02 Jan 2023 15:31:13 GMT

GET
H2 200 0000-5.webp
niwatori.my.id/wp-content/uploads/2022/01/ 107 KB
108 KB 60ms
29ms Image
image/webp 2606:4700:3033::6815:3d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwatori.my.id/wp-content/uploads/2022/01/0000-5.webp
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0994c6adad54327ded3f78fc8cd15e25709ee6799c2466b4fa760b41ace0c7d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47448
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 110008
last-modified: Sat, 01 Jan 2022 10:49:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgNURryOXLRZgSWBtUMUVw3UyC0%2B87j%2B4%2FA%2BYw3QqoqAiiCQbPwHMDaWZK%2BEF%2BCOpvBLhCdS4TxuHKCcjv0i2LBvpCfuUJlUbB5EdM4n4jCkBVTzooxoH99ClAiT2%2BiSOhoCwLzZhZeyoadz7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6c7cd8ae4b8d2b41-FRA
expires: Tue, 03 Jan 2023 07:03:52 GMT

GET
H3 200 0000-4.webp
niwatori.my.id/wp-content/uploads/2022/01/ 51 KB
51 KB 234ms
190ms Image
image/webp 2606:4700:3033::6815:3d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwatori.my.id/wp-content/uploads/2022/01/0000-4.webp
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20430c9122d7657f372038901643442dcf417536f0ebc2eb82e4fcde4132c501

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15732
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52036
last-modified: Sat, 01 Jan 2022 10:43:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RHsZ1vU9c4jfFOhyG7JD6Eimq1R0LeNMMlDftZJ5cqm1RdZjO355XwEmuxDv85OaXIzT3%2BaSvOLeDiF2h9yiiK7cDr6Q49y0hJd2M3FpGJvJqsqVhlfOZOuOjJ8vWmMG%2BDkt7y8EEZEntZOeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6c7cd8b02d3f375b-MXP
expires: Tue, 03 Jan 2023 07:02:51 GMT

GET
H3 200 0000-3.webp
niwatori.my.id/wp-content/uploads/2022/01/ 73 KB
74 KB 178ms
135ms Image
image/webp 2606:4700:3033::6815:3d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwatori.my.id/wp-content/uploads/2022/01/0000-3.webp
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88e35d36613dc3ec47d4374c2a5e11e5bb19d6786a7edd8e4ef05899bebd82a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15732
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 74686
last-modified: Sat, 01 Jan 2022 10:37:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMGPcQ0HCggJGEjYH%2FexKoJNvP%2F%2FUrk4ojP7U1yjeUt%2FIyP5XyxHjKOKel5KrR4ltqZdhgHeYPVHK2vpoZUdVudpaRbKRw8And2BzxUELNAO4%2Bp3SePc6g8MOn6AblIfdBuPDyX62YtnhoYZwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6c7cd8b02d3d375b-MXP
expires: Tue, 03 Jan 2023 07:01:50 GMT

GET
H3 200 0000.webp
niwatori.my.id/wp-content/uploads/2022/01/ 73 KB
74 KB 168ms
125ms Image
image/webp 2606:4700:3033::6815:3d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwatori.my.id/wp-content/uploads/2022/01/0000.webp
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5c1852f7ec119e29525bf443956b5206d52ae9aa74fe74aec845532fc0525c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54685
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75140
last-modified: Sat, 01 Jan 2022 10:19:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHBO5grkSVmwrlhPb3webbqGCq67jdq7cAT02GAw3o1xT5zj8RkcSoRPJw8A5Ypf%2FtlwDYGVwFaA%2BdszqZQjaLl0BNogt7ES%2FMFeXnx5run4fOuXEv3TigEeU602UZJJJKWp90xIGIBB7UmtFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6c7cd8b02d3a375b-MXP
expires: Tue, 03 Jan 2023 05:01:28 GMT

GET
H3 200 0000-1.webp
niwatori.my.id/wp-content/uploads/2022/01/ 54 KB
54 KB 89ms
46ms Image
image/webp 2606:4700:3033::6815:3d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwatori.my.id/wp-content/uploads/2022/01/0000-1.webp
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae681d3a53af8c6c9ea5d3c2b485a684b9c18b1e82ee6282ffb69c5e110b297

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21461
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54810
last-modified: Sat, 01 Jan 2022 10:29:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7TxeWH50XeP9HfNXCKdlkMLNukEY4yoCT5vvPNamOCeJCnSwFCf33JtnCayS6neyQq6YoS64mm89BvGUqacJI8UKqO0dchcoG8QFzyXWygmJ4KCOus%2FvgcO28Oiql8OPaLJ%2FpJQiFuwrjID8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6c7cd8b02d33375b-MXP
expires: Tue, 03 Jan 2023 05:02:47 GMT

GET
H3 200 0000-2.webp
niwatori.my.id/wp-content/uploads/2022/01/ 83 KB
84 KB 108ms
66ms Image
image/webp 2606:4700:3033::6815:3d17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://niwatori.my.id/wp-content/uploads/2022/01/0000-2.webp
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7130091bbbc747647776be3e95e87831965643e41a5e0362da0651cb24487b09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15732
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85242
last-modified: Sat, 01 Jan 2022 10:33:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOqQpfe5XwBK%2BmzvmC0bjYpiCH1f8Dr9GrVRoyqzJj884lU8%2B9%2FwloQ5cdMsUQanl7kzw%2BKNCRVwJ7ZoyDadH4mHknvDTTKpIJhrLjztZyObBbjvMkHgq%2F1B4ehlVKUeMRtvykpt6LU7uvK0QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6c7cd8b02d36375b-MXP
expires: Tue, 03 Jan 2023 05:03:49 GMT

GET
H3 200 0000-3.webp
raion.my.id/wp-content/uploads/2021/12/ 99 KB
99 KB 41ms
19ms Image
image/webp 2606:4700:3033::6815:3ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://raion.my.id/wp-content/uploads/2021/12/0000-3.webp
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee522b462a82f43afc15d755add95e4fc6288bc7b7735e77b13b91e0916a7bbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97640
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 100984
last-modified: Sat, 25 Dec 2021 03:18:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ho8pojs%2FEvgD85FlDIZLmT4%2BSZS6t4%2B0IviH1Cx%2BgU37QPsp7sF1HYNhbz%2B6y6TyW8xASHRDTiRgBIVCLZqLwRD2LyZIc6Qm6blRp4ocTlO3SQEE45x9H1gKJqfPrlBxD25ymPyx8OjYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6c7cd8afffa44e26-FRA
expires: Mon, 02 Jan 2023 17:01:14 GMT

GET
H3 200 0000-16.webp
tokage.my.id/wp-content/uploads/2021/12/ 115 KB
115 KB 19ms
17ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2021/12/0000-16.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f169879cd23fb38c8c8889585315dbdc068a48394d2f41071efd9c6c12cf282c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97648
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 117476
last-modified: Sat, 25 Dec 2021 03:12:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FNKqcY6fKN4NZ2kK2UUfvksF3oR98CXZkUZdoik%2FtsBQA5szVdcChpBtdymtptE%2FAWTK7RZUy96VhsUJa5ifLPS4pZM77hp5OfL6oIzUyfuJqTWKdPyak88KRwSRWZqozNPMa1bP8%2FVJGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8afdb07dff3-FRA
expires: Mon, 02 Jan 2023 17:02:05 GMT

GET
H3 200 0000-15.webp
tokage.my.id/wp-content/uploads/2021/12/ 101 KB
102 KB 71ms
69ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2021/12/0000-15.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2019a6c92b31b74f7845370e529079d56dbe5c108a658e979e66acafb37ab5fb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97614
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 103252
last-modified: Sat, 25 Dec 2021 03:07:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5uzp8NR0xYufnA4NdZ3fq2WRJ4%2BIE8PsiEsUF%2BdCNiyf00S2jayG%2F8BFaEI9%2F9ia6UdEEsyZjgTPi8dBKYa23UI5ESfB6HE7uglzhcFtP8IWslKVCwD1CPg%2Bh3R6k23hdR3rqgKhvI8jKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8afdb0cdff3-FRA
expires: Mon, 02 Jan 2023 17:03:03 GMT

GET
H3 200 0000-28.webp
tokage.my.id/wp-content/uploads/2021/12/ 69 KB
70 KB 31ms
29ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2021/12/0000-28.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f59207cc7554d3911efb7a4556a64376baf18e519b0d233cfd41c0704e1c309

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 105273
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70996
last-modified: Sat, 25 Dec 2021 04:53:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0e6n9Q%2Bm6pMw%2Bbciw0UtTQOY3xvtRQi%2FAP6PK8EOX3JOclXxIaa2Szqtvug2NtMimOmFDeYa9NlYmQKZAjqOk%2Bk05a6C3dE%2FOU%2BLoVpXlNtbyO52n%2FPRbuMNFqCuIZeW1%2BwsW%2BIM0ApLAj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8afdb0edff3-FRA
expires: Mon, 02 Jan 2023 15:01:05 GMT

GET
H3 200 0000000000.webp
tokage.my.id/wp-content/uploads/2021/12/ 122 KB
123 KB 38ms
36ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2021/12/0000000000.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc4c7e80396ebb84d402c2fbfceb26365eb52f5ee17f75637aa86ae80cb40a93

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 105274
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 125176
last-modified: Sat, 25 Dec 2021 04:32:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3f2lQr6arVBZwmTZmcmM7FVtEa7YssqZ8uq2RtBUs7SOSQ4w1qC05EKsDSh1ZuQoBECP07TzjefYo00EOPbM4TE4GkUscFC%2BDLeK%2BnNMM1jYlQfK1DnTKTS08XEetdj4psfQbtXgEIYUMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8afdb0fdff3-FRA
expires: Mon, 02 Jan 2023 15:02:07 GMT

GET
H3 200 00000.webp
tokage.my.id/wp-content/uploads/2021/12/ 93 KB
94 KB 28ms
26ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2021/12/00000.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f91ad79eb9b023bad085a64d6fb3ce4ee6c51afd67f2ff1b916eaea0fe9a0615

