gua.media Open in urlscan Pro
54.241.229.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gua.media/post/44079
Effective URL:
https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4...
Submission: On December 09 via api (December 9th 2021, 7:07:24 am UTC) from US — Scanned from DE

Summary HTTP 149 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 36 IPs in 3 countries across 23 domains to perform 149 HTTP transactions. The main IP is 54.241.229.83, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is gua.media.
TLS certificate: Issued by Amazon on September 14th 2021. Valid for: a year.

This is the only time gua.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 38	54.241.229.83 54.241.229.83	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	52.219.116.249 52.219.116.249	16509 (AMAZON-02) (AMAZON-02)
5	192.0.66.32 192.0.66.32	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
3	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b4::16c2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.244.137.27 35.244.137.27	15169 (GOOGLE) (GOOGLE)
14	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
9	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	35.224.142.165 35.224.142.165	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	35.209.67.224 35.209.67.224	19527 (GOOGLE-2) (GOOGLE-2)
2	192.229.233.25 192.229.233.25	15133 (EDGECAST) (EDGECAST)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	35.244.172.227 35.244.172.227	15169 (GOOGLE) (GOOGLE)
4	34.250.37.38 34.250.37.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	34.117.216.134 34.117.216.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
6	2600:9000:215... 2600:9000:2156:c800:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:c00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
14	34.149.83.205 34.149.83.205	15169 (GOOGLE) (GOOGLE)
149	36

38 54.241.229.83 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-229-83.us-west-1.compute.amazonaws.com

gua.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.116.249 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com

gua-prod.s3-us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.66.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

nypost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b4::16c2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i.dailymail.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.137.27 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 27.137.244.35.bc.googleusercontent.com

images.chinatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

w3.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.224.142.165 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 165.142.224.35.bc.googleusercontent.com

access.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.209.67.224 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 224.67.209.35.bc.googleusercontent.com

tkx.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.25 (Playa Vista, United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.172.227 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 227.172.244.35.bc.googleusercontent.com

dcs-vod.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.250.37.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-37-38.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.216.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.216.117.34.bc.googleusercontent.com

m104216-ucdn.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

segment.psg.nexstardigital.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:c800:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:c00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

aqxxvhh8dxxv1r86us6jzka63fyhy1639033639.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
plzkwur5avx7gcrulukzym6izttgm1639033639.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.149.83.205 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 205.83.149.34.bc.googleusercontent.com

m104216-gcdn.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	lura.live w3.mp.lura.live access.mp.lura.live tkx.mp.lura.live dcs-vod.mp.lura.live m104216-ucdn.mp.lura.live m104216-gcdn.mp.lura.live	4 MB
38	gua.media 1 redirects gua.media	1 MB
12	imrworldwide.com secure-us.imrworldwide.com cdn-gl.imrworldwide.com secure-dcr.imrworldwide.com aqxxvhh8dxxv1r86us6jzka63fyhy1639033639.nuid.imrworldwide.com plzkwur5avx7gcrulukzym6izttgm1639033639.nuid.imrworldwide.com	135 KB
12	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	259 KB
9	youtube.com www.youtube.com	709 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	12 KB
5	nypost.com nypost.com	1 MB
4	googleapis.com imasdk.googleapis.com	635 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	google.com adservice.google.com www.google.com	15 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
3	statically.io cdn.statically.io	125 KB
2	nexstardigital.net segment.psg.nexstardigital.net	43 KB
2	2mdn.net s0.2mdn.net	33 KB
2	google-analytics.com www.google-analytics.com	40 KB
1	ytimg.com i.ytimg.com	25 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	641 B
1	chinatimes.com images.chinatimes.com	122 KB
1	dailymail.co.uk i.dailymail.co.uk	42 KB
1	twimg.com pbs.twimg.com	381 KB
1	amazonaws.com gua-prod.s3-us-west-1.amazonaws.com	16 KB
149	23

	Domain	Requested by
38	gua.media	1 redirects gua.media
14	m104216-gcdn.mp.lura.live
14	w3.mp.lura.live	gua.media w3.mp.lura.live
10	pagead2.googlesyndication.com	gua.media pagead2.googlesyndication.com srcdoc tpc.googlesyndication.com
9	www.youtube.com	gua.media www.youtube.com
6	cdn-gl.imrworldwide.com	secure-us.imrworldwide.com cdn-gl.imrworldwide.com
5	nypost.com	gua.media
4	m104216-ucdn.mp.lura.live
4	imasdk.googleapis.com	w3.mp.lura.live imasdk.googleapis.com
4	tkx.mp.lura.live	w3.mp.lura.live
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
3	cdn.statically.io	gua.media
2	secure-dcr.imrworldwide.com
2	segment.psg.nexstardigital.net	w3.mp.lura.live
2	s0.2mdn.net	imasdk.googleapis.com
2	www.google-analytics.com	w3.mp.lura.live
2	secure-us.imrworldwide.com	w3.mp.lura.live
2	dcs-vod.mp.lura.live	w3.mp.lura.live
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	platform.twitter.com	gua.media platform.twitter.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google.com	www.youtube.com tpc.googlesyndication.com
2	access.mp.lura.live	w3.mp.lura.live
1	plzkwur5avx7gcrulukzym6izttgm1639033639.nuid.imrworldwide.com
1	aqxxvhh8dxxv1r86us6jzka63fyhy1639033639.nuid.imrworldwide.com
1	syndication.twitter.com	platform.twitter.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	www.youtube.com
1	images.chinatimes.com	gua.media
1	i.dailymail.co.uk	gua.media
1	pbs.twimg.com	gua.media
1	gua-prod.s3-us-west-1.amazonaws.com	gua.media
149	37

This site contains links to these domains. Also see Links.

Domain
nypost.com
pbs.twimg.com

Subject Issuer	Validity	Valid
*.gua.media Amazon	`2021-09-14` - `2022-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.s3-us-west-1.amazonaws.com Amazon	`2021-03-26` - `2022-03-25`	a year	crt.sh
nypost.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
statically.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-17` - `2022-06-18`	a year	crt.sh
*.dailymail.co.uk DigiCert SHA2 Secure Server CA	`2021-02-16` - `2022-02-22`	a year	crt.sh
*.chinatimes.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-11-09`	a year	crt.sh
*.mp.lura.live Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-11-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
segment.psg.nexstardigital.net R3	`2021-10-13` - `2022-01-11`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
Frame ID: B8DF754F9F8F7D07BE79CC60C4F6A506
Requests: 60 HTTP requests in this frame

Frame: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTM4MjIiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjEzODIyJTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRGRjNGY4YTVlLTA1NmEtNDg0ZC05YzE0LTY0Njk5MDI3MzAyNSJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakV6T0RJeUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd01EZzRNemQ5LjRRTUxVYWVHTHVCVFVoNmtuc1F0UVdHZ3pJZWpDSnAxem1JbE9DMW1TY1UifQ%3D%3D
Frame ID: E3D6F0FC28493932F0D59FCB814231F1
Requests: 29 HTTP requests in this frame

Frame: https://www.youtube.com/embed/78HGjCX5L7o?start=
Frame ID: A8A736F20B63C75F1172D27E3975B2D3
Requests: 18 HTTP requests in this frame

Frame: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTY0MzkiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZwcGlkPTcyYTEzZTljLTUwY2QtNDNmYS05YzAxLWJiMzI2NTMzMDA0MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjE2NDM5JTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRDJmNDZiNDc1LWE2YmEtNDY4Ny04ODI1LWQ1MGI0NGRkZGQ4NiUyNmFtem5iaWQlM0R2X2U3d3IyOCUyNmFtem5paWQlM0RJb1FpREhSVmFnVlNFWGhnSHp1eFhHRUFBQUY5bmNYa2JRRUFBQTFTQkkwS3VHNCUyNmFtem5wJTNEMTkwbm9qayJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakUyTkRNNUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd016RTJOVE45LkpSeWlVY1QtemxESmpwRFI3UzdXS1JCNjhxQ1BlemJSNXdEZUZYaGN4eHMifQ%3D%3D
Frame ID: B1A78D0FC8654965594893E04C303C1F
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 23E41175DEF58314D3F7DEA1F44F85AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5480543469340128&output=html&adk=1812271804&adf=3025194257&lmt=1639033638&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgua.media%2Ftopic%2F44058%2F%25E8%258A%259D%25E5%258A%25A0%25E5%2593%25A5%25E4%25B8%2580%25E4%25B8%25AA%25E6%259C%2588%25E5%2586%2585%25E7%25AC%25AC%25E4%25B8%2589%25E4%25B8%25AA%25E4%25BA%259A%25E8%25A3%2594%25E6%2597%25A0%25E7%25AB%25AF%25E8%25A2%25AB%25E9%259D%259E%25E8%25A3%2594%25E6%259E%25AA%25E6%259D%2580-%25E6%258A%2595%25E7%25A5%25A8%25E7%25BB%2599%25E6%25B0%2591%25E4%25B8%25BB%25E5%2585%259A%25E7%259A%2584%25E4%25BA%259A%25E8%25A3%2594%25E4%25BD%25A0%25E4%25BB%25AC%25E4%25BB%2580%25E4%25B9%2588%25E6%2597%25B6%25E5%2580%2599%25E8%2583%25BD%25E9%2586%2592-%25E8%25A7%2586%25E9%25A2%2591%2F1&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639033637824&bpp=3&bdt=838&idt=319&shv=r20211207&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6381210489534&frm=20&pv=2&ga_vid=1680590789.1639033638&ga_sid=1639033638&ga_hid=1069587479&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C31063858&oid=2&pvsid=4394669239311329&pem=35&tmod=17&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=343
Frame ID: 357041AA45CAA89F03AF2E1B5A77F4A4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fgua.media
Frame ID: 446064A459E82ADE552EBC35427226A3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 30BB2FC2973800CA8FA696144F8C2A56
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11B3F03F0A5998DCDC919CB8FB87BFCA
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: 99346D3AC32D595942B69ACFA07E02DE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: F7B7468979C4595DB3D5BA2866211CCB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D4952D934946F6475279024771CFCA3D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 98715BC03B230A89693B7C3BBB5D8BC2
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: BDA91191BA04167787010AE60BB9B2A6
Requests: 3 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: CA11D03E1439C712A5049BA9ACC51A99
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

芝加哥一个月内第三个亚裔无端被非裔枪杀，投票给民主党的亚裔你们什么时候能醒？（视频） | 瓜媒体

Page URL History Show full URLs

https://gua.media/post/44079 HTTP 307
https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%... Page URL

Page Statistics

149
Requests

99 %
HTTPS

57 %
IPv6

23
Domains

37
Subdomains

36
IPs

3
Countries

8916 kB
Transfer

16534 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://nypost.com/wp-content/uploads/sites/2/2021/12/woom-sing-tse-5.jpg?quality=90&strip=all&w=1535

Search URL Search Domain Scan URL

URL: https://nypost.com/wp-content/uploads/sites/2/2021/12/woom-sing-tse-6.jpg?quality=90&strip=all&w=1535

Search URL Search Domain Scan URL

URL: https://nypost.com/wp-content/uploads/sites/2/2021/12/woom-sing-tse-7.jpg?quality=90&strip=all&w=1535

Search URL Search Domain Scan URL

URL: https://nypost.com/wp-content/uploads/sites/2/2021/12/woom-sing-tse-3.jpg?quality=90&strip=all&w=1535

Search URL Search Domain Scan URL

URL: https://nypost.com/wp-content/uploads/sites/2/2021/12/woom-sing-tse-4.jpg?quality=90&strip=all&w=1535

Search URL Search Domain Scan URL

URL: https://pbs.twimg.com/media/FGJVEKEXIAALmMb?format=png&name=900x900

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gua.media/post/44079 HTTP 307
https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

149 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 1 Show response
gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6...
Redirect Chain

https://gua.media/post/44079
https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9...

