URL: https://mdk.pix.nsfera.pl/
Submission: On March 14 via api from US — Scanned from US

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 50 HTTP transactions. The main IP is 31.186.86.189, located in Radom, Poland and belongs to ECO-ATMAN-PL ECO-ATMAN-, PL. The main domain is mdk.pix.nsfera.pl.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 11th 2024. Valid for: 3 months.
This is the only time mdk.pix.nsfera.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
26 nsfera.pl
mdk.pix.nsfera.pl
475 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 78
1013 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
4 googleapis.com
fonts.googleapis.com Failed
jnn-pa.googleapis.com — Cisco Umbrella Rank: 239
41 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
static.doubleclick.net — Cisco Umbrella Rank: 282
1 KB
2 erzeszow.pl
mdk.erzeszow.pl
www.mdk.erzeszow.pl
5 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 261
2 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 98
123 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
20 KB
50 9
Domain Requested by
26 mdk.pix.nsfera.pl mdk.pix.nsfera.pl
8 www.youtube.com mdk.pix.nsfera.pl
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.mdk.erzeszow.pl mdk.pix.nsfera.pl
1 mdk.erzeszow.pl 1 redirects
0 fonts.googleapis.com Failed mdk.pix.nsfera.pl
50 13

This site contains links to these domains. Also see Links.

Domain
wdk.podkarpackie.pl
sgpix.pl
www.wordpress.org
Subject Issuer Validity Valid
mdk.pix.nsfera.pl
cPanel, Inc. Certification Authority
2024-03-11 -
2024-06-09
3 months crt.sh
*.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
www.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
edgestatic.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://mdk.pix.nsfera.pl/
Frame ID: 321E2B5CA43C969C7E3D985406EC9FF0
Requests: 31 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Frame ID: 96630FA5C38E6EC08DCBF27D4AFDB60C
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Strona archiwalna Pracowni Fotograficznej Dominiki Mróz-Toton | Młodzieżowy Dom Kultury w Rzeszowie

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

92 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

13
IPs

2
Countries

1728 kB
Transfer

4513 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mdk.erzeszow.pl/wp-content/themes/vintage-camera/img/background-light.png HTTP 301
  • https://www.mdk.erzeszow.pl/wp-content/themes/vintage-camera/img/background-light.png
Request Chain 37
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mdk.pix.nsfera.pl/
52 KB
15 KB
Document
General
Full URL
https://mdk.pix.nsfera.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed / PHP/7.4.33
Resource Hash
667c82cc596eb80b030dbca5e051ce07d941b56857f39db8638750647576b4cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 14 Mar 2024 16:04:40 GMT
link
<https://mdk.pix.nsfera.pl/wp-json/>; rel="https://api.w.org/"
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
style.min.css
mdk.pix.nsfera.pl/wp-includes/css/dist/block-library/
108 KB
13 KB
Stylesheet
General
Full URL
https://mdk.pix.nsfera.pl/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
content-encoding
br
last-modified
Mon, 11 Mar 2024 22:05:10 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13600
expires
Thu, 21 Mar 2024 16:04:40 GMT
style.css
mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/
47 KB
9 KB
Stylesheet
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/style.css?ver=6.4.3
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
ebaec4fd3fd86ff376b424973ee06cfab77724ce90c0e105306390002943cd4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
content-encoding
br
last-modified
Mon, 11 Mar 2024 20:08:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8975
expires
Thu, 21 Mar 2024 16:04:40 GMT
jquery.min.js
mdk.pix.nsfera.pl/wp-includes/js/jquery/
86 KB
29 KB
Script
General
Full URL
https://mdk.pix.nsfera.pl/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
content-encoding
br
last-modified
Mon, 11 Mar 2024 22:05:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29744
expires
Thu, 21 Mar 2024 16:04:40 GMT
jquery-migrate.min.js
mdk.pix.nsfera.pl/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://mdk.pix.nsfera.pl/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
content-encoding
br
last-modified
Mon, 11 Mar 2024 22:05:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4678
expires
Thu, 21 Mar 2024 16:04:40 GMT
diana.png
mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/headers/
123 KB
123 KB
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/headers/diana.png
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
f08c1faaa6ebe3433d125db7c29a351d2a27bd03562a1e7c14b355dabf1ead28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 20:09:00 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
126002
expires
Thu, 21 Mar 2024 16:04:40 GMT
css
fonts.googleapis.com/
0
0