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104430
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 95390
last-modified: Sat, 25 Dec 2021 04:49:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cicIi7C25lZe7BH2GJPtj2e0khv4Hbv%2FP7jRb3lXitXAzCmszcNk6dp6bdFV8AsTJISS8ecbBpkpWTIi1VBTTN8h7tKhBkwEHxlSvHRTmeUA090apg4vxmHHdW03Vtfu8bEwNCps%2BJ%2FWbm4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8afdb11dff3-FRA
expires: Mon, 02 Jan 2023 15:03:09 GMT

GET
H3 200 0000.webp
tokage.my.id/wp-content/uploads/2022/01/ 93 KB
94 KB 54ms
52ms Image
image/webp 2606:4700:3035::6815:5c33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tokage.my.id/wp-content/uploads/2022/01/0000.webp

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5c33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e262b9535c4651d95e5be52d104b59638b22bbf6a6e0d372baee1e227ecdd1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 95466
last-modified: Sat, 01 Jan 2022 04:44:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOb80iGsUI2QQOh5O%2FUxsDsGGRYQqq8tgJrT3IrVUaZBiDCI74VN7dVnI3lQt%2FbnCn2p%2FBPZfpshp2MZfIm%2BgG9xJF7aP%2BtBGB7Xp6Nf7lFVJGCnX1Gf248RDYuUkRRpu9vpwk1EivnJ20M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8afdb13dff3-FRA
expires: Sun, 01 Jan 2023 10:44:02 GMT

GET
H2 200 0000-33.jpg
nezumi.my.id/wp-content/uploads/2021/12/ 109 KB
110 KB 118ms
44ms Image
image/jpeg 2606:4700:3033::6815:4066
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nezumi.my.id/wp-content/uploads/2021/12/0000-33.jpg

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:4066 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a0024873ec305b424a299a4c17e869324d178a905d6e36ad76c332d9e9aa76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 107188
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 111562
last-modified: Tue, 21 Dec 2021 09:41:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOYOXhxA1eWh9FN71VgzMAqazqSVsUitcdqspPxMKiemzzp31cmbASz9554uMHOJD4DMsaNqoriI9hm1GNtHqFZgwuasVI0e6TeU3fl0VeRctO5rzw8z1JrD0XX%2FRkKP2sgCCh6UERI37MQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8b05f5e3760-MXP
expires: Mon, 02 Jan 2023 13:01:07 GMT

GET
H2 200 0000-34.jpg
nezumi.my.id/wp-content/uploads/2021/12/ 141 KB
142 KB 135ms
62ms Image
image/jpeg 2606:4700:3033::6815:4066
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nezumi.my.id/wp-content/uploads/2021/12/0000-34.jpg

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:4066 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd07a2b3c99f8e9bb0bd0d18451ac18b566da5a16a9d93ed5d2df56800a3beb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 107188
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 144528
last-modified: Tue, 21 Dec 2021 09:45:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIxp9AFdnXqCO1ndLCxnCEmWaeP3Xow3U8KJZmfyBqZ2vVnRcQfYw7PDn2ssqY9zp%2BuID%2Fcv29BWEpLgWkfBD0K1gokvxnzNr%2BAouUbCIMuMgtXGY08PWXGYHS%2FkqgVVze%2F29FfreUFIkm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6c7cd8b05f613760-MXP
expires: Mon, 02 Jan 2023 13:02:12 GMT

GET
H2 200 0000.jpg
1.bp.blogspot.com/-A78hNH2piD4/YBOoyKyrdvI/AAAAAAADj-I/JcksbX5nvT0DdVrf5xG9wxYOVXjShj6CwCLcBGAsYHQ/s0/ 95 KB
95 KB 72ms
43ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-A78hNH2piD4/YBOoyKyrdvI/AAAAAAADj-I/JcksbX5nvT0DdVrf5xG9wxYOVXjShj6CwCLcBGAsYHQ/s0/0000.jpg

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9c746125f5b1446cf0d5338f62538890eb0adbee590b3f62dbd33eca01924131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="0000.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96850
x-xss-protection: 0
server: fife
etag: "v3902a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Dec 2021 22:45:43 GMT

GET
H2 200 0000.jpg
1.bp.blogspot.com/-QBJ-h8me2p8/X_pjBrV82kI/AAAAAAABaKA/Q9Or5yiZO1oOH-Dkp5tNfNbpNOk4PjQlwCLcBGAsYHQ/s0/ 93 KB
93 KB 64ms
36ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-QBJ-h8me2p8/X_pjBrV82kI/AAAAAAABaKA/Q9Or5yiZO1oOH-Dkp5tNfNbpNOk4PjQlwCLcBGAsYHQ/s0/0000.jpg

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0811ce888146e9dbb84af9ed5f451f482d1aa04f450c2fd2bbb3a69097a5dc8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="0000.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95011
x-xss-protection: 0
server: fife
etag: "v168ab"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Dec 2021 19:25:33 GMT

GET
H2 200 0000.jpg
1.bp.blogspot.com/-ZgUOMBeEtW4/YXdesnEBOfI/AAAAAAAAEKg/dkx3HKJ8aIEg3eWebTwTLxulL5vFF_GQgCLcBGAsYHQ/s0/ 101 KB
102 KB 75ms
47ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZgUOMBeEtW4/YXdesnEBOfI/AAAAAAAAEKg/dkx3HKJ8aIEg3eWebTwTLxulL5vFF_GQgCLcBGAsYHQ/s0/0000.jpg

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4bf776dcba719ad2844f2367c37876747d5a1ee47d4020d7188f0199797feeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="0000.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103825
x-xss-protection: 0
server: fife
etag: "v10aa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 29 Dec 2021 07:24:53 GMT

GET
H2 200 0000.jpg
1.bp.blogspot.com/-223c8ihY4ng/YKo2QttFl5I/AAAAAAAERVo/OQYvh3qbdVUGXNJElWUSfe3EzBkhbJoBgCLcBGAsYHQ/s0/ 112 KB
113 KB 36ms
8ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-223c8ihY4ng/YKo2QttFl5I/AAAAAAAERVo/OQYvh3qbdVUGXNJElWUSfe3EzBkhbJoBgCLcBGAsYHQ/s0/0000.jpg

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1f30668d168a961d3bd50f90e1fb2d2f5509727f6c031f8ae505a91390ce4a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:03:34 GMT
x-content-type-options: nosniff
age: 788
content-disposition: inline;filename="0000.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114972
x-xss-protection: 0
server: fife
etag: "v4459a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 31 Dec 2021 12:07:14 GMT

GET
H2 200 000.jpg
3.bp.blogspot.com/-ZZZnVi1qM2Q/XHJqGz6qGgI/AAAAAAAAj5U/gH8a6efc7Ogud1n55YpVPZV88yvRmHGxACLcBGAs/s1600/ 107 KB
108 KB 37ms
8ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ZZZnVi1qM2Q/XHJqGz6qGgI/AAAAAAAAj5U/gH8a6efc7Ogud1n55YpVPZV88yvRmHGxACLcBGAs/s1600/000.jpg

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ca65f0a074adaf42dc360142ac1db0dfac430072c7b47f08d43e1b22c3d538f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 11:54:15 GMT
x-content-type-options: nosniff
age: 8547
content-disposition: inline;filename="000.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109888
x-xss-protection: 0
server: fife
etag: "v8ff8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 30 Dec 2021 18:57:59 GMT

GET
H2 200 0000.jpg
1.bp.blogspot.com/-zcHRy9uJixU/YOEsTS-mZWI/AAAAAAAEnFE/PHu-0mCK630j3d8KjyDQm9jr0TvoMqXVACLcBGAsYHQ/s0/ 128 KB
129 KB 74ms
46ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-zcHRy9uJixU/YOEsTS-mZWI/AAAAAAAEnFE/PHu-0mCK630j3d8KjyDQm9jr0TvoMqXVACLcBGAsYHQ/s0/0000.jpg

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

503df480dce721897f3ea512b5d4c829451b175cebed5ff0e519327f39cb62dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="0000.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131580
x-xss-protection: 0
server: fife
etag: "v49c89"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 24 Dec 2021 08:50:57 GMT

GET
H2 200 0000.jpg
1.bp.blogspot.com/-7hK-MQw4RLw/X_lGIZdxoSI/AAAAAAADbgQ/SzHVhDRDAowUUMgBGyW3mJ41Jdj1zdLpACLcBGAsYHQ/s0/ 110 KB
110 KB 72ms
44ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7hK-MQw4RLw/X_lGIZdxoSI/AAAAAAADbgQ/SzHVhDRDAowUUMgBGyW3mJ41Jdj1zdLpACLcBGAsYHQ/s0/0000.jpg

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

072ab8ad67cc64e1f073368fa0b933847922345a2d23dc7cd5db69094feb9338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="0000.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112971
x-xss-protection: 0
server: fife
etag: "v36e4b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 24 Dec 2021 03:40:19 GMT

GET
H2 200 0000.jpg
1.bp.blogspot.com/-89rJLxgJU3k/YEd35ujooYI/AAAAAAAD2S4/evgDsjGpc888mKkYmvA4XrfUxfllhzQIwCLcBGAsYHQ/s0/ 116 KB
117 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-89rJLxgJU3k/YEd35ujooYI/AAAAAAAD2S4/evgDsjGpc888mKkYmvA4XrfUxfllhzQIwCLcBGAsYHQ/s0/0000.jpg

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7450d9cf728fca20a91f63e5553d7f5963dc846a82b871de02d289d53c65972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 13:46:24 GMT
x-content-type-options: nosniff
age: 1818
content-disposition: inline;filename="0000.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119229
x-xss-protection: 0
server: fife
etag: "v3d99b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 20 Dec 2021 20:27:44 GMT

GET
H3 200 rocket-loader.min.js Show response
www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 24ms
24ms Script
application/javascript 2606:4700:3030::ac43:8601
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:8601 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 26 Dec 2021 13:15:20 GMT
server: cloudflare
etag: W/"61c86ae8-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LorDvagLSVWKaSlYjPR4OakGmerYKwFnKSF%2BnHVEuOs%2BgIAtWcy9uW0ZlGG%2FAOeaOCu1RQ8pDYySFnWrkwSaTkjidfP47YksJub5UWeOONHMksHRbxjwohHgIJk9uK7rE0piGRY%2B6SzjjhCX2DI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c7cd8afee343760-MXP
vary: Accept-Encoding
expires: Wed, 05 Jan 2022 14:16:42 GMT