103 KB
25 KB

163ms
162ms

Document
text/html

54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

621f42947cbe40ddf093ba3c85daa9568ddd252ec869de0edf2a7da6eaec0633

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 09 Dec 2021 07:07:16 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
X-Powered-By: NodeBB
Content-Security-Policy: frame-ancestors 'self'
ETag: W/"19d2e-36Cr5f8VkiDqzdggEezdtij7rRY"
Content-Encoding: gzip

Redirect headers

Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 09 Dec 2021 07:07:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 775
Connection: keep-alive
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
X-Powered-By: NodeBB
Content-Security-Policy: frame-ancestors 'self'
Location: /topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
Vary: Accept

GET
H/1.1 200
OK client.css
gua.media/assets/ 306 KB
306 KB 283ms
153ms Stylesheet
text/css 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/client.css?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

af6b3f22fae3347e028af16caac5507109ea1161238d193467de1065060b2330

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 313193
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:55 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"4c769-17c91f130a5"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK styles.css
gua.media/plugins/nodebb-plugin-emoji/emoji/ 185 B
814 B 457ms
158ms Stylesheet
text/css 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/plugins/nodebb-plugin-emoji/emoji/styles.css?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

405492bee11d5fd04c09e97924ce4af28642396f1daaa53fc223e7075782f507

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 185
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:48:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"b9-17c91f194a8"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK railscasts.css
gua.media/plugins/nodebb-plugin-markdowng/styles/ 1 KB
2 KB 454ms
154ms Stylesheet
text/css 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/plugins/nodebb-plugin-markdowng/styles/railscasts.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

661845fee6d5d628f8b4cfadcee2ccad7df9bdcdb1283ea4053ed26d975de231

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1211
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Feb 2019 04:27:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"4bb-168a74fa428"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 140ms
56ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5480543469340128

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d78afd4305735be6e1642d72b3610e3a1c139d82c25d21b10e47a4a983747a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gua.media/
Origin: https://gua.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51917
x-xss-protection: 0
server: cafe
etag: 3126229701049307564
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 07:07:17 GMT

GET
H/1.1 200
OK 4b9496be-e419-4ca0-b193-136462d14fc2.png
gua-prod.s3-us-west-1.amazonaws.com/ 15 KB
16 KB 667ms
166ms Image
image/png 52.219.116.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gua-prod.s3-us-west-1.amazonaws.com/4b9496be-e419-4ca0-b193-136462d14fc2.png?v=7a27b8mbqpc
Requested by: Host: gua.media
URL: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.249 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 49f17b1dafa7f3a405c28c72763db72fdfb32fdd2a90147872f148bf0d9e1a78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:19 GMT
Last-Modified: Wed, 18 Nov 2020 05:18:18 GMT
Server: AmazonS3
x-amz-request-id: 8TNXCAXGWTGJ1M3B
ETag: "a3c2456d3e09e6d5875ab5213f34010a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15798
x-amz-id-2: zjyC7aYzCAyyeomB2eqKg4FMWcYD433AUIaGy/la+m1KaQqZlpdmGWdiZCot5oIprbCkIQFUAQc=

GET
H/1.1 200
OK logo.png
gua.media/assets/images/ 111 KB
112 KB 154ms
153ms Image
image/png 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gua.media/assets/images/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

c6866b9b91268d38d8d2d7c43720bef4afccf5a61cf9c341ade90b99c9bf1f83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 113749
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:46:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1bc55-17c91efd28e"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: image/png
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK banner-01.jpg
gua.media/assets/images/site/ 98 KB
98 KB 155ms
153ms Image
image/jpeg 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gua.media/assets/images/site/banner-01.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

531ef81b8374ae49d87401c9deff0f1f091b18a8e9c526cc37660f4efd466c8c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 99842
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:46:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"18602-17c91efd292"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: image/jpeg
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK composer.js
gua.media/assets/src/modules/ 0
14 KB 187ms
155ms Other
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/composer.js?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 13335
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"3417-17c91f108d5"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK uploads.js
gua.media/assets/src/modules/composer/ 0
7 KB 310ms
152ms Other
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/composer/uploads.js?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 6187
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"182b-17c91f10849"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK drafts.js
gua.media/assets/src/modules/composer/ 0
5 KB 265ms
155ms Other
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/composer/drafts.js?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 4200
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1068-17c91f10849"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK tags.js
gua.media/assets/src/modules/composer/ 0
4 KB 300ms
153ms Other
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/composer/tags.js?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 3680
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"e60-17c91f10819"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK categoryList.js
gua.media/assets/src/modules/composer/ 0
2 KB 153ms
152ms Other
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/composer/categoryList.js?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1900
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"76c-17c91f10805"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK resize.js
gua.media/assets/src/modules/composer/ 0
3 KB 153ms
152ms Other
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/composer/resize.js?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2500
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"9c4-17c91f10819"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK autocomplete.js
gua.media/assets/src/modules/composer/ 0
2 KB 153ms
153ms Other
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/composer/autocomplete.js?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1462
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5b6-17c91f10835"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK composer.tpl
gua.media/assets/templates/ 0
8 KB 153ms
152ms Other
application/vnd.groove-tool-template 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/templates/composer.tpl?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 7396
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:58 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1ce4-17c91f13c5d"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/vnd.groove-tool-template
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK topic.json
gua.media/assets/language/zh-CN/ 0
8 KB 151ms
151ms Other
application/json 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/language/zh-CN/topic.json?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 7108
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:48:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1bc4-17c91f14df1"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/json; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK modules.json
gua.media/assets/language/zh-CN/ 0
4 KB 152ms
152ms Other
application/json 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/language/zh-CN/modules.json?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 3266
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:48:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"cc2-17c91f14dd9"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/json; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK tags.json
gua.media/assets/language/zh-CN/ 0
882 B 159ms
158ms Other
application/json 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/language/zh-CN/tags.json?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 245
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:48:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"f5-17c91f14de5"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/json; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK railscasts.css
gua.media/plugins/nodebb-plugin-markdowng/styles/ 0
2 KB 152ms
152ms Other
text/css 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/plugins/nodebb-plugin-markdowng/styles/railscasts.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1211
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 01 Feb 2019 04:27:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"4bb-168a74fa428"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK highlight.js
gua.media/assets/src/modules/ 0
46 KB 153ms
153ms Other
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/highlight.js?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 46059
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"b3eb-17c91f1098d"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK markdown.json
gua.media/assets/language/zh-CN/ 0
977 B 151ms
151ms Other
application/json 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/language/zh-CN/markdown.json?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 339
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:48:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"153-17c91f14ec1"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/json; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H2 200 woom-sing-tse-5.jpg
nypost.com/wp-content/uploads/sites/2/2021/12/ 409 KB
410 KB 31ms
6ms Image
image/webp 192.0.66.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nypost.com/wp-content/uploads/sites/2/2021/12/woom-sing-tse-5.jpg?quality=90&strip=all&w=1535

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

95a7e3847852009bd0e96d6ea636693bd0c2707cd78594d5f59f3fc7b0602d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:17 GMT
x-rq: hhn1 109 32 443
last-modified: Wed, 08 Dec 2021 23:34:14 GMT
server: nginx
etag: "9bbe612be0610b76"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 419270
expires: Thu, 08 Dec 2022 23:34:14 GMT

GET
H2 200 woom-sing-tse-6.jpg
nypost.com/wp-content/uploads/sites/2/2021/12/ 296 KB
297 KB 31ms
7ms Image
image/webp 192.0.66.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nypost.com/wp-content/uploads/sites/2/2021/12/woom-sing-tse-6.jpg?quality=90&strip=all&w=1535

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

71a192c3d5781040e9ecf3746c304715eefb61b65285533c4655e4b8a69413c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:17 GMT
x-rq: hhn1 109 86 443
last-modified: Wed, 08 Dec 2021 23:35:12 GMT
server: nginx
etag: "8feb75751bed1bb0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 303492
expires: Thu, 08 Dec 2022 23:35:12 GMT

GET
H2 200 woom-sing-tse-7.jpg
nypost.com/wp-content/uploads/sites/2/2021/12/ 199 KB
200 KB 31ms
7ms Image
image/webp 192.0.66.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nypost.com/wp-content/uploads/sites/2/2021/12/woom-sing-tse-7.jpg?quality=90&strip=all&w=1535

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ff986ae6228fde43d5b830dab0d57c0da53cfee27f9acb6c23f990d97666eaf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:17 GMT
x-rq: hhn1 109 83 443
last-modified: Wed, 08 Dec 2021 23:35:21 GMT
server: nginx
etag: "c4786b560478ed80"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 204262
expires: Thu, 08 Dec 2022 23:35:21 GMT

GET
H2 200 woom-sing-tse-3.jpg
nypost.com/wp-content/uploads/sites/2/2021/12/ 167 KB
167 KB 31ms
7ms Image
image/webp 192.0.66.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nypost.com/wp-content/uploads/sites/2/2021/12/woom-sing-tse-3.jpg?quality=90&strip=all&w=1535

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

01e7b173cb551eceea8f468509e0783ec619b0a44854233783803aff4555f78d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:17 GMT
x-rq: hhn1 109 32 443
last-modified: Wed, 08 Dec 2021 23:35:30 GMT
server: nginx
etag: "954f2f163e14ca4a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 170954
expires: Thu, 08 Dec 2022 23:35:30 GMT

GET
H2 200 woom-sing-tse-4.jpg
nypost.com/wp-content/uploads/sites/2/2021/12/ 122 KB
123 KB 31ms
7ms Image
image/webp 192.0.66.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nypost.com/wp-content/uploads/sites/2/2021/12/woom-sing-tse-4.jpg?quality=90&strip=all&w=1535

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0303574f83ef71ce9e48310cd90d0249289ca8ae99979a18fed695794fd3d878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:17 GMT
x-rq: hhn1 109 27 443
last-modified: Wed, 08 Dec 2021 23:35:35 GMT
server: nginx
etag: "7064591f08e93a20"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 125272
expires: Thu, 08 Dec 2022 23:35:35 GMT

GET
H2 200 FGJVEKEXIAALmMb
pbs.twimg.com/media/ 381 KB
381 KB 276ms
253ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FGJVEKEXIAALmMb?format=png&name=900x900

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

cb520c6b3bba20f40bb4e1a1a65dd718e510b8663fffb3b601f47e05097745a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:17 GMT
x-content-type-options: nosniff
age: 0
x-cache: MISS
content-length: 389992
x-response-time: 228
surrogate-key: media media/bucket/5 media/1468829958386688000
last-modified: Thu, 09 Dec 2021 06:26:46 GMT
server: ECS (frb/6752)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4aa0959f4d654d1f296aa8d7b0c94ce5dbe0477f4ffc3cc4d3cfeb569fef17b3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 siblings.jpg
cdn.statically.io/img/nextshark.com/wp-content/uploads/2021/05/ 29 KB
29 KB 959ms
930ms Image
image/webp 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/nextshark.com/wp-content/uploads/2021/05/siblings.jpg?quality=80&f=auto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