aleksandra-rulka-decydujacy-moment-2018_001-768x576.jpg
mdk.pix.nsfera.pl/wp-content/uploads/2018/05/
107 KB
107 KB
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/uploads/2018/05/aleksandra-rulka-decydujacy-moment-2018_001-768x576.jpg
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
3d7f9ebba9bcb6740cd0395e6290402137c297205a2fa6e6e335f985f36a40b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 21:36:43 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
109489
expires
Thu, 21 Mar 2024 16:04:40 GMT
kartka-swiateczna-2017-731x1024.jpg
mdk.pix.nsfera.pl/wp-content/uploads/2017/12/
54 KB
54 KB
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/uploads/2017/12/kartka-swiateczna-2017-731x1024.jpg
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
cd526bc49309b9814d56c6c2bb01bc8c8e49d5041511b05222ee6c9e7aa5302e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 21:36:34 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
55663
expires
Thu, 21 Mar 2024 16:04:40 GMT
07d22865-8e76-4b83-9687-9339c97ff05b
https://mdk.pix.nsfera.pl/
1 KB
0
Other
General
Full URL
blob:https://mdk.pix.nsfera.pl/07d22865-8e76-4b83-9687-9339c97ff05b
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
cameraicon.png
mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/
2 KB
2 KB
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/cameraicon.png
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
790fe23b2c5c6d40caa1b216c4d796b3328a08a91fea8bd3326babc4b41443a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 20:08:44 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1627
expires
Thu, 21 Mar 2024 16:04:40 GMT
copyright.png
mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/
2 KB
2 KB
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/copyright.png
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
15e8ec85fed8a62886852568960b2f087b2b83674a1de2516c66e02747c61df5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 20:08:47 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1676
expires
Thu, 21 Mar 2024 16:04:40 GMT
wordpresslogo.png
mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/
2 KB
2 KB
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/wordpresslogo.png
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
76c26ac7549626213379acf9834f224103565a93a16d155b314708d09ded96b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 20:08:55 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2495
expires
Thu, 21 Mar 2024 16:04:40 GMT
styles.css
mdk.pix.nsfera.pl/wp-content/plugins/gallereo/css/
4 KB
990 B
Stylesheet
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/plugins/gallereo/css/styles.css?ver=1.0.0.29
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
5bdf8a47316874a03aff8e95fbbfbc2b8dba2699ad59446a84175f0e174a6f7a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
content-encoding
br
last-modified
Mon, 11 Mar 2024 20:04:50 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
945
expires
Thu, 21 Mar 2024 16:04:40 GMT
small-menu.js
mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/js/
996 B
359 B
Script
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/js/small-menu.js?ver=20120206
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
2ee4fe8ded068d1e6767402ade86ebae94a1bf8c81d9fd4a0487dc919a5c5454

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
content-encoding
br
last-modified
Mon, 11 Mar 2024 20:09:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
302
expires
Thu, 21 Mar 2024 16:04:40 GMT
lazyload.js
mdk.pix.nsfera.pl/wp-content/plugins/gallereo/js/
3 KB
1 KB
Script
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/plugins/gallereo/js/lazyload.js?ver=1.8.4
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
31b3b78bc2b6a998136611443fc864ca89282b6bc17a8b78944a20264c621401