GET
H3 200 navigation.js Show response
www.ilovexs.com/js/ 3 KB
2 KB 34ms
34ms Script
application/javascript 2606:4700:3030::ac43:8601
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovexs.com/js/navigation.js
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8601 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4177a37ba326ef0d2c1fd93de5d6f069bf403c190f35f027bdb35f09120dd077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5118
cf-polished: origSize=4106
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 03 Nov 2021 16:47:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZqXOQVG13nLy4FcWadHbKV3FcHmO9td1zqJgRYI2bJGVzwoeIitnjBrzAZJsrWOCnQznHuwqcH5QESO8SE%2BSNSqfrVjiw%2FiCmjlWcf%2FNmAlQJRpR5dkpnzZz7A4UC7zTUFYYAF4B1XoLmyjC7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6c7cd8b01eb33760-MXP
cf-bgj: minify

GET
H3 200 superfish.js Show response
www.ilovexs.com/js/ 5 KB
3 KB 33ms
33ms Script
application/javascript 2606:4700:3030::ac43:8601
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovexs.com/js/superfish.js
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8601 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f91a8a3fac0e4eca09ccbbab0309056c505ac353c39a756b0a40f124629166a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5118
cf-polished: origSize=10802
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 03 Nov 2021 16:47:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ba2GXPgKXTK02DDg2trQL7JsozXGUVdBRpLRfo%2BM5B5VOuRo5yVMuyVYxCQBCLxlg3ZoJu1HgOM1me%2BhIsDwawACe6dA5aqjN1qwmuuN5bvzi3XJI0qx3L5IKSypeDqiz4PxhBFjpX8KAAl5Vns%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6c7cd8b01eb73760-MXP
cf-bgj: minify

GET
H3 200 theia-sticky-sidebar.js Show response
www.ilovexs.com/js/ 8 KB
3 KB 32ms
31ms Script
application/javascript 2606:4700:3030::ac43:8601
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovexs.com/js/theia-sticky-sidebar.js
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8601 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf721f027b07e888722d6e7d1b0e356d7eda3652728fa85ad8c95cf6e09ef47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5118
cf-polished: origSize=8983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 03 Nov 2021 16:47:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTyD%2FWo5cfsmbTEsXDQMJnPgxw3GV5E6YRR1Fd7G7SyhyPwQe2z9J0e0fRC1XoICJabMQR6Qsm5ET%2BS7TVQ02CxNOrWomGj017wXqpKO3lyy9wsMr9B%2BSW2DU%2BQETopyzqDnhNwS3UVmIxCt6kI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6c7cd8b01eb83760-MXP
cf-bgj: minify

GET
H3 200 detectmobilebrowser.js Show response
www.ilovexs.com/js/ 2 KB
2 KB 45ms
42ms Script
application/javascript 2606:4700:3030::ac43:8601
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovexs.com/js/detectmobilebrowser.js
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8601 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbc4d45480053fdaacb8b61331ed2c2117a92b380edde10a1baa4f5d9553eb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 16:47:59 GMT
server: cloudflare
age: 5118
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ioj8OTEe%2FCnLb%2FgEcde2%2FHfiaT0yS6gVhrAPqdeo8YGHdq8edX6EkvDqB0Vks1PW2%2B70P51F2Z9G3oC0i5b%2B9fvcXGbReQSuknoJFkgbTW1CiLtsVU%2BeG5bu2T%2B4BEqmn2qv2Vr%2BKjSLzYN86zA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c7cd8b01eba3760-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H/1.1 200
OK ads.js Show response
a.realsrv.com/ 2 KB
1 KB 52ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ads.js
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 14:16:42 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"4efa5de1947fe4ce90cf10992fa"
X-HW: 1641219402.dop215.fr8.t,1641219402.cds010.fr8.shn,1641219402.cds010.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 961

GET
H/1.1 200
OK js.php Show response
a.realsrv.com/ 5 KB
2 KB 63ms
11ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/js.php?t=17&idzone=4270810
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 6182db5be8c1693fdcbdb10ae20fd9098ecf42cecd38e06c406ac08a824eb713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 14:16:42 GMT
Content-Encoding: gzip
Server: nginx
X-HW: 1641219402.dop215.fr8.t,1641219402.cds010.fr8.shn,1641219402.dop215.fr8.t,1641219402.cds288.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1871

GET
H2 200 adManager.js Show response
cst.cstwpush.com/static/ 451 B
598 B 109ms
9ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.cstwpush.com/static/adManager.js
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 03 Jan 2022 15:16:42 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 jquery-3.5.1.min.js Show response
www.ilovexs.com/js/ 87 KB
32 KB 1282ms
1279ms Script
application/javascript 2606:4700:3030::ac43:8601
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ilovexs.com/js/jquery-3.5.1.min.js
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8601 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 16:47:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIUE1dCoxnJQVGysPwC2YCPxQ6KyMA9P8XC9y2g7OAxNz3%2BIDJVt1TY%2BDx8z85cf%2FMaCRR0QHPy6qRMap78z5MGU01aQqoP9lJ1CdoadkHf%2FshVuPBTah5QkNJ%2B%2Fn1WrkbM4aEfJVzVMW1RPMe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c7cd8b02ec13760-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
61 KB 77ms
40ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L06WTLD73Y

Requested by

Host: www.ilovexs.com
URL: https://www.ilovexs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47b36a4486f7041dbc93cbc888c62d906fc386128de696b8b2418ad7d53501ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61854
x-xss-protection: 0
expires: Mon, 03 Jan 2022 14:16:42 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
347 B 36ms
13ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-L06WTLD73Y&gtm=2oec10&_p=1496598663&sr=1600x1200&ul=en-us&cid=1681522487.1641219402&_s=1&dl=https%3A%2F%2Fwww.ilovexs.com%2F&dt=NongMo.Zone&sid=1641219402&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L06WTLD73Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ilovexs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 14:16:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ilovexs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 76 KB
29 KB 30ms
8ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 334cc3c08c0a394a62c65ceb78f997df7f3e660ddeeadf82544759c228cb896a

Request headers

Referer: https://www.ilovexs.com/
Origin: https://www.ilovexs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:43 GMT
content-encoding: gzip
last-modified: Fri, 24 Dec 2021 06:57:04 GMT
server: nginx/1.18.0
etag: W/"61c56f40-131af"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 03 Jan 2022 15:16:43 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H/1.1 200
OK ads-iframe-display.php Show response
syndication.realsrv.com/ Frame 21D7 3 KB
2 KB 69ms
35ms Document
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4270810&type=300x250&p=https%3A//www.ilovexs.com/&dt=1641219403570&sub=&tags=&screen_resolution=1600x1200&sticky=1&cookieconsent=true
Requested by: Host: a.realsrv.com
URL: https://a.realsrv.com/js.php?t=17&idzone=4270810
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Leidschendam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: dc46f48ae4e866017e25f4fcf28f7d4ad57ac8253296736742be0140a2c09c51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/

Response headers

Server: nginx
Date: Mon, 03 Jan 2022 14:16:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip

GET
H2 200 close-icon-circle.png
s3t3d2y7.ackcdn.net/images/ 405 B
625 B 538ms
175ms Image
image/png 2a02:3d0:623:a000::8
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3t3d2y7.ackcdn.net/images/close-icon-circle.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:3d0:623:a000::8 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software: nginx /
Resource Hash: 94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:44 GMT
last-modified: Mon, 25 Oct 2021 10:25:47 GMT
server: nginx
age: 32171
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 405
x-llid: a8e0065bf899fbd1286e31b6b9c369b7
expires: Tue, 03 Jan 2023 05:20:33 GMT

GET ads-iframe-display.php
syndication.realsrv.com/ Frame FBD4 0
0

GET
H/1.1 200
OK ads-iframe-display.php Show response
syndication.realsrv.com/ Frame C76C 3 KB
2 KB 39ms
28ms Document
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4214752&type=300x250&p=https%3A//www.ilovexs.com/&dt=1641219403573&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by: Host: www.ilovexs.com
URL: https://www.ilovexs.com/js/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Leidschendam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: fbbd872c21488971dddcdb7e93278dfc6944c42f90cfa79147575c45a9bd4910

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/

Response headers

Server: nginx
Date: Mon, 03 Jan 2022 14:16:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip

GET
H2 200 4526 Show response
na.nawpush.com/tags/ 2 KB
1 KB 66ms
28ms XHR
application/json 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/4526
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 5facd1518a0a9ce183c27747ce703e3912cce718e7dcfd3051e46ec6de135910

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Jan 2022 14:16:43 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: EXPIRED

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
239 B 26ms
11ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:43 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 03 Jan 2022 15:16:43 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 206 e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
s3t3d2y7.ackcdn.net/library/348620/ Frame C76C 51 KB
51 KB 570ms
344ms Media
video/mp4 2a02:3d0:623:a000::8
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://s3t3d2y7.ackcdn.net/library/348620/e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
Requested by: Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4214752&type=300x250&p=https%3A//www.ilovexs.com/&dt=1641219403573&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:3d0:623:a000::8 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software: nginx /
Resource Hash: 65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645

Request headers

Referer: https://syndication.realsrv.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 03 Jan 2022 14:16:44 GMT
last-modified: Thu, 26 Mar 2020 22:21:37 GMT
server: nginx
age: 7097
content-type: video/mp4
Content-Range: bytes 0-51899/51900
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 51900
x-llid: cd5a15e173704ad83592994b384eaf61
expires: Tue, 03 Jan 2023 12:18:27 GMT

GET
H2 206 e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
s3t3d2y7.ackcdn.net/library/348620/ Frame 21D7 51 KB
51 KB 389ms
179ms Media
video/mp4 2a02:3d0:623:a000::8
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://s3t3d2y7.ackcdn.net/library/348620/e8aaab4a625fd907267c943d0f63fac665d814ee.mp4
Requested by: Host: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4270810&type=300x250&p=https%3A//www.ilovexs.com/&dt=1641219403570&sub=&tags=&screen_resolution=1600x1200&sticky=1&cookieconsent=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:3d0:623:a000::8 , United States, ASN22822 (LLNW, US),
Reverse DNS
Software: nginx /
Resource Hash: 65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645