35eb98c0cb2c385a7e0dfeb5ba61367824c9786fa28f5bc85c39ecdf3c136ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
x-content-type-options: nosniff
server: statically
etag: "stly2j2TFKERb1FS0PRCAzU9QA:129dd-60900c8c-11c04aa1;;;"
vary: Accept
x-cache: MISS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
link: <https://nextshark.com/wp-content/uploads/2021/05/siblings.jpg>; rel="canonical"
content-length: 29438
x-served-by: cache-hhn4041-HHN

GET
H2 200 vogue-800x425.jpg
cdn.statically.io/img/nextshark.com/wp-content/uploads/2021/03/ 42 KB
42 KB 974ms
947ms Image
image/webp 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/nextshark.com/wp-content/uploads/2021/03/vogue-800x425.jpg?quality=80&f=auto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

28ac362de7e7d05ab9688831b582ba5f4d801a593450d8af7f2fbd9647292e21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
x-content-type-options: nosniff
server: statically
etag: "stlyKNCzb3TnAlvzF0Umjr5svg:1050c-60469d00-1a8d33a7;;;"
vary: Accept
x-cache: MISS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
link: <https://nextshark.com/wp-content/uploads/2021/03/vogue-800x425.jpg>; rel="canonical"
content-length: 42836
x-served-by: cache-hhn4041-HHN

GET
H2 200 51047287-10249773-image-m-83_1638051504372.jpg
i.dailymail.co.uk/1s/2021/11/27/22/ 42 KB
42 KB 40ms
16ms Image
image/avif 2a02:26f0:6c00:2b4::16c2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.dailymail.co.uk/1s/2021/11/27/22/51047287-10249773-image-m-83_1638051504372.jpg
Requested by: Host: gua.media
URL: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b4::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0489810074dc3a37552700794bbd809b6022054d70f1b11b8b7be375fa4ad2f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 7C6sjX8G_c_gTLU35Llg8ahPtBz06fKh
last-modified: Sat, 27 Nov 2021 22:19:08 GMT
server: AmazonS3
x-amz-request-id: 8WX1H5CJ14HRQCQM
etag: "a1dc27480089ba09df5089bfc7c87466"
x-mol-img: avif
content-type: image/avif
cache-control: max-age=2592000
date: Thu, 09 Dec 2021 07:07:17 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
timing-allow-origin: *
content-length: 42689
x-amz-id-2: wYw5r8fh9RCoPnTkCQK5t4gCF0tDCwQ0qWmVZ837RkQLlDh9tB29YSgiQDipbImJ8J+JQU26Qbs=
expires: Sat, 08 Jan 2022 07:07:17 GMT

GET
H2 200 pjimage.jpg
cdn.statically.io/img/nextshark.com/wp-content/uploads/2021/05/ 54 KB
54 KB 1072ms
1055ms Image
image/webp 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/nextshark.com/wp-content/uploads/2021/05/pjimage.jpg?quality=80&f=auto

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

ca43b4701546d04698c5eb3d6cba173b76cceb3d82a0fe1e559203cf8c26faec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
x-content-type-options: nosniff
server: statically
etag: "stlyR1m9e_9qEz7XCJXCyVwPiw:1b1f9-60902825-11a01d0e;;;"
vary: Accept
x-cache: MISS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
link: <https://nextshark.com/wp-content/uploads/2021/05/pjimage.jpg>; rel="canonical"
content-length: 54818
x-served-by: cache-hhn4041-HHN

GET
H2 200 20210505005021.jpg
images.chinatimes.com/newsphoto/2021-05-05/1024/ 122 KB
122 KB 887ms
846ms Image
image/jpeg 35.244.137.27
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.chinatimes.com/newsphoto/2021-05-05/1024/20210505005021.jpg
Requested by: Host: gua.media
URL: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.137.27 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 27.137.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 710fb367861d9e2aa054a52327c5c7f939f9c4d88f0afb5e96fac1d28595f8ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:17 GMT
x-goog-meta-goog-reserved-file-mtime: 1620208425
x-guploader-uploadid: ADPycdvtXxHAbRwoHAv8kSG9uwl99do3LoenipyRSopN9QBj8GYOG0VNowCYUV5BPJv9Ic2T6cngWCJSVcJOKrMy60Qm2M3USw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124546
last-modified: Wed, 05 May 2021 09:53:45 GMT
server: UploadServer
etag: "f085408090e11f279ae3084f7788e34c"
x-goog-hash: crc32c=fNvldg==, md5=8IVAgJDhHyea4whPd4jjTA==
x-goog-generation: 1620208425349262
cache-control: public, max-age=31536000
x-goog-stored-content-length: 124546
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 09 Dec 2022 07:07:17 GMT

GET
H/1.1 200
OK nodebb.min.js Show response
gua.media/assets/ 472 KB
473 KB 153ms
152ms Script
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

f424ba5f7f1c2cd46aaf884a93b700e817418b088c780a3579ccdf4f4f0b40d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 483375
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:50 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"7602f-17c91f11ca9"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK anvload.html Show response
w3.mp.lura.live/player/prod/v3/ Frame E3D6 562 B
1 KB 94ms
16ms Document
text/html 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTM4MjIiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjEzODIyJTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRGRjNGY4YTVlLTA1NmEtNDg0ZC05YzE0LTY0Njk5MDI3MzAyNSJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakV6T0RJeUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd01EZzRNemQ5LjRRTUxVYWVHTHVCVFVoNmtuc1F0UVdHZ3pJZWpDSnAxem1JbE9DMW1TY1UifQ%3D%3D
Requested by: Host: gua.media
URL: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: fe8998c04cc2bb65792b2b05c200358f8f07efcd0c3678d407cfacd2d94f3356

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 292
Content-Type: text/html
Last-Modified: Fri, 03 Dec 2021 13:31:55 GMT
Accept-Ranges: bytes
X-GUploader-UploadID: ADPycdsC9jPMkO18r05tiwiufKjoPrmW3Du6v9ehglV9TNkCNbkwR1HNDMfBYmbHBVTGx0nE4a3iC-CewFI-S--xEFPuiS93sQ
Cache-Control: private
ETag: "0ae322c42159377cbe89c7b3d2e81eae"
x-goog-generation: 1638538315286379
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 292
x-goog-hash: crc32c=dZSF3Q== md5=CuMixCFZN3y+icez0ugerg==
x-goog-storage-class: STANDARD
Server: UploadServer
X-HW: 1639033637.dop203.am5.t,1639033637.cds287.am5.shn,1639033637.dop203.am5.t,1639033637.cds292.am5.c
Access-Control-Allow-Origin: *

GET
H2 200 78HGjCX5L7o Show response
www.youtube.com/embed/ Frame A8A7 59 KB
25 KB 166ms
81ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/78HGjCX5L7o?start=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3450903915ec1f9c1e658da95d93b040e35fb62de2843615b44fd446f494448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Dec 2021 07:07:17 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK anvload.html Show response
w3.mp.lura.live/player/prod/v3/ Frame B1A7 562 B
1 KB 94ms
17ms Document
text/html 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTY0MzkiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZwcGlkPTcyYTEzZTljLTUwY2QtNDNmYS05YzAxLWJiMzI2NTMzMDA0MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjE2NDM5JTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRDJmNDZiNDc1LWE2YmEtNDY4Ny04ODI1LWQ1MGI0NGRkZGQ4NiUyNmFtem5iaWQlM0R2X2U3d3IyOCUyNmFtem5paWQlM0RJb1FpREhSVmFnVlNFWGhnSHp1eFhHRUFBQUY5bmNYa2JRRUFBQTFTQkkwS3VHNCUyNmFtem5wJTNEMTkwbm9qayJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakUyTkRNNUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd016RTJOVE45LkpSeWlVY1QtemxESmpwRFI3UzdXS1JCNjhxQ1BlemJSNXdEZUZYaGN4eHMifQ%3D%3D
Requested by: Host: gua.media
URL: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: fe8998c04cc2bb65792b2b05c200358f8f07efcd0c3678d407cfacd2d94f3356

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 292
Content-Type: text/html
Last-Modified: Fri, 03 Dec 2021 13:31:55 GMT
Accept-Ranges: bytes
X-GUploader-UploadID: ADPycdsC9jPMkO18r05tiwiufKjoPrmW3Du6v9ehglV9TNkCNbkwR1HNDMfBYmbHBVTGx0nE4a3iC-CewFI-S--xEFPuiS93sQ
Cache-Control: private
ETag: "0ae322c42159377cbe89c7b3d2e81eae"
x-goog-generation: 1638538315286379
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 292
x-goog-hash: crc32c=dZSF3Q== md5=CuMixCFZN3y+icez0ugerg==
x-goog-storage-class: STANDARD
Server: UploadServer
X-HW: 1639033637.dop113.am5.t,1639033637.cds291.am5.shn,1639033637.dop113.am5.t,1639033637.cds292.am5.c
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK fontawesome-webfont.woff2
gua.media/assets/vendor/fontawesome/fonts/ 75 KB
76 KB 152ms
152ms Font
font/woff2 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/vendor/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: gua.media
URL: https://gua.media/assets/client.css?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gua.media/assets/client.css?v=7a27b8mbqpc
Origin: https://gua.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:17 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 77160
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:46:26 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"12d68-17c91efd362"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: font/woff2
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 273 KB
99 KB 115ms
69ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5480543469340128&plah=gua.media

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5480543469340128

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf7a5e247670e38e5261135aa0a8e52c8468f57de804078c4316310b742da9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100878
x-xss-protection: 0
server: cafe
etag: 252822964632545808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 07:07:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 23E4 11 KB
5 KB 142ms
47ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5480543469340128