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
content-encoding
br
last-modified
Mon, 11 Mar 2024 20:04:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1019
expires
Thu, 21 Mar 2024 16:04:40 GMT
scripts.js
mdk.pix.nsfera.pl/wp-content/plugins/gallereo/js/
5 KB
2 KB
Script
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/plugins/gallereo/js/scripts.js?ver=1.0.0.29
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
c2e6baa345850b0f420ec4da79745fba81fe288e0851b7f4c9006506717399c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
content-encoding
br
last-modified
Mon, 11 Mar 2024 20:04:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1896
expires
Thu, 21 Mar 2024 16:04:40 GMT
float.js
mdk.pix.nsfera.pl/wp-content/plugins/gtranslate/js/
22 KB
6 KB
Script
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/plugins/gtranslate/js/float.js?ver=6.4.3
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
e7b82cf334e70a450ecf59d4d92355d1cb408b1a95f028decb50c597ac53e42d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
content-encoding
br
last-modified
Mon, 11 Mar 2024 22:42:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6287
expires
Thu, 21 Mar 2024 16:04:40 GMT
UNGOKD_AJdw
www.youtube.com/embed/ Frame 9663
90 KB
39 KB
Document
General
Full URL
https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
ESF /
Resource Hash
3674f7ccf1d9e887fc14dc5afce762e1badb55e737bf5be3329fc9b0bd5c6e7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mdk.pix.nsfera.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Mar 2024 16:04:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
background-light.png
www.mdk.erzeszow.pl/wp-content/themes/vintage-camera/img/
Redirect Chain
  • https://mdk.erzeszow.pl/wp-content/themes/vintage-camera/img/background-light.png
  • https://www.mdk.erzeszow.pl/wp-content/themes/vintage-camera/img/background-light.png
4 KB
5 KB
Image
General
Full URL
https://www.mdk.erzeszow.pl/wp-content/themes/vintage-camera/img/background-light.png
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
HTTP/1.1
Server
84.38.160.179 Rzeszów, Poland, ASN8834 (RESMAN, PL),
Reverse DNS
ip-84.38.160.179.resman.pl
Software
Apache /
Resource Hash
aaf6374d3a2abe6a793e303d446be8a64898094e44d59319afe60907b9387263

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 16:04:43 GMT
Last-Modified
Mon, 16 Sep 2013 20:53:53 GMT
Server
Apache
ETag
"1141-4e68666e2fa40"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4417

Redirect headers

Location
https://www.mdk.erzeszow.pl/wp-content/themes/vintage-camera/img/background-light.png
Date
Thu, 14 Mar 2024 16:04:42 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
293
Content-Type
text/html; charset=iso-8859-1
divider_1x.png
mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/
662 B
682 B
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/divider_1x.png
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/style.css?ver=6.4.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
ebaae77a4a46246c5eed584be4ba997969f169a8900c6e72f83a29ccb239ff7b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/style.css?ver=6.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 20:08:47 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
662
expires
Thu, 21 Mar 2024 16:04:40 GMT
ribbon-left_1x.png
mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/
291 B
333 B
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/ribbon-left_1x.png
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/style.css?ver=6.4.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
fc4a4233590dc353a273cd6cbfceec9067edcd05ac13fff8510074b250c37276

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/style.css?ver=6.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 20:08:52 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
291
expires
Thu, 21 Mar 2024 16:04:40 GMT
ribbon-right_1x.png
mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/
287 B
330 B
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/ribbon-right_1x.png
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/style.css?ver=6.4.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
470d147c2f4982747f79823682572894485a6fe49c15bde8dd0e1d31d364bf34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/style.css?ver=6.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 20:08:53 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
287
expires
Thu, 21 Mar 2024 16:04:40 GMT
cat_1x.png
mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/
323 B
366 B
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/img/cat_1x.png
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/style.css?ver=6.4.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
b393339aa6e12c915af50abbbd20f40b3d5be854a329e2f5bb68b840fe9a2862

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/wp-content/themes/vintage-camera/style.css?ver=6.4.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 20:08:45 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
323
expires
Thu, 21 Mar 2024 16:04:40 GMT
karilina-przybos_konkurs_001-1.jpg
mdk.pix.nsfera.pl/wp-content/uploads/2017/09/
52 KB
52 KB
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/uploads/2017/09/karilina-przybos_konkurs_001-1.jpg
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
4dad19bb0a4ac3eb55c8f38829de682e1432b5e92a8e49f1f472f542e4a6535f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:40 GMT
last-modified
Mon, 11 Mar 2024 21:36:11 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
53101
expires
Thu, 21 Mar 2024 16:04:40 GMT
pl.svg
mdk.pix.nsfera.pl/wp-content/plugins/gtranslate/flags/svg/
194 B
250 B
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/plugins/gtranslate/flags/svg/pl.svg
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
ca69810c60aacd2e0d17005df7ea4a2318fafa7385b580e33cdfbdb16fc3e2f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:41 GMT
last-modified
Mon, 11 Mar 2024 22:42:02 GMT
server
LiteSpeed
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
194
expires
Thu, 21 Mar 2024 16:04:41 GMT
wp-emoji-release.min.js
mdk.pix.nsfera.pl/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://mdk.pix.nsfera.pl/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:41 GMT
content-encoding
br
last-modified
Mon, 11 Mar 2024 22:05:09 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4651
expires
Thu, 21 Mar 2024 16:04:41 GMT
truncated
/
270 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
karolina-przybos-ego_03-213x320.jpg
mdk.pix.nsfera.pl/wp-content/uploads/2017/11/
21 KB
21 KB
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/uploads/2017/11/karolina-przybos-ego_03-213x320.jpg
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
52b546fad0e94f4d6d17c4cfc5c13415e0dd67506dd01b6c8a1e7776837569df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:41 GMT
last-modified
Mon, 11 Mar 2024 21:36:28 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
21879
expires
Thu, 21 Mar 2024 16:04:41 GMT
karolina-przybos-ego_02-213x320.jpg
mdk.pix.nsfera.pl/wp-content/uploads/2017/11/
12 KB
12 KB
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/uploads/2017/11/karolina-przybos-ego_02-213x320.jpg
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
87c17f5afb1a2304bcc1d634a89cf66cf69eec4fcee78fa05b8273706dded594