Request headers

Referer: https://syndication.realsrv.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 03 Jan 2022 14:16:44 GMT
last-modified: Thu, 26 Mar 2020 22:21:37 GMT
server: nginx
age: 7097
content-type: video/mp4
Content-Range: bytes 0-51899/51900
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 51900
x-llid: e0c02e9958ef41d72d1eb8966a011078
expires: Tue, 03 Jan 2023 12:18:27 GMT

GET
H2 200 track Show response
3b927b608b.583d46135c.com/in/ 0
199 B 62ms
33ms XHR
text/plain 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://3b927b608b.583d46135c.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDgyNTUzODA0ODU5MzQyNDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjE0LjAiLCJ0YWdfaWQiOjQ1MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MH0=
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 14:16:43 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 native.m.js Show response
js.natsdk.com/npc/sdk/ 40 KB
14 KB 32ms
8ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.natsdk.com/npc/sdk/native.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e4f72453d2dbf2ebebb93b6120b94e6f0a2782ec8a9568498a67c5edb3ba9a68

Request headers

Referer: https://www.ilovexs.com/
Origin: https://www.ilovexs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:43 GMT
content-encoding: gzip
last-modified: Thu, 30 Dec 2021 12:44:54 GMT
server: nginx/1.18.0
etag: W/"61cda9c6-9f8d"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 03 Jan 2022 15:16:43 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 push.m.js Show response
js.wpshsdk.com/npc/sdk/ 54 KB
20 KB 29ms
8ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4720daad8daba83ee3b0e5e453f6b9d6d021b2ed5ef662c7dd801998c133b96d

Request headers

Referer: https://www.ilovexs.com/
Origin: https://www.ilovexs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:43 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 08:34:55 GMT
server: nginx/1.18.0
etag: W/"612f3b2f-d82f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 03 Jan 2022 15:16:43 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 npush.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 69 KB
23 KB 32ms
8ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 768075d51aca5301283da7d19e342b14d7b26ae4bc758e34ba718f72259d522e

Request headers

Referer: https://www.ilovexs.com/
Origin: https://www.ilovexs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:43 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 13:58:58 GMT
server: nginx/1.18.0
etag: W/"61cc69a2-1125a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 03 Jan 2022 15:16:43 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 13 KB
5 KB 29ms
6ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:43 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:05:52 GMT
server: nginx/1.18.0
etag: W/"617aae40-32b9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 03 Jan 2022 15:16:43 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 25 KB
10 KB 30ms
6ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e0b5a4c5a222720eb46c0effe46b2ed52f24f427d99227445011150b4b4b70db

Request headers

Referer: https://www.ilovexs.com/
Origin: https://www.ilovexs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:43 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 13:38:49 GMT
server: nginx/1.18.0
etag: W/"61cb1369-648a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 03 Jan 2022 15:16:43 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2

200

ls Show response
stream.bantgoau.com/yt/ Frame F700
Redirect Chain

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiNDI4MzQzNjQ5Iiw...
https://rtbbnr.com/banner/in/show/?mid=987596396&pid=0&site=11412&sc=DE&usage_type=DCH&subid=428343649&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=&crtid=d41d8cd98f00b204e9800998ecf8...
https://tcimp.zog.link/in/banners?katds_ep=f6RpCUsIoy05uINtxm8bTSReIJdvA1fC2nlglZsBnP9HDAFzwBxa_AjZ_iDdR8vO3iMB0cQVg8edW7UQBWGJuvmtsD4On5WLmhhursvMtAYSoowU0Bum8R0VVoJCo2bkJmZo4x2TeYowgbInPINsKUnz-D...
https://tb.baimgfroggd.site/in/1816/?user_id=eb9d2febbe40555d02d3583ba9df566827bcca2c&bid=0.042350&katds_labels=&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%2...

8 KB
4 KB

85ms
53ms

Document
text/html

2606:4700:3033::ac43:b8ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b8ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3535d804b97ae8c2b9724e2f67feaf0a924a63459acf8a4e604820048cfe8245

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/

Response headers

date: Mon, 03 Jan 2022 14:16:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ulbk6UBT4vUiqO991FNax5G9bq1jTqLglsPphHD9BLj%2FMpvgyWxAujZIFU7s6gtU9ETPP5%2BXaK33vR5vCEMqGFvlJFCsxA%2BRjg35iK0pyKHXCrKOJtqGf4Dsq1RzRtz9cUse5a0Pl6qWo8wdbBfKYAm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c7cd8bb6872d6f1-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server: nginx/1.17.2
date: Mon, 03 Jan 2022 14:16:44 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 dip Show response
nereserv.com/in/ 0
193 B 335ms
305ms XHR
text/plain 168.119.25.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=63c772c2-be23-4c85-8a4b-f3f1915e94d2&subid=1504098403&sid=411500999&spot_id=5152&created_at=2022-01-03&timezone=0&ver=5.1.0&is_native=1
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.22.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 14:16:44 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 multy Show response
ntvpinp.com/in/ 2 KB
2 KB 1348ms
1319ms XHR
application/json 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ntvpinp.com/in/multy?wl=1&event_id=63c772c2-be23-4c85-8a4b-f3f1915e94d2&subid=1504098403&sid=411500999&spot_id=5152&created_at=2022-01-03&timezone=0&ver=5.1.0&is_native=1&tcid=0&site=native-push&screen_resolution=1600x1200&format=default-slide-t_l-body&adblock=0&testab=0&timezone_olson=Etc%2FUnknown&after_video=0&tu=1&mm=0&default=1
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f1db7670fd96ee8f163c77e7e3a574be9f51ecabe6a02073f5f0659ea2446b01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 14:16:45 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2304

GET
H3 200 bundle9.js Show response
stream.bantgoau.com/files/ytls/ Frame F700 2 MB
606 KB 84ms
45ms Script
application/javascript 2606:4700:3033::ac43:b8ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/bundle9.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b8ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4485344fca7090513e73c436fdf19da7ac01d1a9a452619e1e61df70d80a1cfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:44 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 30 Dec 2021 08:11:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMtFALL6TVo42qBe8%2FdEX1k%2FB9f%2BBvoVHIPbpUD4g4%2FK4EoKqCpR9qntnivSbJGVKumOItP3vfBPfIHZxGtowaDkG06Ck6ZXx%2BU6r6sm%2Fzhu6YhvXxObNgY8rYgago34fESQkN8t9wQlXaHKLawm7cax"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6c7cd8bc1d26374a-MXP
expires: Mon, 03 Jan 2022 18:16:44 GMT

GET
H2 200 VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
lh3.googleusercontent.com/ Frame F700 39 KB
39 KB 36ms
8ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 10:43:19 GMT
x-content-type-options: nosniff
age: 12805
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39552
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 04 Jan 2022 10:43:19 GMT

GET
H2 200 / Show response
vs.bantgoau.com/sts/ Frame F700 2 B
229 B 72ms
20ms XHR
application/json 2a02:128:7:4777::1
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14&type=impression&g_referer=https://www.ilovexs.com
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4777::1 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Jan 2022 14:16:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
content-type: application/json

GET
H3 200 bundle10.js Show response
stream.bantgoau.com/files/ytls/ Frame 5904 165 KB
62 KB 30ms
29ms Script
application/javascript 2606:4700:3033::ac43:b8ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/bundle10.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b8ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d85f2227d76f98e2980a6e3f5c6d22e7ba9a6e89d681c5be9d92604395ba7ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cf-ray: 6c7cd8bfcd44374a-MXP
date: Mon, 03 Jan 2022 14:16:44 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 30 Dec 2021 08:11:42 GMT
server: cloudflare
age: 2760
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbVEbRr4aqvvuuFg3AFx7iDFRDN772KwFzJY0pYDr1WpVZK1OnzODyBGuSmkNLr4aIO99uEoYh7KUv4KTzkqtqx%2FXExVQVWVP5zvUe7KZvidVwP83dtRJdBpUQCB%2BdCIdrnTgqpYnjnsV8ei%2B%2Bui8N3j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 styles.css
js.wpshsdk.com/npc/sdk/push/ 2 KB
1 KB 20ms
6ms Stylesheet
text/css 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/push/styles.css
Requested by: Host: js.wpshsdk.com
URL: https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1530691d7096753c4a33ff3d11be983fbec896774cffe9a3555c2c81e6f18906

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:44 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:33:19 GMT
server: nginx/1.18.0
etag: W/"5f10b98f-843"
content-type: text/css
access-control-allow-origin: *
expires: Mon, 03 Jan 2022 15:16:44 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 subscription-offers
notification.tubecup.net/in/ 0
193 B 48ms
12ms Image
text/plain 88.198.204.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fwww.ilovexs.com%2F&tcid=0&spot_id=2159&site=tcpublisher&source_id=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.204.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-204-168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.ilovexs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 14:16:44 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dacaa045e8c49aa1c688ba2cb6e436a0b180a96971d8ca842f7948cc7d2ca08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A471 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET DE_147f3c21306505f61a7439bc9ada72f6770c3ef2.webp
static.bookmsg.com/creatives/DE/ Frame A471 0
0

GET
DATA 200
OK truncated
/ Frame A471 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET

DE_147f3c21306505f61a7439bc9ada72f6770c3ef2_icon.webp
static.bookmsg.com/creatives/DE/ Frame A471
Redirect Chain

https://puwpush.com/popunder/in/show/?mid=1931268693&pid=0&site=native-push&sc=DE&usage_type=DCH&subid=1504098403&sid=411500999&cid=10289&price=0&is_cpm=1&cpm=1.9&ecpm=1.9&crid=&crtid=d41d8cd98f00b...
https://static.bookmsg.com/creatives/DE/DE_147f3c21306505f61a7439bc9ada72f6770c3ef2_icon.webp

0
0

GET
H2 200 url Show response
www.google.com/ Frame 7F73 603 B
1 KB 57ms
35ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/dv0rhR0J8RE%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