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 08 Dec 2021 18:37:20 GMT
expires: Wed, 22 Dec 2021 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 44997
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK anvplayer.min.js Show response
w3.mp.lura.live/player/prod/v3/9f486f97/scripts/ Frame E3D6 2 MB
650 KB 17ms
17ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTM4MjIiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjEzODIyJTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRGRjNGY4YTVlLTA1NmEtNDg0ZC05YzE0LTY0Njk5MDI3MzAyNSJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakV6T0RJeUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd01EZzRNemQ5LjRRTUxVYWVHTHVCVFVoNmtuc1F0UVdHZ3pJZWpDSnAxem1JbE9DMW1TY1UifQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: af39b4d8dfd27cbd91c943dc79268f6fa625840e57f093c5f24b774bfc601d9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTM4MjIiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjEzODIyJTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRGRjNGY4YTVlLTA1NmEtNDg0ZC05YzE0LTY0Njk5MDI3MzAyNSJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakV6T0RJeUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd01EZzRNemQ5LjRRTUxVYWVHTHVCVFVoNmtuc1F0UVdHZ3pJZWpDSnAxem1JbE9DMW1TY1UifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=ucyR1g==, md5=EkA4UUfj9WE9wOFXtf1MTg==
Date: Thu, 09 Dec 2021 07:07:17 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdsg-3WEtOQDIE-TbXHKQbWfhpmPfL4J9QkahQcAexV5ZC8s425nCTf5ePIolTli3XyJZ5Bw00PhBj7242mK1uuUYMnsHw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 664272
Last-Modified: Fri, 03 Dec 2021 13:31:53 GMT
Server: UploadServer
ETag: "1240385147e3f5613dc0e157b5fd4c4e"
X-HW: 1639033637.dop113.am5.t,1639033637.cds291.am5.shn,1639033637.dop113.am5.t,1639033637.cds291.am5.c
x-goog-generation: 1638538313320695
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 664272
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H/1.1 200
OK anvhtml5.css
w3.mp.lura.live/player/prod/v3/ Frame E3D6 47 KB
10 KB 16ms
16ms Stylesheet
text/css 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/anvhtml5.css
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTM4MjIiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjEzODIyJTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRGRjNGY4YTVlLTA1NmEtNDg0ZC05YzE0LTY0Njk5MDI3MzAyNSJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakV6T0RJeUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd01EZzRNemQ5LjRRTUxVYWVHTHVCVFVoNmtuc1F0UVdHZ3pJZWpDSnAxem1JbE9DMW1TY1UifQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: 859986c6ca2bee4f39918f17a31763de8819fbd59dd75014a30631b0683e5b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTM4MjIiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjEzODIyJTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRGRjNGY4YTVlLTA1NmEtNDg0ZC05YzE0LTY0Njk5MDI3MzAyNSJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakV6T0RJeUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd01EZzRNemQ5LjRRTUxVYWVHTHVCVFVoNmtuc1F0UVdHZ3pJZWpDSnAxem1JbE9DMW1TY1UifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=xFMWCQ==, md5=580C+km+tggSDMDwiM59GQ==
Date: Thu, 09 Dec 2021 07:07:17 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycduOasBZy-k8SJlnaBxzR6lFEmAf7Ty78FT1JrxRgjDpmzli-Dx-rwic-YE06EP17Xbp1TfCvgv-BkbanrtDOI15C8iJZA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 9164
Last-Modified: Fri, 03 Dec 2021 13:31:54 GMT
Server: UploadServer
ETag: "e7cd02fa49beb608120cc0f088ce7d19"
X-HW: 1639033637.dop203.am5.t,1639033637.cds287.am5.shn,1639033637.dop203.am5.t,1639033637.cds010.am5.c
x-goog-generation: 1638538314985389
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 9164
Accept-Ranges: bytes
Content-Type: text/css

GET
H/1.1 200
OK anvplayer.min.js Show response
w3.mp.lura.live/player/prod/v3/9f486f97/scripts/ Frame B1A7 2 MB
649 KB 43ms
15ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTY0MzkiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZwcGlkPTcyYTEzZTljLTUwY2QtNDNmYS05YzAxLWJiMzI2NTMzMDA0MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjE2NDM5JTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRDJmNDZiNDc1LWE2YmEtNDY4Ny04ODI1LWQ1MGI0NGRkZGQ4NiUyNmFtem5iaWQlM0R2X2U3d3IyOCUyNmFtem5paWQlM0RJb1FpREhSVmFnVlNFWGhnSHp1eFhHRUFBQUY5bmNYa2JRRUFBQTFTQkkwS3VHNCUyNmFtem5wJTNEMTkwbm9qayJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakUyTkRNNUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd016RTJOVE45LkpSeWlVY1QtemxESmpwRFI3UzdXS1JCNjhxQ1BlemJSNXdEZUZYaGN4eHMifQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: af39b4d8dfd27cbd91c943dc79268f6fa625840e57f093c5f24b774bfc601d9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTY0MzkiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZwcGlkPTcyYTEzZTljLTUwY2QtNDNmYS05YzAxLWJiMzI2NTMzMDA0MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjE2NDM5JTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRDJmNDZiNDc1LWE2YmEtNDY4Ny04ODI1LWQ1MGI0NGRkZGQ4NiUyNmFtem5iaWQlM0R2X2U3d3IyOCUyNmFtem5paWQlM0RJb1FpREhSVmFnVlNFWGhnSHp1eFhHRUFBQUY5bmNYa2JRRUFBQTFTQkkwS3VHNCUyNmFtem5wJTNEMTkwbm9qayJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakUyTkRNNUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd016RTJOVE45LkpSeWlVY1QtemxESmpwRFI3UzdXS1JCNjhxQ1BlemJSNXdEZUZYaGN4eHMifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=ucyR1g==, md5=EkA4UUfj9WE9wOFXtf1MTg==
Date: Thu, 09 Dec 2021 07:07:17 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdsg-3WEtOQDIE-TbXHKQbWfhpmPfL4J9QkahQcAexV5ZC8s425nCTf5ePIolTli3XyJZ5Bw00PhBj7242mK1uuUYMnsHw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 664272
Last-Modified: Fri, 03 Dec 2021 13:31:53 GMT
Server: UploadServer
ETag: "1240385147e3f5613dc0e157b5fd4c4e"
X-HW: 1639033637.dop224.am5.shc,1639033637.dop224.am5.t,1639033637.cds291.am5.c
x-goog-generation: 1638538313320695
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 664272
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H/1.1 200
OK anvhtml5.css
w3.mp.lura.live/player/prod/v3/ Frame B1A7 47 KB
10 KB 33ms
15ms Stylesheet
text/css 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/anvhtml5.css
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTY0MzkiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZwcGlkPTcyYTEzZTljLTUwY2QtNDNmYS05YzAxLWJiMzI2NTMzMDA0MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjE2NDM5JTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRDJmNDZiNDc1LWE2YmEtNDY4Ny04ODI1LWQ1MGI0NGRkZGQ4NiUyNmFtem5iaWQlM0R2X2U3d3IyOCUyNmFtem5paWQlM0RJb1FpREhSVmFnVlNFWGhnSHp1eFhHRUFBQUY5bmNYa2JRRUFBQTFTQkkwS3VHNCUyNmFtem5wJTNEMTkwbm9qayJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakUyTkRNNUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd016RTJOVE45LkpSeWlVY1QtemxESmpwRFI3UzdXS1JCNjhxQ1BlemJSNXdEZUZYaGN4eHMifQ%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: 859986c6ca2bee4f39918f17a31763de8819fbd59dd75014a30631b0683e5b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTY0MzkiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZwcGlkPTcyYTEzZTljLTUwY2QtNDNmYS05YzAxLWJiMzI2NTMzMDA0MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjE2NDM5JTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRDJmNDZiNDc1LWE2YmEtNDY4Ny04ODI1LWQ1MGI0NGRkZGQ4NiUyNmFtem5iaWQlM0R2X2U3d3IyOCUyNmFtem5paWQlM0RJb1FpREhSVmFnVlNFWGhnSHp1eFhHRUFBQUY5bmNYa2JRRUFBQTFTQkkwS3VHNCUyNmFtem5wJTNEMTkwbm9qayJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakUyTkRNNUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd016RTJOVE45LkpSeWlVY1QtemxESmpwRFI3UzdXS1JCNjhxQ1BlemJSNXdEZUZYaGN4eHMifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=xFMWCQ==, md5=580C+km+tggSDMDwiM59GQ==
Date: Thu, 09 Dec 2021 07:07:17 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycduOasBZy-k8SJlnaBxzR6lFEmAf7Ty78FT1JrxRgjDpmzli-Dx-rwic-YE06EP17Xbp1TfCvgv-BkbanrtDOI15C8iJZA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 9164
Last-Modified: Fri, 03 Dec 2021 13:31:54 GMT
Server: UploadServer
ETag: "e7cd02fa49beb608120cc0f088ce7d19"
X-HW: 1639033637.dop203.am5.t,1639033637.cds287.am5.shn,1639033637.dop203.am5.t,1639033637.cds010.am5.c
x-goog-generation: 1638538314985389
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 9164
Accept-Ranges: bytes
Content-Type: text/css

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/46ac5f60/ Frame A8A7 336 KB
46 KB 38ms
38ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/78HGjCX5L7o?start=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6ec215ae1f79058f76e3ac67a8637b37baadf10dabcd5450b0cc8d0fa97934a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/78HGjCX5L7o?start=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47257
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:36:24 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/ Frame A8A7 219 KB
72 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/78HGjCX5L7o?start=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5498bc67ac496a3fc5af517d67021c41a5c96115e91bf953fc4d3e754b41ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/78HGjCX5L7o?start=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73167
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:36:24 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame A8A7 2 MB
526 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/78HGjCX5L7o?start=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d24f62c32af98af1804be380a821385f1f76220ff21c4207172ba9bbc2f7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/78HGjCX5L7o?start=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 538358
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:36:24 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/46ac5f60/fetch-polyfill.vflset/ Frame A8A7 8 KB
3 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/78HGjCX5L7o?start=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/78HGjCX5L7o?start=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:36:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A8A7 15 KB
16 KB 136ms
41ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/78HGjCX5L7o?start=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 157752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 11:18:05 GMT

GET
H2 200 vLroBA9ZBG3JwTvaOlibbtoPb6L4jqJl Show response
access.mp.lura.live/anvacks/ Frame E3D6 889 B
929 B 359ms
116ms XHR
application/json 35.224.142.165
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://access.mp.lura.live/anvacks/vLroBA9ZBG3JwTvaOlibbtoPb6L4jqJl?apikey=3hwbSuqqT690uxjNYBktSQpa5ZrpYYR0Iofx7NcJHyA
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.224.142.165 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 165.142.224.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e1ca3842b78cf3a51bc590016a670c93e44be67511f8e26054694510799f50b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://w3.mp.lura.live
date: Thu, 09 Dec 2021 07:07:18 GMT
access-control-allow-credentials: true
server: istio-envoy
x-envoy-upstream-service-time: 2
content-length: 889
content-type: application/json

GET
H2 200 vLroBA9ZBG3JwTvaOlibbtoPb6L4jqJl Show response
access.mp.lura.live/anvacks/ Frame B1A7 889 B
1 KB 264ms
116ms XHR
application/json 35.224.142.165
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://access.mp.lura.live/anvacks/vLroBA9ZBG3JwTvaOlibbtoPb6L4jqJl?apikey=3hwbSuqqT690uxjNYBktSQpa5ZrpYYR0Iofx7NcJHyA
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.224.142.165 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 165.142.224.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e1ca3842b78cf3a51bc590016a670c93e44be67511f8e26054694510799f50b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://w3.mp.lura.live
date: Thu, 09 Dec 2021 07:07:18 GMT
access-control-allow-credentials: true
server: istio-envoy
x-envoy-upstream-service-time: 2
content-length: 889
content-type: application/json

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
641 B 137ms
47ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gua.media&callback=_gfp_s_&client=ca-pub-5480543469340128

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5480543469340128&plah=gua.media

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

9bd1fe68687d635e94599589c8e439ee98cd24bc890dc4494ad70134eb63172b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 133ms
48ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gua.media

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 07:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 140ms
52ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gua.media