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:41 GMT
last-modified
Mon, 11 Mar 2024 21:36:25 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12357
expires
Thu, 21 Mar 2024 16:04:41 GMT
karolina-przybos-ego_01-213x320.jpg
mdk.pix.nsfera.pl/wp-content/uploads/2017/11/
11 KB
11 KB
Image
General
Full URL
https://mdk.pix.nsfera.pl/wp-content/uploads/2017/11/karolina-przybos-ego_01-213x320.jpg
Requested by
Host: mdk.pix.nsfera.pl
URL: https://mdk.pix.nsfera.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.186.86.189 Radom, Poland, ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL),
Reverse DNS
cl2.netmark.pl
Software
LiteSpeed /
Resource Hash
29daaa255d53e7716bcd30100d4f1aadbdfabc20acb16b9d928cab2c121b5d39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdk.pix.nsfera.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:41 GMT
last-modified
Mon, 11 Mar 2024 21:36:22 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10763
expires
Thu, 21 Mar 2024 16:04:41 GMT
www-player.css
www.youtube.com/s/player/e04b3b4c/ Frame 9663
370 KB
47 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/e04b3b4c/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
sffe /
Resource Hash
a916274699a9e36596e58e42337e553005153e169ab1418c620a5771c7a4f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:51:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
767
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47959
x-xss-protection
0
last-modified
Tue, 12 Mar 2024 04:20:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Mar 2025 15:51:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9663
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 09:09:10 GMT
x-content-type-options
nosniff
age
111331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 09:09:10 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9663
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:54:28 GMT
x-content-type-options
nosniff
age
69013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:54:28 GMT
embed.js
www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/ Frame 9663
57 KB
18 KB
Script
General
Full URL
https://www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
sffe /
Resource Hash
5e0463f90ea7f345b6c1c8c03d1722436429899eed3bfe7dbc3e9bc357aa237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:59:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17996
x-xss-protection
0
last-modified
Tue, 12 Mar 2024 04:20:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Mar 2025 15:59:43 GMT
www-embed-player.js
www.youtube.com/s/player/e04b3b4c/www-embed-player.vflset/ Frame 9663
320 KB
95 KB
Script
General
Full URL
https://www.youtube.com/s/player/e04b3b4c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
sffe /
Resource Hash
f21c22963092f299414dd54347d8ddf003179242f53b9ad3215a3980e2b1bbe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
441
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97638
x-xss-protection
0
last-modified
Tue, 12 Mar 2024 04:20:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Mar 2025 15:57:20 GMT
base.js
www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/ Frame 9663
2 MB
781 KB
Script
General
Full URL
https://www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
sffe /
Resource Hash
32e8ac9e08e0641244e64b9c7b54860c72feb9a6838ae9f48056bb9bd1efade0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 15:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798930
x-xss-protection
0
last-modified
Tue, 12 Mar 2024 04:20:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Mar 2025 15:55:13 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 9663
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Protocol
H2
Server
2607:f8b0:4004:c08::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02811a1f45e9c5e9c6242670fa46658a414c9451e8883109215c55dcf3652725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 14 Mar 2024 16:04:41 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 9663
29 B
494 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e04b3b4c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:02:20 GMT
x-content-type-options
nosniff
age
141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Mar 2024 16:17:20 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 14 Mar 2024 16:04:41 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9663
87 KB