89b6b338b14874cc910edc44bac77b895acac4af34996876fbee5c2e10e3e2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/

Response headers

location: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
bfcache-opt-in: unload
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Mon, 03 Jan 2022 14:16:45 GMT
server: gws
content-length: 603
x-xss-protection: 0
expires: Mon, 03 Jan 2022 14:16:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dv0rhR0J8RE Show response
www.youtube.com/embed/ Frame 7F73 60 KB
25 KB 113ms
75ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Requested by

Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/dv0rhR0J8RE%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f39eb4f08d4124b429c13828d289f2b4b6bb3badde2ddd23f7464944b301f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Jan 2022 14:16:45 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8da38e9a/ Frame 7F73 338 KB
46 KB 23ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 23:28:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47369
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 31 Dec 2022 23:28:08 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/ Frame 7F73 226 KB
73 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0496ff7b5e02ba5dcf004405c2b4eba9e66d7a89002346aa17ea3c1b4311806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 01 Jan 2022 11:29:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 182811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74819
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 01 Jan 2023 11:29:54 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame 7F73 2 MB
528 KB 33ms
18ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d4a5a8296ca52691fde29abc2b8cd81c06ce8717a4b703ef1221bcd01e1d8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 23:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 540837
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 31 Dec 2022 23:22:04 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8da38e9a/fetch-polyfill.vflset/ Frame 7F73 8 KB
3 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 17:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 02 Jan 2023 17:33:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7F73 15 KB
16 KB 36ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 508204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 17:06:41 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 7F73
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

30ms
15ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd05c9a1d48f057b0e10c4cb45f8a1285dd37afbf3db3214450d132465bee87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 03 Jan 2022 14:16:45 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 7F73 29 B
587 B 29ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:12:14 GMT
x-content-type-options: nosniff
age: 271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Jan 2022 14:27:14 GMT

GET
H3 200 a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js Show response
www.google.com/js/th/ Frame 7F73 35 KB
13 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 07:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 369272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Dec 2022 07:42:13 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame 7F73 26 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71f4a6b13f5d5b9c56c3c3e769b5914c7e5738b295477d9c42caa75101a1ec06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 23:22:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 31 Dec 2022 23:22:05 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 7F73 42 KB
17 KB 94ms
94ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c91a28c30f3008cc4448f575c060dd33b7fa4cf96bee906cefdef6903fc75b2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211215.00.01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Goog-Visitor-Id: CgtiRmh6ZkZQS29hUSjNisyOBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 03 Jan 2022 14:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17414
x-xss-protection: 0
expires: Mon, 03 Jan 2022 14:16:45 GMT

GET
DATA 200
OK truncated
/ Frame 7F73 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 IazWlj5oCdX6-bEBM_7wohaqH1WW0vu1o3HpBuAECvOiWbOICsxhLRxvbSf_ScI40-vbBlLM=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 7F73 2 KB
2 KB 31ms
8ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/IazWlj5oCdX6-bEBM_7wohaqH1WW0vu1o3HpBuAECvOiWbOICsxhLRxvbSf_ScI40-vbBlLM=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

def18b47bfd16f80c02cd967ecfc4617f995d3c5dee360ec0dc875d598a85662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 11:01:30 GMT
x-content-type-options: nosniff
age: 11715
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1765
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 03 Jan 2022 23:01:25 GMT

GET
DATA 200
OK truncated
/ Frame 7F73 181 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
www.youtube.com/ Frame 7F73 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?8LwRIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 7F73 0
19 B 16ms
15ms Ping
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=134&afmt=140&cpn=8lRMER_M2ub8cyfn&el=embedded&ns=yt&fexp=23748146%2C23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082661%2C24102119%2C24129402%2C24141079%2C24146886&cl=417053486&live=live&seq=1&docid=dv0rhR0J8RE&ei=TQXTYfi7LrTNx_AP-ZytmAE&event=streamingstats&plid=AAXUriuuRqMAv-GU&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211215.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.005:B,0.138:S,0.146:S,0.146:S&cmt=0.005:0.000,0.138:0.000,0.146:0.000&afs=0.145:140::i&vfs=0.146:134:134::r&view=0.146:1:1&bwe=0.146:130000&bat=0.146:1:1&vis=0.146:0&bh=0.146:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 14:16:45 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame 7F73 94 KB
29 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc328eeaf800bfc497c691f3d92a67891dc61368e72111f0c1a02c7fe37d702b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 23:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29815
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 31 Dec 2022 23:23:27 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame 7F73 26 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca185fed52b6af350217cbc26b4f18e7beca958d9b659ba14383f2a7959ac1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 23:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7219
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 31 Dec 2022 23:23:48 GMT

GET
H3 200 heartbeat.js Show response
www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/ Frame 7F73 27 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/heartbeat.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e14500240450bdab78c4481b2057686d9bdae51b513e359918d17ecb673060a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 23:31:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 225889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9247
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 31 Dec 2022 23:31:56 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 7F73 66 KB
6 KB 213ms
213ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ab54909b000df1d3c74b7ef4e3af1f3369b317e90d9e87bdf7de0aa77cbb4af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211215.00.01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Goog-Visitor-Id: CgtiRmh6ZkZQS29hUSjNisyOBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 03 Jan 2022 14:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5875
x-xss-protection: 0
expires: Mon, 03 Jan 2022 14:16:46 GMT

GET
H/1.1 200
OK videoplayback Show response
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 60 KB
61 KB 51ms
7ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1641241005&ei=TQXTYfi7LrTNx_AP-ZytmAE&ip=2001%3Aac8%3A36%3A6%3A207%3A%3A1&id=dv0rhR0J8RE.1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C298%2C299&source=yt_live_broadcast&requiressl=yes&hcs=ir%2C&mh=0A&mm=44%2C29&mn=sn-4g5edn6r%2Csn-4g5e6nzl&ms=lva%2Crdu&mv=m&mvi=2&pl=48&rmhost=rr3---sn-4g5edn6r.googlevideo.com%2C&initcwndbps=381250&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fmp4&ns=ndlOjLv0SctrzL4WTLZrmK4G&gir=yes&mt=1641218918&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=OzswQpLk_qbWMw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhALeJL6HXxYITwdxhZC7hw-wIW2VrLpOXhF9UVxlwM39qAiB9Z5XydvtuhRvKbtYfyOFr5DQINgdUtqcCUcz7tmc8dg%3D%3D&lsparams=hcs%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crmhost%2Cinitcwndbps&lsig=AG3C_xAwRAIgMtGLc7TqlxReS1yWyWu5AbTY69cF__lrIa3YR8xWyYQCIB5vv9_YFeU4yfZW-2_02b-V52KmlYFaibtXOOAQEC5Z&alr=yes&cpn=8lRMER_M2ub8cyfn&cver=1.20211215.00.01&headm=3&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5752cdcff8bac255ff1a7f2cf0fc68cba9240d2a468d6a0fca0b707ad5e7ea1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Sequence-Num: 35002
Date: Mon, 03 Jan 2022 14:16:45 GMT
X-Content-Type-Options: nosniff
X-Segment-Lmt: 1641149394058265
X-Bandwidth-Est: 57891373
X-Bandwidth-App-Limited: false
Cross-Origin-Resource-Policy: cross-origin
X-Bandwidth-Est2: 15770234
Connection: keep-alive
X-Walltime-Ms: 1641219405936
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 61440
X-Bandwidth-Est3: 16076403
Pragma: no-cache
X-Bandwidth-Est-Comp: 15770234
Last-Modified: Sun, 02 Jan 2022 18:49:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
X-Head-Time-Sec: 70009
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Head-Seqnum: 35005
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Head-Time-Millis: 70009767
X-Bandwidth-Est-App-Limited: false
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 42 KB
44 KB 51ms
8ms XHR
audio/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1641241005&ei=TQXTYfi7LrTNx_AP-ZytmAE&ip=2001%3Aac8%3A36%3A6%3A207%3A%3A1&id=dv0rhR0J8RE.1&itag=140&source=yt_live_broadcast&requiressl=yes&hcs=ir%2C&mh=0A&mm=44%2C29&mn=sn-4g5edn6r%2Csn-4g5e6nzl&ms=lva%2Crdu&mv=m&mvi=2&pl=48&rmhost=rr3---sn-4g5edn6r.googlevideo.com%2C&initcwndbps=381250&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ndlOjLv0SctrzL4WTLZrmK4G&gir=yes&mt=1641218918&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=OzswQpLk_qbWMw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhALCBmRQkLo63o2TjckmHxXAdXOQ7Pk7paJfkbiON7NtMAiEA4jYx0IYB_oO7TcB7iZn2uj5vef1u35U5uSx-UtmkBTM%3D&lsparams=hcs%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crmhost%2Cinitcwndbps&lsig=AG3C_xAwRAIgMtGLc7TqlxReS1yWyWu5AbTY69cF__lrIa3YR8xWyYQCIB5vv9_YFeU4yfZW-2_02b-V52KmlYFaibtXOOAQEC5Z&alr=yes&cpn=8lRMER_M2ub8cyfn&cver=1.20211215.00.01&headm=3&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f2c796dc1175da38a31c0a3f8743974c90e5e5cb04dde429586e062df54e3ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Sequence-Num: 35002
Date: Mon, 03 Jan 2022 14:16:45 GMT
X-Content-Type-Options: nosniff
X-Segment-Lmt: 1641149394058261
X-Bandwidth-Est: 53609467
X-Bandwidth-App-Limited: false
Cross-Origin-Resource-Policy: cross-origin
X-Bandwidth-Est2: 14484412
Connection: keep-alive
X-Walltime-Ms: 1641219405937
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 43172
X-Bandwidth-Est3: 13844538
Pragma: no-cache
X-Bandwidth-Est-Comp: 14484412
Last-Modified: Sun, 02 Jan 2022 18:49:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/mp4
Access-Control-Allow-Origin: https://www.youtube.com
X-Head-Time-Sec: 70009
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Head-Seqnum: 35005
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Head-Time-Millis: 70009767
X-Bandwidth-Est-App-Limited: false
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 7F73 4 KB
3 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Jan 2022 14:16:45 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame 7F73 52 KB
15 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 10:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 04 Jan 2022 10:32:55 GMT