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 07:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgua.media%2Ftopic%2F44058%2F%25E8%258A%259D%25E5%258A%25A0%25E5%2593%25A5%25E4%25B8%2580%25E4%25B8%25AA%25E6%259C%2588%25E5%2586%2585%25E7%25AC%25AC%25E4%25B8%2589%25E4%25B8%25AA%25E4%25BA%259A%25E8%25A3%2594%25E6%2597%25A0%25E7%25AB%25AF%25E8%25A2%25AB%25E9%259D%259E%25E8%25A3%2594%25E6%259E%25AA%25E6%259D%2580-%25E6%258A%2595%25E7%25A5%25A8%25E7%25BB%2599%25E6%25B0%2591%25E4%25B8%25BB%25E5%2585%259A%25E7%259A%2584%25E4%25BA%259A%25E8%25A3%2594%25E4%25BD%25A0%25E4%25BB%25AC%25E4%25BB%2580%25E4%25B9%2588%25E6%2597%25B6%25E5%2580%2599%25E8%2583%25BD%25E9%2586%2592-%25E8%25A7%2586%25E9%25A2%2591%2F1&tn=NAV&id=header-menu&cls=navbar%20navbar-default%20navbar-fixed-top%20header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 07:07:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3570 25 KB
6 KB 190ms
142ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5480543469340128&output=html&adk=1812271804&adf=3025194257&lmt=1639033638&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgua.media%2Ftopic%2F44058%2F%25E8%258A%259D%25E5%258A%25A0%25E5%2593%25A5%25E4%25B8%2580%25E4%25B8%25AA%25E6%259C%2588%25E5%2586%2585%25E7%25AC%25AC%25E4%25B8%2589%25E4%25B8%25AA%25E4%25BA%259A%25E8%25A3%2594%25E6%2597%25A0%25E7%25AB%25AF%25E8%25A2%25AB%25E9%259D%259E%25E8%25A3%2594%25E6%259E%25AA%25E6%259D%2580-%25E6%258A%2595%25E7%25A5%25A8%25E7%25BB%2599%25E6%25B0%2591%25E4%25B8%25BB%25E5%2585%259A%25E7%259A%2584%25E4%25BA%259A%25E8%25A3%2594%25E4%25BD%25A0%25E4%25BB%25AC%25E4%25BB%2580%25E4%25B9%2588%25E6%2597%25B6%25E5%2580%2599%25E8%2583%25BD%25E9%2586%2592-%25E8%25A7%2586%25E9%25A2%2591%2F1&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639033637824&bpp=3&bdt=838&idt=319&shv=r20211207&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6381210489534&frm=20&pv=2&ga_vid=1680590789.1639033638&ga_sid=1639033638&ga_hid=1069587479&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C31063858&oid=2&pvsid=4394669239311329&pem=35&tmod=17&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=343

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c240e50cc2336dd065d8cc675d4f3d44b03e22064a650a1ade27b55f782d0834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 09 Dec 2021 07:07:18 GMT
server: cafe
content-length: 5931
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 09 Dec 2021 07:07:18 GMT
cache-control: private

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A8A7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

45ms
45ms

XHR
application/json

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/78HGjCX5L7o?start=

Protocol

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0618e494e2482b4221278ae3af987f7c2d42ba6bc326801b735d2b21baa9cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 09 Dec 2021 07:07:18 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A8A7 29 B
588 B 122ms
37ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:57:25 GMT
x-content-type-options: nosniff
age: 593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Dec 2021 07:12:25 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame A8A7 94 KB
29 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8d2d5f209843357c521bc9e45c43341f93933bd4ac31f7b4024931a62e82af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/78HGjCX5L7o?start=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29831
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:44:25 GMT

GET
H2 200 rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js Show response
www.google.com/js/th/ Frame A8A7 35 KB
14 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad609f7412bd864afe19e2e3f5046e0aca37045723940a4c84697b9d0e8c491c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 06:08:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13412
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 06:08:16 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/ Frame A8A7 24 KB
7 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0a5e84d37c0709a0ee28281b1678c168ade905efb0edd03c9aaffbf8614d144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/78HGjCX5L7o?start=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7357
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 17:33:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 07 Dec 2022 19:36:26 GMT

GET
DATA 200
OK truncated
/ Frame A8A7 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQY-8lbu_DpWWafrJq5rHR26GwTxW-BjGe7y-4xWA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A8A7 2 KB
3 KB 125ms
37ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQY-8lbu_DpWWafrJq5rHR26GwTxW-BjGe7y-4xWA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/78HGjCX5L7o?start=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

35760a0360e76544a9cfd3ba5390b3480d602c710c1b92f5c23e4bab9815124d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 05:39:18 GMT
x-content-type-options: nosniff
age: 5280
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2202
x-xss-protection: 0
server: fife
etag: "v1861"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 17 Nov 2021 17:15:10 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/78HGjCX5L7o/ Frame A8A7 24 KB
25 KB 133ms
47ms Image
image/webp 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/78HGjCX5L7o/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/78HGjCX5L7o?start=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcfd69627d561d95783543e41c60ce8e0ab36ff46aaf432f539b82daa799c405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24836
x-xss-protection: 0
server: sffe
etag: "1638919412"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Dec 2021 07:12:18 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A8A7 4 KB
3 KB 137ms
54ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Dec 2021 07:07:18 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A8A7 0
9 B 39ms
37ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?BfjgoQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/78HGjCX5L7o?start=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/78HGjCX5L7o?start=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 server_time Show response
tkx.mp.lura.live/rest/v2/ Frame B1A7 28 B
89 B 369ms
128ms XHR
application/json 35.209.67.224
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://tkx.mp.lura.live/rest/v2/server_time?anvack=vLroBA9ZBG3JwTvaOlibbtoPb6L4jqJl&anvtrid=w9f486f9700d1d0ab6bbd471d340b9f20
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.67.224 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 224.67.209.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 8d00a1a5a620b646f82f0ff47ee01b034878067a31e963ec5d8c1dddea341bf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
via: 1.1 google
server: istio-envoy
content-type: application/json
access-control-allow-origin: https://w3.mp.lura.live
access-control-allow-credentials: true
x-onetkx-ver: ~~~~
x-envoy-upstream-service-time: 3
alt-svc: clear

GET
H2 200 server_time Show response
tkx.mp.lura.live/rest/v2/ Frame E3D6 28 B
216 B 368ms
127ms XHR
application/json 35.209.67.224
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://tkx.mp.lura.live/rest/v2/server_time?anvack=vLroBA9ZBG3JwTvaOlibbtoPb6L4jqJl&anvtrid=w9f486f977ddb72b0bfb36b40575a0ce8
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.67.224 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 224.67.209.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 8d00a1a5a620b646f82f0ff47ee01b034878067a31e963ec5d8c1dddea341bf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
via: 1.1 google
server: istio-envoy
content-type: application/json
access-control-allow-origin: https://w3.mp.lura.live
access-control-allow-credentials: true
x-onetkx-ver: ~~~~
x-envoy-upstream-service-time: 3
alt-svc: clear

GET
H/1.1 200
OK / Show response
gua.media/socket.io/ 99 B
303 B 152ms
152ms XHR
text/plain 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gua.media/socket.io/?EIO=3&transport=polling&t=NsU18vR
Requested by: Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-229-83.us-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 91d1617e85be431120f060aa741577f5660b69603adb8f5dd830892284d5626b

Request headers

Accept: */*
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Dec 2021 07:07:18 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 99
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK modules.json Show response
gua.media/assets/language/zh-CN/ 3 KB
4 KB 152ms
152ms XHR
application/json 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/language/zh-CN/modules.json?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

c536444c5b5dad1ab57e9554beb77255bd5f9ecb6ed0359f4b80d9a89ce90b54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 3266
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:48:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"cc2-17c91f14dd9"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/json; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame A8A7 52 KB
15 KB 84ms
38ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 16:37:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 09 Dec 2021 16:37:00 GMT

GET
H/1.1 200
OK error.json Show response
gua.media/assets/language/zh-CN/ 11 KB
11 KB 151ms
151ms XHR
application/json 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/language/zh-CN/error.json?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

2102c5b2944e0c392947ce586022eb776295d121f851e8327144deeb4ee56747

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 11012
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:48:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"2b04-17c91f14dc5"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/json; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 28ms
6ms Script
application/javascript 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (frb/6752)
Age: 171
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H/1.1 200
OK api.js Show response
gua.media/assets/src/modules/ 1 KB
2 KB 152ms
152ms Script
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/api.js?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

f725b1589eaf6b1f9cb3c0587ce4dd1b743bd95cfdb68e6443d543bfc3000a20

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1046
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:46 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"416-17c91f10f35"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK drafts.js Show response
gua.media/assets/src/modules/composer/ 4 KB
5 KB 270ms
152ms Script
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/composer/drafts.js?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e718807e587606f521d1894b29c1643cc25743c5630ef7cb1eab7992989d7b50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 4200
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"1068-17c91f10849"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 4460 319 KB
103 KB 7ms
7ms Document
text/html 192.229.233.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fgua.media
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.25 Playa Vista, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6739) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 211810
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 09 Dec 2021 07:07:18 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6739)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4460 232 B
448 B 140ms
119ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=3e5337882800ed68d3a858927d08f2304696745f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fgua.media

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 112
date: Thu, 09 Dec 2021 07:07:18 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 07:07:18 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: d192cbd3c78f327a8fe585e7c62b0e4843a0157643cd7551f40f73f4e3803c23
content-length: 166

GET
H/1.1 200
OK / Show response
gua.media/socket.io/ 66 B
270 B 154ms
150ms XHR
text/plain 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gua.media/socket.io/?EIO=3&transport=polling&t=NsU18xt&sid=iHu1quGfTRj6ffFTBsIH
Requested by: Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-229-83.us-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 030f6f4c06a41fc7fb90257c3eae35b043299b876b7a2aba987939d8e5a60088

Request headers

Accept: */*
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Dec 2021 07:07:18 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 66
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK language.json Show response
gua.media/assets/language/zh-CN/ 50 B
686 B 154ms
154ms XHR
application/json 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/language/zh-CN/language.json?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

e86ab4fac9accc234ae70623db5262c0fecb8353f8e0135018139d6cbafbdd8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 50
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:48:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"32-17c91f14dd9"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/json; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK taskbar.js Show response
gua.media/assets/templates/modules/ 561 B
1 KB 151ms
151ms Script
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/templates/modules/taskbar.js?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

85c731335cb155ce9586c42b54bb17da38a48492902481c252447970064d9667

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 561
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:58 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"231-17c91f13c85"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.timeago.zh-CN.js Show response
gua.media/assets/src/modules/timeago/locales/ 583 B
1 KB 151ms
151ms Script
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/timeago/locales/jquery.timeago.zh-CN.js?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

0e7659842e66f19e04ca8bc0529c7b0708f7cffbe40f956e459ffb0ba5c41003

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 583
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"247-17c91f10849"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK / Show response
gua.media/socket.io/ 3 B
206 B 546ms
546ms XHR
text/plain 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gua.media/socket.io/?EIO=3&transport=polling&t=NsU18-K&sid=iHu1quGfTRj6ffFTBsIH
Requested by: Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-229-83.us-west-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept: */*
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Dec 2021 07:07:19 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 3
Content-Type: text/plain; charset=UTF-8

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E3D6 375 KB
124 KB 344ms
54ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126530
x-xss-protection: 0
expires: Thu, 09 Dec 2021 07:07:19 GMT