41 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b591f57808920129c6499a1026da8a13d3ed99b61c891b41a2c134588de02f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 14 Mar 2024 16:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41614
x-xss-protection
0
remote.js
www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/ Frame 9663
117 KB
33 KB
Script
General
Full URL
https://www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
sffe /
Resource Hash
beb6d4e50d759b46215ceab12104caa63a7e1db29f05dc306b6b52c29ce095b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33771
x-xss-protection
0
last-modified
Tue, 12 Mar 2024 04:20:12 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 14 Mar 2025 16:01:15 GMT
eKoYoTZeWyOvXhp0A93-wqJyHZ2R82AeO30zld14Z3M.js
www.google.com/js/th/ Frame 9663
51 KB
20 KB
Script
General
Full URL
https://www.google.com/js/th/eKoYoTZeWyOvXhp0A93-wqJyHZ2R82AeO30zld14Z3M.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78aa18a1365e5b23af5e1a7403ddfec2a2721d9d91f3601e3b7d3395dd786773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 05:52:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
36725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20316
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Mar 2025 05:52:36 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/UNGOKD_AJdw/ Frame 9663
123 KB
123 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/UNGOKD_AJdw/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::77 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1037d3c6c1a100cff53658fdb45c891e1e64ae2629fd9c0e49c67263765e7512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:42 GMT
x-content-type-options
nosniff
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125478
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Mar 2024 18:04:42 GMT
truncated
/ Frame 9663
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
AIdro_nX0P90USVbxpV3eakiSJDeKGoxYIQ2e0Xbeukt=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9663
2 KB
2 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AIdro_nX0P90USVbxpV3eakiSJDeKGoxYIQ2e0Xbeukt=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d46990a12706f1c5d46453425bcb59c5625ac459b4348e9b88e2f192d9036a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:42 GMT
x-content-type-options
nosniff
server
fife
etag
"v4e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2211
x-xss-protection
0
expires
Fri, 15 Mar 2024 16:04:42 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9663
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Mar 2024 16:04:42 GMT
generate_204
www.youtube.com/ Frame 9663
0
40 B
Image
General
Full URL
https://www.youtube.com/generate_204?J2vh3g
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.136 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f136.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 14 Mar 2024 16:04:42 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9663
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e04b3b4c/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b59997c2282c17a1b8438a14c56e07e425af5d76895dbd6a8090362185107bdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 14 Mar 2024 16:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/122/ Frame 9663
50 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/122/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 16:04:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14711
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 16:03:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 15 Mar 2024 16:04:39 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 9663
28 B
50 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e04b3b4c/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::be Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-Goog-Request-Time
1710432283965
Content-Type
application/json
X-YouTube-Utc-Offset
-600
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/UNGOKD_AJdw?feature=oembed
X-YouTube-Client-Version
1.20240311.01.00
X-YouTube-Time-Zone
Pacific/Honolulu
X-Goog-Visitor-Id
CgtjTGtrbGRjSVJDTSiZwMyvBjIKCgJVUxIEGgAgWA%3D%3D
X-YouTube-Ad-Signals
dt=1710432281390&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C740%2C416&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 14 Mar 2024 16:04:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Sansita+One%7CTrochut%3A400%2C700%2C400italic%7CAlegreya%3A400italic%2C700italic%2C900italic%2C400%2C700%2C900&subset=latin%2Clatin-ext&ver=6.4.3