GET
H3 200 videoplayback Show response
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 52 KB
52 KB 17ms
7ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7346d39f770d0e098cc8771c0a3d6509972e48b60b0bdd30be6259b591776298

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-sequence-num: 35003
date: Mon, 03 Jan 2022 14:16:46 GMT
x-content-type-options: nosniff
x-segment-lmt: 1641149394058281
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 844669
x-walltime-ms: 1641219406000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52985
x-bandwidth-est3: 1492570
x-bandwidth-est-comp: 844669
client-protocol: quic
last-modified: Sun, 02 Jan 2022 18:49:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 70009
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
x-head-seqnum: 35005
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 70009767
x-bandwidth-est-app-limited: false
expires: Mon, 03 Jan 2022 14:16:46 GMT

GET
H3 200 videoplayback Show response
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 65 KB
65 KB 17ms
11ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

bb8fd75b4bfdfe66efe86f2f9ec8d304e443307eedd633f47ae68bffffd86749

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-sequence-num: 35004
date: Mon, 03 Jan 2022 14:16:46 GMT
x-content-type-options: nosniff
x-segment-lmt: 1641149394058293
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 844669
x-walltime-ms: 1641219406000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66481
x-bandwidth-est3: 1492570
x-bandwidth-est-comp: 844669
client-protocol: quic
last-modified: Sun, 02 Jan 2022 18:49:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 70009
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
x-head-seqnum: 35005
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 70009767
x-bandwidth-est-app-limited: false
expires: Mon, 03 Jan 2022 14:16:46 GMT

GET
H3 200 videoplayback Show response
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 42 KB
42 KB 20ms
14ms XHR
audio/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1641241005&ei=TQXTYfi7LrTNx_AP-ZytmAE&ip=2001%3Aac8%3A36%3A6%3A207%3A%3A1&id=dv0rhR0J8RE.1&itag=140&source=yt_live_broadcast&requiressl=yes&hcs=ir%2C&mh=0A&mm=44%2C29&mn=sn-4g5edn6r%2Csn-4g5e6nzl&ms=lva%2Crdu&mv=m&mvi=2&pl=48&rmhost=rr3---sn-4g5edn6r.googlevideo.com%2C&initcwndbps=381250&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ndlOjLv0SctrzL4WTLZrmK4G&gir=yes&mt=1641218918&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=OzswQpLk_qbWMw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhALCBmRQkLo63o2TjckmHxXAdXOQ7Pk7paJfkbiON7NtMAiEA4jYx0IYB_oO7TcB7iZn2uj5vef1u35U5uSx-UtmkBTM%3D&lsparams=hcs%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crmhost%2Cinitcwndbps&lsig=AG3C_xAwRAIgMtGLc7TqlxReS1yWyWu5AbTY69cF__lrIa3YR8xWyYQCIB5vv9_YFeU4yfZW-2_02b-V52KmlYFaibtXOOAQEC5Z&alr=yes&cpn=8lRMER_M2ub8cyfn&cver=1.20211215.00.01&sq=35003&rn=5&rbuf=1897

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

52b2060d6bff719b4b0be496d1e8132f221dfca1c7f6d2d9f4ee54f2d6b46f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-sequence-num: 35003
date: Mon, 03 Jan 2022 14:16:46 GMT
x-content-type-options: nosniff
x-segment-lmt: 1641149394058275
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 844669
x-walltime-ms: 1641219406000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43329
x-bandwidth-est3: 1375909
x-bandwidth-est-comp: 844669
client-protocol: quic
last-modified: Sun, 02 Jan 2022 18:49:54 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 70009
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
x-head-seqnum: 35005
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 70009767
x-bandwidth-est-app-limited: false
expires: Mon, 03 Jan 2022 14:16:46 GMT

GET
H3 200 videoplayback Show response
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 42 KB
42 KB 24ms
19ms XHR
audio/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1641241005&ei=TQXTYfi7LrTNx_AP-ZytmAE&ip=2001%3Aac8%3A36%3A6%3A207%3A%3A1&id=dv0rhR0J8RE.1&itag=140&source=yt_live_broadcast&requiressl=yes&hcs=ir%2C&mh=0A&mm=44%2C29&mn=sn-4g5edn6r%2Csn-4g5e6nzl&ms=lva%2Crdu&mv=m&mvi=2&pl=48&rmhost=rr3---sn-4g5edn6r.googlevideo.com%2C&initcwndbps=381250&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ndlOjLv0SctrzL4WTLZrmK4G&gir=yes&mt=1641218918&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=OzswQpLk_qbWMw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhALCBmRQkLo63o2TjckmHxXAdXOQ7Pk7paJfkbiON7NtMAiEA4jYx0IYB_oO7TcB7iZn2uj5vef1u35U5uSx-UtmkBTM%3D&lsparams=hcs%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crmhost%2Cinitcwndbps&lsig=AG3C_xAwRAIgMtGLc7TqlxReS1yWyWu5AbTY69cF__lrIa3YR8xWyYQCIB5vv9_YFeU4yfZW-2_02b-V52KmlYFaibtXOOAQEC5Z&alr=yes&cpn=8lRMER_M2ub8cyfn&cver=1.20211215.00.01&sq=35004&rn=6&rbuf=3897

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7bcb20d9b2fbebbd79043843cd7f41f08afcf27f2d110f3415c9c67be39d4cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-sequence-num: 35004
date: Mon, 03 Jan 2022 14:16:46 GMT
x-content-type-options: nosniff
x-segment-lmt: 1641149394058285
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 844669
x-walltime-ms: 1641219406001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43150
x-bandwidth-est3: 1375909
x-bandwidth-est-comp: 844669
client-protocol: quic
last-modified: Sun, 02 Jan 2022 18:49:54 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 70009
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
x-head-seqnum: 35005
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 70009767
x-bandwidth-est-app-limited: false
expires: Mon, 03 Jan 2022 14:16:46 GMT

GET
H3 200 videoplayback Show response
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 84 KB
84 KB 16ms
15ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0b119a7aad6573d63c667d454b59ce53e9aba976158685ff308c87edbe51d6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-sequence-num: 35005
date: Mon, 03 Jan 2022 14:16:46 GMT
x-content-type-options: nosniff
x-segment-lmt: 1641149394058306
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 12867821
x-walltime-ms: 1641219406037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 12867821
expires: Mon, 03 Jan 2022 14:16:46 GMT
last-modified: Sun, 02 Jan 2022 18:49:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 70009
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
x-bandwidth-est3: 1492570
x-head-seqnum: 35005
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 70009767
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H3 200 videoplayback
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 56 KB
0 877ms
876ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-sequence-num: 35006
date: Mon, 03 Jan 2022 14:16:46 GMT
x-content-type-options: nosniff
x-segment-lmt: 1641149394058318
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 12867821
x-walltime-ms: 1641219406909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 12867821
expires: Mon, 03 Jan 2022 14:16:46 GMT
last-modified: Sun, 02 Jan 2022 18:49:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 70011
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
x-bandwidth-est3: 1492570
x-head-seqnum: 35006
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 70011767
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H3 200 videoplayback Show response
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 43 KB
43 KB 42ms
42ms XHR
audio/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1641241005&ei=TQXTYfi7LrTNx_AP-ZytmAE&ip=2001%3Aac8%3A36%3A6%3A207%3A%3A1&id=dv0rhR0J8RE.1&itag=140&source=yt_live_broadcast&requiressl=yes&hcs=ir%2C&mh=0A&mm=44%2C29&mn=sn-4g5edn6r%2Csn-4g5e6nzl&ms=lva%2Crdu&mv=m&mvi=2&pl=48&rmhost=rr3---sn-4g5edn6r.googlevideo.com%2C&initcwndbps=381250&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ndlOjLv0SctrzL4WTLZrmK4G&gir=yes&mt=1641218918&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=OzswQpLk_qbWMw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhALCBmRQkLo63o2TjckmHxXAdXOQ7Pk7paJfkbiON7NtMAiEA4jYx0IYB_oO7TcB7iZn2uj5vef1u35U5uSx-UtmkBTM%3D&lsparams=hcs%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crmhost%2Cinitcwndbps&lsig=AG3C_xAwRAIgMtGLc7TqlxReS1yWyWu5AbTY69cF__lrIa3YR8xWyYQCIB5vv9_YFeU4yfZW-2_02b-V52KmlYFaibtXOOAQEC5Z&alr=yes&cpn=8lRMER_M2ub8cyfn&cver=1.20211215.00.01&sq=35005&rn=9&rbuf=5891

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cf5682357c8b76dd2055a3c30cb2d7259279da1db4163d7dbec356916cde0c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-sequence-num: 35005
date: Mon, 03 Jan 2022 14:16:46 GMT
x-content-type-options: nosniff
x-segment-lmt: 1641149394058300
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 12867821
x-walltime-ms: 1641219406076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 12867821
expires: Mon, 03 Jan 2022 14:16:46 GMT
last-modified: Sun, 02 Jan 2022 18:49:54 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 70009
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
x-bandwidth-est3: 1375909
x-head-seqnum: 35005
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 70009767
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H3 200 videoplayback
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 13 KB
0 862ms
862ms XHR
audio/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1641241005&ei=TQXTYfi7LrTNx_AP-ZytmAE&ip=2001%3Aac8%3A36%3A6%3A207%3A%3A1&id=dv0rhR0J8RE.1&itag=140&source=yt_live_broadcast&requiressl=yes&hcs=ir%2C&mh=0A&mm=44%2C29&mn=sn-4g5edn6r%2Csn-4g5e6nzl&ms=lva%2Crdu&mv=m&mvi=2&pl=48&rmhost=rr3---sn-4g5edn6r.googlevideo.com%2C&initcwndbps=381250&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ndlOjLv0SctrzL4WTLZrmK4G&gir=yes&mt=1641218918&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=OzswQpLk_qbWMw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhALCBmRQkLo63o2TjckmHxXAdXOQ7Pk7paJfkbiON7NtMAiEA4jYx0IYB_oO7TcB7iZn2uj5vef1u35U5uSx-UtmkBTM%3D&lsparams=hcs%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crmhost%2Cinitcwndbps&lsig=AG3C_xAwRAIgMtGLc7TqlxReS1yWyWu5AbTY69cF__lrIa3YR8xWyYQCIB5vv9_YFeU4yfZW-2_02b-V52KmlYFaibtXOOAQEC5Z&alr=yes&cpn=8lRMER_M2ub8cyfn&cver=1.20211215.00.01&sq=35006&rn=10&rbuf=7891