POST
H2 200 7213822 Show response
tkx.mp.lura.live/rest/v2/mcp/video/ Frame E3D6 14 KB
14 KB 141ms
141ms XHR
application/x-javascript 35.209.67.224
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://tkx.mp.lura.live/rest/v2/mcp/video/7213822?anvack=vLroBA9ZBG3JwTvaOlibbtoPb6L4jqJl&anvtrid=w9f486f971ba650244c17a6a6688b676e&rtyp=fp&X-Anvato-Adst-Auth=mTfYJEtbZ7zX3ZuYNqZWB%2B9ZzNwwbrq1wyjRJf6%2BkFeaWJ3TPEoq2cr0tw8Mx73R%2BjGSQ0Ge0O0aT9GS520q5Q%3D%3D
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.67.224 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 224.67.209.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e0841beb473b9cdb1b46423472c8e0a80abc8ab37814cb0e67c63f15f900651b

Request headers

Referer: https://w3.mp.lura.live/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
via: 1.1 google
server: istio-envoy
content-type: application/x-javascript
access-control-allow-origin: https://w3.mp.lura.live
access-control-allow-credentials: true
x-onetkx-ver: ~~~~
x-envoy-upstream-service-time: 20
alt-svc: clear

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B1A7 375 KB
124 KB 381ms
143ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126530
x-xss-protection: 0
expires: Thu, 09 Dec 2021 07:07:19 GMT

POST
H2 200 7216439 Show response
tkx.mp.lura.live/rest/v2/mcp/video/ Frame B1A7 14 KB
14 KB 142ms
142ms XHR
application/x-javascript 35.209.67.224
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://tkx.mp.lura.live/rest/v2/mcp/video/7216439?anvack=vLroBA9ZBG3JwTvaOlibbtoPb6L4jqJl&anvtrid=w9f486f978e83b31d3ea156e00d51f641&rtyp=fp&X-Anvato-Adst-Auth=CzzwQnArcXY0ze7wWzfUXh1tFcxo0ec%2FD7aVB%2FfUEeVz77%2FpUgJkvy9mLQIVpE95azYxv0a9w6iiClS%2BuV28rQ%3D%3D
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.209.67.224 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 224.67.209.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 5f50c507f91e7780daa5001dccb0fa0369a972e9c3c9bcd4ab89b4d5a574d9ef

Request headers

Referer: https://w3.mp.lura.live/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
via: 1.1 google
server: istio-envoy
content-type: application/x-javascript
access-control-allow-origin: https://w3.mp.lura.live
access-control-allow-credentials: true
x-onetkx-ver: ~~~~
x-envoy-upstream-service-time: 21
alt-svc: clear

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 99ms
53ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b06b1f6c3a1932f34b32c00c00f7e635aeb897e0a045197f47039e44d19e938f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 07:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8684
x-xss-protection: 0

GET
H/1.1 200
OK pulling.js Show response
gua.media/assets/src/modules/ 10 KB
10 KB 152ms
152ms Script
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/pulling.js?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

36719929156b29b16afa1c63d3a9b991869fb9a4751f987324894b7245262d1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 9823
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"265f-17c91f108d1"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK global.json Show response
gua.media/assets/language/zh-CN/ 4 KB
4 KB 151ms
151ms XHR
application/json 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/language/zh-CN/global.json?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

de05e57cd7f99c2384cd286f4d885dfa4e18dab3ba02c2b1ad2aa4419bd9d418

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:18 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 3731
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:48:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"e93-17c91f14dc9"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/json; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?_=1639033638483

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e649774b3f57606130ff4fb9d164501c7a2353a64104b206caa61fab58b9f98d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51938
x-xss-protection: 0
server: cafe
etag: 13186939351681265818
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 07:07:18 GMT

GET
H/1.1 200
OK highlight.js Show response
gua.media/assets/src/modules/ 45 KB
46 KB 153ms
153ms Script
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/highlight.js?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

079d1ce97042bd9131366bfa7fc499577fc1e36fddfd358a586499454e72e8fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:19 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 46059
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"b3eb-17c91f1098d"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK highlightjs-line-numbers.js Show response
gua.media/assets/src/modules/ 2 KB
3 KB 153ms
153ms Script
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/src/modules/highlightjs-line-numbers.js?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

c0ac011e5df6196c4280c3509cd46fd0aa2d5a0c5bcef171580fcaeb21e75a29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:19 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2119
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"847-17c91f10835"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H/1.1 200
OK share.js Show response
gua.media/assets/templates/partials/nodebb-plugin-share-social-gua/ 1 KB
2 KB 153ms
153ms Script
application/javascript 54.241.229.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gua.media/assets/templates/partials/nodebb-plugin-share-social-gua/share.js?v=7a27b8mbqpc

Requested by

Host: gua.media
URL: https://gua.media/assets/nodebb.min.js?v=7a27b8mbqpc

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.241.229.83 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-241-229-83.us-west-1.compute.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) / NodeBB

Resource Hash

db889a3046c1c11fe0ce10d282b64cf8a34d93a792189623ad6bd2baaa1f66ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/topic/44058/%E8%8A%9D%E5%8A%A0%E5%93%A5%E4%B8%80%E4%B8%AA%E6%9C%88%E5%86%85%E7%AC%AC%E4%B8%89%E4%B8%AA%E4%BA%9A%E8%A3%94%E6%97%A0%E7%AB%AF%E8%A2%AB%E9%9D%9E%E8%A3%94%E6%9E%AA%E6%9D%80-%E6%8A%95%E7%A5%A8%E7%BB%99%E6%B0%91%E4%B8%BB%E5%85%9A%E7%9A%84%E4%BA%9A%E8%A3%94%E4%BD%A0%E4%BB%AC%E4%BB%80%E4%B9%88%E6%97%B6%E5%80%99%E8%83%BD%E9%86%92-%E8%A7%86%E9%A2%91/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 07:07:19 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: NodeBB
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1509
X-XSS-Protection: 0
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 18 Oct 2021 05:47:58 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"5e5-17c91f13cb5"
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=5184000
Content-Security-Policy: frame-ancestors 'self'
Accept-Ranges: bytes

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 143ms
59ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 09 Dec 2021 07:07:19 GMT

GET
H2 200 master.m3u8 Show response
dcs-vod.mp.lura.live/vod/p/ Frame E3D6 333 B
303 B 153ms
112ms XHR
application/json 35.244.172.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-vod.mp.lura.live/vod/p/master.m3u8?encp=HWyowAdspvzCnlUy8mnkCw:Xz2FevZPrVxSR4u5J6Sh_4Wu_feWsOoNpIh-oopNciYdBuTtO2Sc2KLgJaJvd3oB8DlppDTws3W-lTRCuTNWCVHnkZ-ud1Ifu81olqjIkcrpaiH-kvyoi_x1BkHOWhSMwU5haX9JQSnaI5IDLn7otMI9Yc3uJM25DjJY_BWG_ZqCqjdn-RVa4IV-rkyY8qonN7HRlw6Fyc-TpRKcZ26czqL62KtOPQCuWHUB4mGfP7-qchLjHXtBW7oL1kzWZIF2e8ooOVFgJBIAwz7BfOr5UPJyHw32RiMSwuW2veKV4-lkQ4pcBRK_3GAL4VXGUAG3y1Tk4BIWwkvqj4JsVexsZ7u-DdksUeuj2ZewCa7KujwkP_Z0bCTx7Mz4sg2cFa5BEzDvNYFDT2-ipm8Bmk56HQ&anvtrid=c5bb088cd5cbd8e632bb8359f93aba07&anvauth=tb=0~te=1639033728~sgn=3c588867518f2b7c50915fe9b22b7bd7f39f03fe1cf8e889508b250ed83fd35d&t=1639033638&_vpng=0
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.172.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 227.172.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 66b49367038935213a885e9124e03f6b634babe7b8c7a49de6d87a8ee3388ca9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
content-type: application/json
server: nginx
access-control-allow-origin: https://w3.mp.lura.live
x-anv-ver: ~~
vary: Accept-Encoding
vmap-check-d-tracking: 0
vmap-check-t-tracking: 0
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-anv-auth-status: valid
alt-svc: clear
via: 1.1 google

GET
H2 200 master.m3u8 Show response
dcs-vod.mp.lura.live/vod/p/ Frame B1A7 321 B
487 B 151ms
112ms XHR
application/json 35.244.172.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dcs-vod.mp.lura.live/vod/p/master.m3u8?encp=LrF9rUSLHC6e5tMVoUiJUg:bn1Nx0c7DdOcpvbfRXazL-MvOLDwNDVM51NCq7gBpDOPBYo9owLGthO6-gz5rqHg2VolM2qCD6Wt84nGj4EEJ-I9xyk9yhJSKnpLsI7uoGZ5JzTBsRVHVqDlkv5ji1Ljhns6NBg4-zKq2qINRdgJyx0y9mFUxn6lI1QwrG4xk7dHekKjW43kPuxMvwYt9SrSzhj0Y6z-b2QadkfHmbiNwwNE6BXurqNofAKDlm0SGDgTAuTzOnPbkamPqszcenM-IgpGO_i15q0EbozK4pd59h6dUo8Ydcy_88LD0CRMN6SkgDbBOTOyvzyV5CyJ7bIAq3uP-W-p-WtPyHjqcVB9VFL4niPeh0uNlhuaaTjrgPAntmsG_gDtTtqH5XUEbtgzlwBmMU593b4DTkGEeu6d-A&anvtrid=f47975bea9d2005a55c534a7d4247ed9&anvauth=tb=0~te=1639033728~sgn=3c588867518f2b7c50915fe9b22b7bd7f39f03fe1cf8e889508b250ed83fd35d&t=1639033638&_vpng=0
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.172.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 227.172.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9be210727903067f32a617f95fe1196d36e7cc74a34fc4bc5d0ada047fc7edee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
content-type: application/json
server: nginx
access-control-allow-origin: https://w3.mp.lura.live
x-anv-ver: ~~
vary: Accept-Encoding
vmap-check-d-tracking: 0
vmap-check-t-tracking: 0
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-anv-auth-status: valid
alt-svc: clear
via: 1.1 google

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 30BB 13 KB
5 KB 92ms
38ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 08 Dec 2021 23:25:55 GMT
expires: Thu, 08 Dec 2022 23:25:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 11B3 783 B
536 B 102ms
51ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2631d5da88a6264e01949a96289fe01001017c7c9864c0e141a79dbaae0c730b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4gXjFXX9ExNPFZnr/KNj3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 09 Dec 2021 07:07:19 GMT
date: Thu, 09 Dec 2021 07:07:19 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4gXjFXX9ExNPFZnr/KNj3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ggcmb500.js Show response
secure-us.imrworldwide.com/novms/js/2/ Frame B1A7 2 KB
1 KB 118ms
32ms Script
application/javascript 34.250.37.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-us.imrworldwide.com/novms/js/2/ggcmb500.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.37.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-37-38.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1804940bab9497accd774bf71ed5777ac803859c10efc54e312c4457fc616427

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 15:15:21 GMT
server: nginx
etag: "6197bf89-353"
access-control-allow-methods: POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 851