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings undefined| $ function| jQuery object| CGMPGlobal object| gallereo object| gtranslateSettings function| doGTranslate function| googleTranslateElementInit2 object| twemoji object| wp

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: pu8pbXLN82U
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: cLkkldcIRCM
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgWA%3D%3D

25 Console Messages

Source Level URL
Text
security error URL: https://mdk.pix.nsfera.pl/(Line 49)
Message:
Mixed Content: The page at 'https://mdk.pix.nsfera.pl/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Sansita+One%7CTrochut%3A400%2C700%2C400italic%7CAlegreya%3A400italic%2C700italic%2C900italic%2C400%2C700%2C900&subset=latin%2Clatin-ext&ver=6.4.3'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mdk.pix.nsfera.pl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
mdk.erzeszow.pl
mdk.pix.nsfera.pl
static.doubleclick.net
www.google.com
www.gstatic.com
www.mdk.erzeszow.pl
www.youtube.com
yt3.ggpht.com
fonts.googleapis.com
142.251.163.136
142.251.167.94
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c06::93
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c0b::77
2607:f8b0:4004:c17::94
2607:f8b0:4004:c17::be
31.186.86.189
84.38.160.179
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
02811a1f45e9c5e9c6242670fa46658a414c9451e8883109215c55dcf3652725
1037d3c6c1a100cff53658fdb45c891e1e64ae2629fd9c0e49c67263765e7512
15e8ec85fed8a62886852568960b2f087b2b83674a1de2516c66e02747c61df5
29daaa255d53e7716bcd30100d4f1aadbdfabc20acb16b9d928cab2c121b5d39
2ee4fe8ded068d1e6767402ade86ebae94a1bf8c81d9fd4a0487dc919a5c5454
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
31b3b78bc2b6a998136611443fc864ca89282b6bc17a8b78944a20264c621401
32e8ac9e08e0641244e64b9c7b54860c72feb9a6838ae9f48056bb9bd1efade0
3674f7ccf1d9e887fc14dc5afce762e1badb55e737bf5be3329fc9b0bd5c6e7e
3d7f9ebba9bcb6740cd0395e6290402137c297205a2fa6e6e335f985f36a40b0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
470d147c2f4982747f79823682572894485a6fe49c15bde8dd0e1d31d364bf34
4dad19bb0a4ac3eb55c8f38829de682e1432b5e92a8e49f1f472f542e4a6535f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52b546fad0e94f4d6d17c4cfc5c13415e0dd67506dd01b6c8a1e7776837569df
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bdf8a47316874a03aff8e95fbbfbc2b8dba2699ad59446a84175f0e174a6f7a
5e0463f90ea7f345b6c1c8c03d1722436429899eed3bfe7dbc3e9bc357aa237a
667c82cc596eb80b030dbca5e051ce07d941b56857f39db8638750647576b4cd
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
76c26ac7549626213379acf9834f224103565a93a16d155b314708d09ded96b5
78aa18a1365e5b23af5e1a7403ddfec2a2721d9d91f3601e3b7d3395dd786773
790fe23b2c5c6d40caa1b216c4d796b3328a08a91fea8bd3326babc4b41443a1
87c17f5afb1a2304bcc1d634a89cf66cf69eec4fcee78fa05b8273706dded594
9b591f57808920129c6499a1026da8a13d3ed99b61c891b41a2c134588de02f1
a916274699a9e36596e58e42337e553005153e169ab1418c620a5771c7a4f478
aaf6374d3a2abe6a793e303d446be8a64898094e44d59319afe60907b9387263
b393339aa6e12c915af50abbbd20f40b3d5be854a329e2f5bb68b840fe9a2862
b59997c2282c17a1b8438a14c56e07e425af5d76895dbd6a8090362185107bdc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
beb6d4e50d759b46215ceab12104caa63a7e1db29f05dc306b6b52c29ce095b7
c2e6baa345850b0f420ec4da79745fba81fe288e0851b7f4c9006506717399c2
ca69810c60aacd2e0d17005df7ea4a2318fafa7385b580e33cdfbdb16fc3e2f1
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd526bc49309b9814d56c6c2bb01bc8c8e49d5041511b05222ee6c9e7aa5302e
d46990a12706f1c5d46453425bcb59c5625ac459b4348e9b88e2f192d9036a83
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b82cf334e70a450ecf59d4d92355d1cb408b1a95f028decb50c597ac53e42d
ebaae77a4a46246c5eed584be4ba997969f169a8900c6e72f83a29ccb239ff7b
ebaec4fd3fd86ff376b424973ee06cfab77724ce90c0e105306390002943cd4b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f08c1faaa6ebe3433d125db7c29a351d2a27bd03562a1e7c14b355dabf1ead28
f21c22963092f299414dd54347d8ddf003179242f53b9ad3215a3980e2b1bbe1
fc4a4233590dc353a273cd6cbfceec9067edcd05ac13fff8510074b250c37276