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-sequence-num: 35006
date: Mon, 03 Jan 2022 14:16:46 GMT
x-content-type-options: nosniff
x-segment-lmt: 1641149394058308
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 12867821
x-walltime-ms: 1641219406897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 12867821
expires: Mon, 03 Jan 2022 14:16:46 GMT
last-modified: Sun, 02 Jan 2022 18:49:54 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 70011
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
x-bandwidth-est3: 1375909
x-head-seqnum: 35006
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 70011767
x-bandwidth-est-app-limited: false
client-protocol: quic

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 7F73 28 B
54 B 23ms
23ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-YouTube-Client-Version: 1.20211215.00.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtiRmh6ZkZQS29hUSjNisyOBg%3D%3D
X-YouTube-Ad-Signals: dt=1641219405656&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1%2C1&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 03 Jan 2022 14:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 03 Jan 2022 14:16:46 GMT

GET
H3 204 playback
www.youtube.com/api/stats/ Frame 7F73 0
17 B 17ms
16ms Image
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=8lRMER_M2ub8cyfn&ver=2&cmt=46800.153&fmt=134&fs=0&rt=0.382&euri=https%3A%2F%2Fwww.google.com%2F&lact=404&live=live&cl=417053486&mos=1&volume=100&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211215.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=5&hl=de_DE&cr=DE&fexp=23748146%2C23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082661%2C24102119%2C24129402%2C24141079%2C24146886&rtn=7&afmt=140&lio=1641172598.625&size=1%3A1&inview=0&muted=1&docid=dv0rhR0J8RE&ei=TQXTYfi7LrTNx_AP-ZytmAE&plid=AAXUriuuRqMAv-GU&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdBdXpwNkFxV0stNE5Mb0VfUEJWX05YaUtOSElNdTExQ1hoR3JZSjI5bnJwQWJLQVBta0tESVdhNkJSSlR0clZ6M2hmcjB5LUZkaFFWeDVoNGRhQ0lCNExJRU1GX0RIcE9VbVBZaGIyVDUwd3pPclVtWlJJam9nVVBZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 14:16:46 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking
www.youtube.com/ Frame 7F73 0
19 B 16ms
15ms Image
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=dv0rhR0J8RE&cpn=8lRMER_M2ub8cyfn&ei=TQXTYfi7LrTNx_AP-ZytmAE&ptk=youtube_none&pltype=contentugclive

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jan 2022 14:16:46 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
vs.bantgoau.com/sts/ Frame 5904 2 B
228 B 20ms
20ms XHR
application/json 2a02:128:7:4777::1
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14&type=view&g_referer=https://www.ilovexs.com
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4777::1 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Jan 2022 14:16:45 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
content-type: application/json

GET videoplayback
rr2---sn-4g5edn6r.googlevideo.com/ Frame 7F73 0
0

POST
H3 200 heartbeat Show response
www.youtube.com/youtubei/v1/player/ Frame 7F73 3 KB
828 B 23ms
23ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player/heartbeat?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8da38e9a/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c8007a6b067f42151ec56f0808adb67a225f68e466902db9f5ec4ce87c7ee1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dv0rhR0J8RE?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-YouTube-Client-Version: 1.20211215.00.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtiRmh6ZkZQS29hUSjNisyOBg%3D%3D
X-YouTube-Ad-Signals: dt=1641219405656&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1%2C1&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 03 Jan 2022 14:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 804
x-xss-protection: 0
expires: Mon, 03 Jan 2022 14:16:47 GMT

GET
H2 204 / Show response
vs.javcosplay.com/pvt/ Frame 5904 0
237 B 72ms
20ms XHR
text/plain 2a02:128:7:4727::3

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.javcosplay.com/pvt/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fdv0rhR0J8RE%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0200&oid=1252833&sp=0.042350&spp=1000&se=impression&vi=dv0rhR0J8RE&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&utm1=tcb&utm2=746092832-1&utm3=195-21720-0&utm4=0-9038111-14&k=loTq2AeesHbyAMiHBKMQCV0AvwQKNA&g_referer=https://www.ilovexs.com
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4727::3 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Jan 2022 14:16:51 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: Content-Length,Content-Range

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: syndication.realsrv.com
URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4214752&type=300x250&p=https%3A//www.ilovexs.com/&dt=1641219403573&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22

Domain: static.bookmsg.com
URL: https://static.bookmsg.com/creatives/DE/DE_147f3c21306505f61a7439bc9ada72f6770c3ef2.webp

Domain: static.bookmsg.com
URL: https://static.bookmsg.com/creatives/DE/DE_147f3c21306505f61a7439bc9ada72f6770c3ef2_icon.webp

Domain: rr2---sn-4g5edn6r.googlevideo.com
URL: https://rr2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1641241005&ei=TQXTYfi7LrTNx_AP-ZytmAE&ip=2001%3Aac8%3A36%3A6%3A207%3A%3A1&id=dv0rhR0J8RE.1&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C298%2C299&source=yt_live_broadcast&requiressl=yes&hcs=ir%2C&mh=0A&mm=44%2C29&mn=sn-4g5edn6r%2Csn-4g5e6nzl&ms=lva%2Crdu&mv=m&mvi=2&pl=48&rmhost=rr3---sn-4g5edn6r.googlevideo.com%2C&initcwndbps=381250&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fmp4&ns=ndlOjLv0SctrzL4WTLZrmK4G&gir=yes&mt=1641218918&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=OzswQpLk_qbWMw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhALeJL6HXxYITwdxhZC7hw-wIW2VrLpOXhF9UVxlwM39qAiB9Z5XydvtuhRvKbtYfyOFr5DQINgdUtqcCUcz7tmc8dg%3D%3D&lsparams=hcs%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crmhost%2Cinitcwndbps&lsig=AG3C_xAwRAIgMtGLc7TqlxReS1yWyWu5AbTY69cF__lrIa3YR8xWyYQCIB5vv9_YFeU4yfZW-2_02b-V52KmlYFaibtXOOAQEC5Z&alr=yes&cpn=8lRMER_M2ub8cyfn&cver=1.20211215.00.01&sq=35007&rn=11&rbuf=9159

Domain: rr2---sn-4g5edn6r.googlevideo.com
URL: https://rr2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1641241005&ei=TQXTYfi7LrTNx_AP-ZytmAE&ip=2001%3Aac8%3A36%3A6%3A207%3A%3A1&id=dv0rhR0J8RE.1&itag=140&source=yt_live_broadcast&requiressl=yes&hcs=ir%2C&mh=0A&mm=44%2C29&mn=sn-4g5edn6r%2Csn-4g5e6nzl&ms=lva%2Crdu&mv=m&mvi=2&pl=48&rmhost=rr3---sn-4g5edn6r.googlevideo.com%2C&initcwndbps=381250&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ndlOjLv0SctrzL4WTLZrmK4G&gir=yes&mt=1641218918&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=OzswQpLk_qbWMw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhALCBmRQkLo63o2TjckmHxXAdXOQ7Pk7paJfkbiON7NtMAiEA4jYx0IYB_oO7TcB7iZn2uj5vef1u35U5uSx-UtmkBTM%3D&lsparams=hcs%2Cmh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Crmhost%2Cinitcwndbps&lsig=AG3C_xAwRAIgMtGLc7TqlxReS1yWyWu5AbTY69cF__lrIa3YR8xWyYQCIB5vv9_YFeU4yfZW-2_02b-V52KmlYFaibtXOOAQEC5Z&alr=yes&cpn=8lRMER_M2ub8cyfn&cver=1.20211215.00.01&sq=35007&rn=12&rbuf=9201

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ilovexs.com/	1970-01-20 17:24:51	Name: _ga_L06WTLD73Y Value: GS1.1.1641219402.1.0.1641219402.0
.ilovexs.com/	1970-01-20 17:24:51	Name: _ga Value: GA1.1.1681522487.1641219402
.realsrv.com/	1970-01-20 17:24:51	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2261d3054b95e4f7.941602083190079473%22%3B%7D
tcimp.zog.link/	1970-01-19 23:55:05	Name: 750.0 Value: 1
tb.baimgfroggd.site/	1970-01-19 23:55:05	Name: 1816.1252833 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: jQVeWIo7UI8
.youtube.com/	1970-01-20 04:12:51	Name: VISITOR_INFO1_LIVE Value: bFhzfFPKoaQ