GET
H/1.1 200
OK anvatoextension.js Show response
w3.mp.lura.live/player/prod/v3/9f486f97/lib/ Frame B1A7 288 B
983 B 17ms
17ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/lib/anvatoextension.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTY0MzkiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZwcGlkPTcyYTEzZTljLTUwY2QtNDNmYS05YzAxLWJiMzI2NTMzMDA0MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjE2NDM5JTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRDJmNDZiNDc1LWE2YmEtNDY4Ny04ODI1LWQ1MGI0NGRkZGQ4NiUyNmFtem5iaWQlM0R2X2U3d3IyOCUyNmFtem5paWQlM0RJb1FpREhSVmFnVlNFWGhnSHp1eFhHRUFBQUY5bmNYa2JRRUFBQTFTQkkwS3VHNCUyNmFtem5wJTNEMTkwbm9qayJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakUyTkRNNUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd016RTJOVE45LkpSeWlVY1QtemxESmpwRFI3UzdXS1JCNjhxQ1BlemJSNXdEZUZYaGN4eHMifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=GsSnlg==, md5=iK4RmR1W/ZkNQKV+NmfhEw==
Date: Thu, 09 Dec 2021 07:07:19 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdsWV-YeHGPutJRpEL9dWsc4GIw8wXD9qCzmvGlrHaKe6d9C7BQo4WXAdKOL-cUBAnC4Zm8ywnz74kFaKUWIdZ433NWWBw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 195
Last-Modified: Fri, 03 Dec 2021 13:31:47 GMT
Server: UploadServer
ETag: "88ae11991d56fd990d40a57e3667e113"
X-HW: 1639033637.dop224.am5.shc,1639033639.dop224.am5.t,1639033639.cds015.am5.c
x-goog-generation: 1638538307322744
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 195
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H/1.1 200
OK streamsense.4.1412.05.min.js Show response
w3.mp.lura.live/player/prod/v3/9f486f97/lib/ Frame B1A7 28 KB
10 KB 18ms
18ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/lib/streamsense.4.1412.05.min.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: a58e3a7f70f9ff30b74124150cfdd6ecf164baffe00eea93cb1c3f26f5d058b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTY0MzkiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZwcGlkPTcyYTEzZTljLTUwY2QtNDNmYS05YzAxLWJiMzI2NTMzMDA0MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjE2NDM5JTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRDJmNDZiNDc1LWE2YmEtNDY4Ny04ODI1LWQ1MGI0NGRkZGQ4NiUyNmFtem5iaWQlM0R2X2U3d3IyOCUyNmFtem5paWQlM0RJb1FpREhSVmFnVlNFWGhnSHp1eFhHRUFBQUY5bmNYa2JRRUFBQTFTQkkwS3VHNCUyNmFtem5wJTNEMTkwbm9qayJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakUyTkRNNUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd016RTJOVE45LkpSeWlVY1QtemxESmpwRFI3UzdXS1JCNjhxQ1BlemJSNXdEZUZYaGN4eHMifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=s9yKGw==, md5=XHt1C7lJrvO7vjMd6ijXEg==
Date: Thu, 09 Dec 2021 07:07:19 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdsbjT4nUTaqqggyBYckYsQUa4G41aNAhWd8UlMvQR7KBhk1tQMFdUcA4KzLgnVlKCQpm64Zf4YASHROwQpPK_poiEAGAQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 8915
Last-Modified: Fri, 03 Dec 2021 13:31:49 GMT
Server: UploadServer
ETag: "5c7b750bb949aef3bbbe331dea28d712"
X-HW: 1639033637.dop113.am5.t,1639033637.cds291.am5.shn,1639033639.dop113.am5.t,1639033639.cds232.am5.c
x-goog-generation: 1638538309362460
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 8915
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame B1A7 49 KB
20 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5541
date: Thu, 09 Dec 2021 05:34:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Dec 2021 07:34:58 GMT

GET
H/1.1 200
OK healthanalytics.js Show response
w3.mp.lura.live/player/prod/v3/9f486f97/experiments/ Frame B1A7 52 B
882 B 18ms
17ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/experiments/healthanalytics.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: e0c22c3a0050e50b95afee5c0dc7785e864d2500f1685aff40d200ab3f91df05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTY0MzkiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZwcGlkPTcyYTEzZTljLTUwY2QtNDNmYS05YzAxLWJiMzI2NTMzMDA0MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjE2NDM5JTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRDJmNDZiNDc1LWE2YmEtNDY4Ny04ODI1LWQ1MGI0NGRkZGQ4NiUyNmFtem5iaWQlM0R2X2U3d3IyOCUyNmFtem5paWQlM0RJb1FpREhSVmFnVlNFWGhnSHp1eFhHRUFBQUY5bmNYa2JRRUFBQTFTQkkwS3VHNCUyNmFtem5wJTNEMTkwbm9qayJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakUyTkRNNUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd016RTJOVE45LkpSeWlVY1QtemxESmpwRFI3UzdXS1JCNjhxQ1BlemJSNXdEZUZYaGN4eHMifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=QkYWYA==, md5=5Xk3Lq4cSUoBjtiMu3yKOg==
Date: Thu, 09 Dec 2021 07:07:19 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdssW8Orhm4iu4Oc2ci8vFqeR8VpoiWFRvQnxGbiag2WHlCpsQdBrld69LV-4IOtjsan1YVT0Gnz-Xy5Sak0-Ebtv32uQw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 72
Last-Modified: Fri, 03 Dec 2021 13:31:39 GMT
Server: UploadServer
ETag: "e579372eae1c494a018ed88cbb7c8a3a"
X-HW: 1639033637.dop203.am5.t,1639033637.cds287.am5.shn,1639033639.dop203.am5.t,1639033639.cds274.am5.c
x-goog-generation: 1638538299988015
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 72
Accept-Ranges: bytes
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ Frame B1A7 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame B1A7 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 74B405120D6BD7E00098E4BF15452CCA.jpg
m104216-ucdn.mp.lura.live/iupl_lin/74B/405/ Frame B1A7 142 KB
143 KB 436ms
390ms Image
image/jpeg 34.117.216.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-ucdn.mp.lura.live/iupl_lin/74B/405/74B405120D6BD7E00098E4BF15452CCA.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=-FUfslksZB0_p6Zf1VYSVU-0xvk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.216.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.216.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9def22b041e07eab02739bdc6098e2c4247733973d4ff1c16fb8df165653ee1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
x-guploader-uploadid: ADPycdtZhmw4LUiTEPb3TUByclz4ePSSzeJ0WYSJz-stJ-vBgTrZE7VuRlG6VjUp1UMW8ORYVPJ-RM6DtmLRzedKHLsOOOkU_g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 145911
last-modified: Thu, 09 Dec 2021 03:03:29 GMT
server: UploadServer
etag: "6b8bf79b05db3c7d653b3df120211914"
x-goog-hash: crc32c=hS43NQ==, md5=a4v3mwXbPH1lOz3xICEZFA==
x-goog-generation: 1639019009015361
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 145911
accept-ranges: bytes
content-type: image/jpeg

GET
DATA 200
OK truncated
/ Frame E3D6 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame E3D6 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ggcmb500.js Show response
secure-us.imrworldwide.com/novms/js/2/ Frame E3D6 2 KB
1 KB 88ms
32ms Script
application/javascript 34.250.37.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-us.imrworldwide.com/novms/js/2/ggcmb500.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.37.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-37-38.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1804940bab9497accd774bf71ed5777ac803859c10efc54e312c4457fc616427

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 15:15:21 GMT
server: nginx
etag: "6197bf89-353"
access-control-allow-methods: POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 851

GET
H/1.1 200
OK anvatoextension.js Show response
w3.mp.lura.live/player/prod/v3/9f486f97/lib/ Frame E3D6 288 B
1007 B 18ms
17ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/lib/anvatoextension.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTM4MjIiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjEzODIyJTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRGRjNGY4YTVlLTA1NmEtNDg0ZC05YzE0LTY0Njk5MDI3MzAyNSJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakV6T0RJeUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd01EZzRNemQ5LjRRTUxVYWVHTHVCVFVoNmtuc1F0UVdHZ3pJZWpDSnAxem1JbE9DMW1TY1UifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=GsSnlg==, md5=iK4RmR1W/ZkNQKV+NmfhEw==
Date: Thu, 09 Dec 2021 07:07:19 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdsWV-YeHGPutJRpEL9dWsc4GIw8wXD9qCzmvGlrHaKe6d9C7BQo4WXAdKOL-cUBAnC4Zm8ywnz74kFaKUWIdZ433NWWBw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 195
Last-Modified: Fri, 03 Dec 2021 13:31:47 GMT
Server: UploadServer
ETag: "88ae11991d56fd990d40a57e3667e113"
X-HW: 1639033637.dop113.am5.t,1639033637.cds291.am5.shn,1639033639.dop113.am5.t,1639033639.cds015.am5.c
x-goog-generation: 1638538307322744
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 195
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H/1.1 200
OK streamsense.4.1412.05.min.js Show response
w3.mp.lura.live/player/prod/v3/9f486f97/lib/ Frame E3D6 28 KB
10 KB 17ms
16ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/lib/streamsense.4.1412.05.min.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: a58e3a7f70f9ff30b74124150cfdd6ecf164baffe00eea93cb1c3f26f5d058b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTM4MjIiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjEzODIyJTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRGRjNGY4YTVlLTA1NmEtNDg0ZC05YzE0LTY0Njk5MDI3MzAyNSJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakV6T0RJeUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd01EZzRNemQ5LjRRTUxVYWVHTHVCVFVoNmtuc1F0UVdHZ3pJZWpDSnAxem1JbE9DMW1TY1UifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=s9yKGw==, md5=XHt1C7lJrvO7vjMd6ijXEg==
Date: Thu, 09 Dec 2021 07:07:19 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdsbjT4nUTaqqggyBYckYsQUa4G41aNAhWd8UlMvQR7KBhk1tQMFdUcA4KzLgnVlKCQpm64Zf4YASHROwQpPK_poiEAGAQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 8915
Last-Modified: Fri, 03 Dec 2021 13:31:49 GMT
Server: UploadServer
ETag: "5c7b750bb949aef3bbbe331dea28d712"
X-HW: 1639033637.dop203.am5.t,1639033637.cds287.am5.shn,1639033639.dop203.am5.t,1639033639.cds232.am5.c
x-goog-generation: 1638538309362460
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 8915
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E3D6 49 KB
20 KB 136ms
80ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5541
date: Thu, 09 Dec 2021 05:34:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Dec 2021 07:34:58 GMT