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://static.bookmsg.com/creatives/DE/DE_147f3c21306505f61a7439bc9ada72f6770c3ef2_icon.webp Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://static.bookmsg.com/creatives/DE/DE_147f3c21306505f61a7439bc9ada72f6770c3ef2.webp Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
3b927b608b.583d46135c.com
a.realsrv.com
cst.cstwpush.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.cabnnr.com
js.natsdk.com
js.wpadmngr.com
js.wpshsdk.com
js.wpushsdk.com
lh3.googleusercontent.com
na.nawpush.com
nereserv.com
nezumi.my.id
niwatori.my.id
notification.tubecup.net
ntvpinp.com
raion.my.id
rr2---sn-4g5edn6r.googlevideo.com
rtbbnr.com
s3t3d2y7.ackcdn.net
static.bookmsg.com
static.doubleclick.net
stream.bantgoau.com
syndication.realsrv.com
tb.baimgfroggd.site
tcimp.zog.link
tokage.my.id
vs.bantgoau.com
vs.javcosplay.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.ilovexs.com
www.youtube.com
yt3.ggpht.com
rr2---sn-4g5edn6r.googlevideo.com
static.bookmsg.com
syndication.realsrv.com
168.119.25.22
2001:4de0:ac19::1:b:1b
2606:4700:3030::ac43:8601
2606:4700:3033::6815:3ad8
2606:4700:3033::6815:3d17
2606:4700:3033::6815:4066
2606:4700:3033::ac43:b8ea
2606:4700:3035::6815:5c33
2a00:1450:4001:801::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a00:1450:4001:e::7
2a01:4f8:c0:33d8::1
2a01:4f8:e0:19cb::1
2a02:128:7:4727::3
2a02:128:7:4777::1
2a02:128:7:5241::2
2a02:128:7:5242::2
2a02:3d0:623:a000::8
45.133.44.24
45.133.44.25
88.198.204.168
95.211.229.248
03e3b6f53d85749630338e31dc03bc82bb0041ea401a991e6a8683c0cbb79e15
05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b
072ab8ad67cc64e1f073368fa0b933847922345a2d23dc7cd5db69094feb9338
0811ce888146e9dbb84af9ed5f451f482d1aa04f450c2fd2bbb3a69097a5dc8d
0994c6adad54327ded3f78fc8cd15e25709ee6799c2466b4fa760b41ace0c7d1
0b119a7aad6573d63c667d454b59ce53e9aba976158685ff308c87edbe51d6ae
1530691d7096753c4a33ff3d11be983fbec896774cffe9a3555c2c81e6f18906
1f30668d168a961d3bd50f90e1fb2d2f5509727f6c031f8ae505a91390ce4a17
2019a6c92b31b74f7845370e529079d56dbe5c108a658e979e66acafb37ab5fb
20430c9122d7657f372038901643442dcf417536f0ebc2eb82e4fcde4132c501
204f53ed9323e6e0c6ea23932a312b21638a0ee8525799261f76d06763998b5e
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
334cc3c08c0a394a62c65ceb78f997df7f3e660ddeeadf82544759c228cb896a
3535d804b97ae8c2b9724e2f67feaf0a924a63459acf8a4e604820048cfe8245
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e
3b4ab8092d8d17e37d5fb0dda73ef8a830a851a03cdf9b7c7c03b64c656d09d3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536
3f59207cc7554d3911efb7a4556a64376baf18e519b0d233cfd41c0704e1c309
4177a37ba326ef0d2c1fd93de5d6f069bf403c190f35f027bdb35f09120dd077
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd
4485344fca7090513e73c436fdf19da7ac01d1a9a452619e1e61df70d80a1cfe
4720daad8daba83ee3b0e5e453f6b9d6d021b2ed5ef662c7dd801998c133b96d
47b36a4486f7041dbc93cbc888c62d906fc386128de696b8b2418ad7d53501ed
4bf776dcba719ad2844f2367c37876747d5a1ee47d4020d7188f0199797feeec
4cbc4d45480053fdaacb8b61331ed2c2117a92b380edde10a1baa4f5d9553eb2
4f91a8a3fac0e4eca09ccbbab0309056c505ac353c39a756b0a40f124629166a
4fa7d3d3cccc77291b02cd052ba237de9fbdceb528c938f179ad3af0cd03c201
503df480dce721897f3ea512b5d4c829451b175cebed5ff0e519327f39cb62dd
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604
52b2060d6bff719b4b0be496d1e8132f221dfca1c7f6d2d9f4ee54f2d6b46f63
5752cdcff8bac255ff1a7f2cf0fc68cba9240d2a468d6a0fca0b707ad5e7ea1f
5d368d3e7491cb263ef757e719226c947c61d81fde2350c4923bd4f59faff273
5facd1518a0a9ce183c27747ce703e3912cce718e7dcfd3051e46ec6de135910
6182db5be8c1693fdcbdb10ae20fd9098ecf42cecd38e06c406ac08a824eb713
629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca
65553a47ab55f19ce4a0904c68bedf01041202ffdffc0d5b435810fb0646a645
65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ae681d3a53af8c6c9ea5d3c2b485a684b9c18b1e82ee6282ffb69c5e110b297
6aee5c312b941cf8a2d5f20872d8bd2c578bf878a891a306e33e1236696b5241
6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7
6d4a5a8296ca52691fde29abc2b8cd81c06ce8717a4b703ef1221bcd01e1d8dc
6d85f2227d76f98e2980a6e3f5c6d22e7ba9a6e89d681c5be9d92604395ba7ad
6dacaa045e8c49aa1c688ba2cb6e436a0b180a96971d8ca842f7948cc7d2ca08
6e262b9535c4651d95e5be52d104b59638b22bbf6a6e0d372baee1e227ecdd1e
6f39eb4f08d4124b429c13828d289f2b4b6bb3badde2ddd23f7464944b301f8d
7130091bbbc747647776be3e95e87831965643e41a5e0362da0651cb24487b09
71f131980d99a7cc28d60391193165954279b9baebbfde79840227bbb4924adf
71f4a6b13f5d5b9c56c3c3e769b5914c7e5738b295477d9c42caa75101a1ec06
7346d39f770d0e098cc8771c0a3d6509972e48b60b0bdd30be6259b591776298
768075d51aca5301283da7d19e342b14d7b26ae4bc758e34ba718f72259d522e
7bcb20d9b2fbebbd79043843cd7f41f08afcf27f2d110f3415c9c67be39d4cb4
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69
89b6b338b14874cc910edc44bac77b895acac4af34996876fbee5c2e10e3e2ab
89c99b26d304a045144ce981b01813d109de8df8808dcbd14fde95c3efdf1024
8bd07a2b3c99f8e9bb0bd0d18451ac18b566da5a16a9d93ed5d2df56800a3beb
8d10d83d7e75374b6257d6524971ea17e83a232342b8dad9d357c2df14d41869
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
94f575abdb5c45476f9c2b62bbe06fbfacce9d25e95796ffcd07680bd7c6c0bb
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9c746125f5b1446cf0d5338f62538890eb0adbee590b3f62dbd33eca01924131
9ca185fed52b6af350217cbc26b4f18e7beca958d9b659ba14383f2a7959ac1c
9cf721f027b07e888722d6e7d1b0e356d7eda3652728fa85ad8c95cf6e09ef47
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8
a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e
a3ccfb51f4547f5927aacb3dc8cdbc1bf21b87e6decaf9e215405c6e1c9aab62
a88e35d36613dc3ec47d4374c2a5e11e5bb19d6786a7edd8e4ef05899bebd82a
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
ab54909b000df1d3c74b7ef4e3af1f3369b317e90d9e87bdf7de0aa77cbb4af0
ad5c058a7c9b97cbc35da4f3c2fd1e2ea6f2e91a3be7c816c55139798710098f
b0496ff7b5e02ba5dcf004405c2b4eba9e66d7a89002346aa17ea3c1b4311806
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62
b6a0024873ec305b424a299a4c17e869324d178a905d6e36ad76c332d9e9aa76
b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c
bb8fd75b4bfdfe66efe86f2f9ec8d304e443307eedd633f47ae68bffffd86749
bc4c7e80396ebb84d402c2fbfceb26365eb52f5ee17f75637aa86ae80cb40a93
c71d5ee5062c78a1db5f09e83aae801f61f58843e0c67efc4a8719249cf10c2d
c8007a6b067f42151ec56f0808adb67a225f68e466902db9f5ec4ce87c7ee1de
c91a28c30f3008cc4448f575c060dd33b7fa4cf96bee906cefdef6903fc75b2a
c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e
ca65f0a074adaf42dc360142ac1db0dfac430072c7b47f08d43e1b22c3d538f7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf5682357c8b76dd2055a3c30cb2d7259279da1db4163d7dbec356916cde0c13
d30cff157018c1a44b2f9f4328429133294027545e642a6e06dcefd28e5ad236
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc46f48ae4e866017e25f4fcf28f7d4ad57ac8253296736742be0140a2c09c51
dd05c9a1d48f057b0e10c4cb45f8a1285dd37afbf3db3214450d132465bee87e
dd881afc57f63763e11e2e34a33b7a1bbf14b506271822337bbe10fba5fed43d
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def18b47bfd16f80c02cd967ecfc4617f995d3c5dee360ec0dc875d598a85662
e0b5a4c5a222720eb46c0effe46b2ed52f24f427d99227445011150b4b4b70db
e14500240450bdab78c4481b2057686d9bdae51b513e359918d17ecb673060a6
e30cb35fc6319e0ee5c12b6d21633c665cfc4158dbbfaf80793bcb02ef4cb65d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f72453d2dbf2ebebb93b6120b94e6f0a2782ec8a9568498a67c5edb3ba9a68
ebc888354308b2a07f593829eb0133c0c24190c70a59235f9ec8373a799270f3
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee522b462a82f43afc15d755add95e4fc6288bc7b7735e77b13b91e0916a7bbf
ee5c1852f7ec119e29525bf443956b5206d52ae9aa74fe74aec845532fc0525c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738
f169879cd23fb38c8c8889585315dbdc068a48394d2f41071efd9c6c12cf282c
f1db7670fd96ee8f163c77e7e3a574be9f51ecabe6a02073f5f0659ea2446b01
f2c796dc1175da38a31c0a3f8743974c90e5e5cb04dde429586e062df54e3ea5
f532d437985e8776751c63a3ded6d2389279516cf3e5dd951a970cf4b6ffe25e
f7450d9cf728fca20a91f63e5553d7f5963dc846a82b871de02d289d53c65972
f91ad79eb9b023bad085a64d6fb3ce4ee6c51afd67f2ff1b916eaea0fe9a0615
fa3704813ef9910e5e3982fba452fde824419bec89417180a966c37b44f698a9
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d
fbbd872c21488971dddcdb7e93278dfc6944c42f90cfa79147575c45a9bd4910
fc328eeaf800bfc497c691f3d92a67891dc61368e72111f0c1a02c7fe37d702b

www.ilovexs.com Open in urlscan Pro 2606:4700:3030::ac43:8601 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

95 %HTTPS

83 %IPv6

34 Domains

39 Subdomains

28 IPs

4 Countries

5844 kBTransfer

9568 kBSize

7 Cookies

0 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ilovexs.com Open in urlscan Pro
2606:4700:3030::ac43:8601 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

95 %
HTTPS

83 %
IPv6

34
Domains

39
Subdomains

28
IPs

4
Countries

5844 kB
Transfer

9568 kB
Size

7
Cookies

116 HTTP transactions
20 data transactions