GET
H/1.1 200
OK healthanalytics.js Show response
w3.mp.lura.live/player/prod/v3/9f486f97/experiments/ Frame E3D6 52 B
858 B 18ms
17ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/experiments/healthanalytics.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: e0c22c3a0050e50b95afee5c0dc7785e864d2500f1685aff40d200ab3f91df05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTM4MjIiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjEzODIyJTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRGRjNGY4YTVlLTA1NmEtNDg0ZC05YzE0LTY0Njk5MDI3MzAyNSJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakV6T0RJeUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd01EZzRNemQ5LjRRTUxVYWVHTHVCVFVoNmtuc1F0UVdHZ3pJZWpDSnAxem1JbE9DMW1TY1UifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=QkYWYA==, md5=5Xk3Lq4cSUoBjtiMu3yKOg==
Date: Thu, 09 Dec 2021 07:07:19 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdssW8Orhm4iu4Oc2ci8vFqeR8VpoiWFRvQnxGbiag2WHlCpsQdBrld69LV-4IOtjsan1YVT0Gnz-Xy5Sak0-Ebtv32uQw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 72
Last-Modified: Fri, 03 Dec 2021 13:31:39 GMT
Server: UploadServer
ETag: "e579372eae1c494a018ed88cbb7c8a3a"
X-HW: 1639033637.dop224.am5.shc,1639033639.dop224.am5.t,1639033639.cds274.am5.c
x-goog-generation: 1638538299988015
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 72
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H2 200 3179903F4840DAD5EE68EFACDC3EB18A.jpg
m104216-ucdn.mp.lura.live/iupl_lin/317/990/ Frame E3D6 532 KB
533 KB 36ms
18ms Image
image/jpeg 34.117.216.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-ucdn.mp.lura.live/iupl_lin/317/990/3179903F4840DAD5EE68EFACDC3EB18A.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=Xk74dkF6hV8Lm0KJ-LMC2thbqww
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.216.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.216.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6d0018d957c8b0fd7c83a012a2a0d5eea54a8ba95c67cb232dee807c0d5f2af6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:34:17 GMT
age: 1982
x-guploader-uploadid: ADPycduZbs5Hu4BtxRi2E2sIrKR6MVXWGJ_ldyUp96SUkrAZtxG4pgu99J-B0JrAOxMlIM55ADRKzoclx7v5bt704w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 544753
last-modified: Wed, 08 Dec 2021 12:22:29 GMT
server: UploadServer
etag: "01140e8cab3bce7bedd5929ae5342278"
x-goog-hash: crc32c=NRvqIA==, md5=ARQOjKs7znvt1ZKa5TQieA==
x-goog-generation: 1638966149982034
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 544753
accept-ranges: bytes
content-type: image/jpeg

GET
H3 200 bridge3.491.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9934 596 KB
194 KB 102ms
55ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Wed, 08 Dec 2021 06:43:36 GMT
expires: Thu, 08 Dec 2022 06:43:36 GMT
last-modified: Wed, 08 Dec 2021 06:40:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 87823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E3D6 44 KB
17 KB 161ms
55ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Dec 2021 07:07:19 GMT

GET
H3 200 bridge3.491.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F7B7 596 KB
194 KB 80ms
52ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Wed, 08 Dec 2021 06:43:36 GMT
expires: Thu, 08 Dec 2022 06:43:36 GMT
last-modified: Wed, 08 Dec 2021 06:40:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 87823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B1A7 44 KB
16 KB 165ms
76ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Dec 2021 07:07:19 GMT

GET
H/1.1 200
OK comscoreplugin.min.js Show response
w3.mp.lura.live/player/prod/v3/plugins/comscore/ Frame B1A7 187 KB
55 KB 18ms
17ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/plugins/comscore/comscoreplugin.min.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: 473274e3abd6ddc6f5d2478c98396b4653f4590f2ff3ce440f542d1d270b2ef8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTY0MzkiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZwcGlkPTcyYTEzZTljLTUwY2QtNDNmYS05YzAxLWJiMzI2NTMzMDA0MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjE2NDM5JTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRDJmNDZiNDc1LWE2YmEtNDY4Ny04ODI1LWQ1MGI0NGRkZGQ4NiUyNmFtem5iaWQlM0R2X2U3d3IyOCUyNmFtem5paWQlM0RJb1FpREhSVmFnVlNFWGhnSHp1eFhHRUFBQUY5bmNYa2JRRUFBQTFTQkkwS3VHNCUyNmFtem5wJTNEMTkwbm9qayJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakUyTkRNNUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd016RTJOVE45LkpSeWlVY1QtemxESmpwRFI3UzdXS1JCNjhxQ1BlemJSNXdEZUZYaGN4eHMifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=Z20I3g==, md5=imiNjGfDXehmasMcEjRdyg==
Date: Thu, 09 Dec 2021 07:07:19 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycduraamWGO5SPREXEJP7xf4GDtBKFIydvQPc7XDCRIi_gbNdGkq_8shtoMPJVqo4EHfivbL_RX2b988XlLg5QOFwLOupvQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 55062
Last-Modified: Fri, 03 Dec 2021 13:32:00 GMT
Server: UploadServer
ETag: "8a688d8c67c35de8666ac31c12345dca"
X-HW: 1639033637.dop224.am5.shc,1639033639.dop224.am5.t,1639033639.cds007.am5.c
x-goog-generation: 1638538320639776
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 55062
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H/1.1 200
OK comscoreplugin.min.js Show response
w3.mp.lura.live/player/prod/v3/plugins/comscore/ Frame E3D6 187 KB
55 KB 18ms
17ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/plugins/comscore/comscoreplugin.min.js
Requested by: Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: 473274e3abd6ddc6f5d2478c98396b4653f4590f2ff3ce440f542d1d270b2ef8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/player/prod/v3/anvload.html?key=eyJtIjoiTElOIiwidiI6IjcyMTM4MjIiLCJhbnZhY2siOiJ2THJvQkE5WkJHM0p3VHZhT2xpYmJ0b1BiNkw0anFKbCIsInNoYXJlTGluayI6Imh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8iLCJwbHVnaW5zIjp7ImNvbXNjb3JlIjp7ImNsaWVudElkIjoiNjAzNjQzOSIsImMzIjoid2dudHYuY29tIiwic2NyaXB0IjoiLy93My5tcC5sdXJhLmxpdmUvcGxheWVyL3Byb2QvdjMvcGx1Z2lucy9jb21zY29yZS9jb21zY29yZXBsdWdpbi5taW4uanMiLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsidmlkZW8iOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifSwiYWQiOnsiYzMiOiJ3Z250di5jb20iLCJuc19zdF9zdCI6IndnbiIsIm5zX3N0X3B1IjoiTmV4c3RhciIsIm5zX3N0X2dlIjoiTmV3cyIsImNzX3VjZnIiOiIifX19LCJkZnAiOnsiY2xpZW50U2lkZSI6eyJhZFRhZ1VybCI6Imh0dHBzOi8vcHViYWRzLmcuZG91YmxlY2xpY2submV0L2dhbXBhZC9hZHM%2Fc3o9MXgxMDAwJml1PS81Njc4L254LndnbnR2L25ld3MvY2hpY2Fnb19jcmltZSZpbXBsPXMmZ2RmcF9yZXE9MSZlbnY9dnAmb3V0cHV0PXZtYXAmdW52aWV3ZWRfcG9zaXRpb25fc3RhcnQ9MSZhZF9ydWxlPTEmZGVzY3JpcHRpb25fdXJsPWh0dHBzOi8vd2dudHYuY29tL25ld3MvY2hpY2Fnb2NyaW1lL21hbi1zaG90LWtpbGxlZC1uZWFyLWNoaW5hdG93bi1lbGVtZW50YXJ5LXNjaG9vbC8mdmNvbnA9MiZjdXN0X3BhcmFtcz12aWQlM0Q3MjEzODIyJTI2Y21zaWQlM0QxODgxMDE5JTI2cGlkJTNEMTg4MTAxOSUyNnBlcnNfY2lkJTNEbnhzdHJpYi01LWFydGljbGUtMTg4MTAxOSUyNnZpZGNhdCUzRCUyRm5ld3MlMkZjaGljYWdvX2NyaW1lJTI2Ym9iX2NrJTNEJTVCYm9iX2NrX3ZhbCU1RCUyNmRfY29kZSUzRG5hMDAzJTI2cGFnZXR5cGUlM0RzdG9yeSUyNnBsYXllcndpZHRoJTNEODc2JTI2cGxheWVyaGVpZ2h0JTNENDkzJTI2dXBpZCUzRGRjNGY4YTVlLTA1NmEtNDg0ZC05YzE0LTY0Njk5MDI3MzAyNSJ9fSwibmllbHNlbiI6eyJhcGlkIjoiUEQyRUM3MDcyLTI3MzAtNEMzMi1CMkEzLUM5QUVFNzc4MjRGNCIsInNmY29kZSI6ImRjciIsInR5cGUiOiJkY3IiLCJhcG4iOiJBbnZhdG8iLCJlbnZpcm9ubWVudCI6InByb2R1Y3Rpb24iLCJ1c2VEZXJpdmVkTWV0YWRhdGEiOnRydWUsIm1hcHBpbmciOnsiYWRsb2FkdHlwZSI6MiwiYWRNb2RlbCI6Mn0sIm9wdE91dCI6ZmFsc2V9LCJzZWdtZW50Q3VzdG9tIjp7InNjcmlwdCI6Imh0dHBzOi8vc2VnbWVudC5wc2cubmV4c3RhcmRpZ2l0YWwubmV0L2FudmF0by5qcyIsIndyaXRlS2V5IjoiWXhuaTNJMTdPS2s5S1RVZjFSbW1zeVllcXhGa0VUbzIiLCJwbHVnaW5zTG9hZGluZ1RpbWVvdXQiOjEyfSwiZ29vZ2xlQW5hbHl0aWNzIjp7InRyYWNraW5nSWQiOiJVQS0zNDEzMzg4NC0xMyIsImV2ZW50cyI6eyJBRF9TVEFSVEVEIjp7ImFsaWFzIjoiVmlkZW8tQWQiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fU1RBUlRFRCI6eyJhbGlhcyI6IlZpZGVvLVBsYXkiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fRklSU1RfUVVBUlRJTEUiOnsiYWxpYXMiOiJWaWRlby0yNSUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVklERU9fTUlEX1BPSU5UIjp7ImFsaWFzIjoiVmlkZW8tNTAlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX1RISVJEX1FVQVJUSUxFIjp7ImFsaWFzIjoiVmlkZW8tNzUlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlZJREVPX0NPTVBMRVRFRCI6eyJhbGlhcyI6IlZpZGVvLTEwMCUiLCJjYXRlZ29yeSI6IlZpZGVvIiwibGFiZWwiOiJbW1RJVExFXV0ifSwiVVNFUl9QQVVTRSI6eyJhbGlhcyI6IlBhdXNlIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn0sIlVTRVJfUkVTVU1FIjp7ImFsaWFzIjoiUmVzdW1lIiwiY2F0ZWdvcnkiOiJWaWRlbyIsImxhYmVsIjoiW1tUSVRMRV1dIn19fSwiaGVhbHRoQW5hbHl0aWNzIjp7fX0sImh0bWw1Ijp0cnVlLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YxUWlMQ0poYkdjaU9pSklVekkxTmlKOS5leUoyYVdRaU9pSTNNakV6T0RJeUlpd2lhWE56SWpvaWRreHliMEpCT1ZwQ1J6TktkMVIyWVU5c2FXSmlkRzlRWWpaTU5HcHhTbXdpTENKbGVIQWlPakUyTXprd01EZzRNemQ5LjRRTUxVYWVHTHVCVFVoNmtuc1F0UVdHZ3pJZWpDSnAxem1JbE9DMW1TY1UifQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=Z20I3g==, md5=imiNjGfDXehmasMcEjRdyg==
Date: Thu, 09 Dec 2021 07:07:19 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycduraamWGO5SPREXEJP7xf4GDtBKFIydvQPc7XDCRIi_gbNdGkq_8shtoMPJVqo4EHfivbL_RX2b988XlLg5QOFwLOupvQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 55062
Last-Modified: Fri, 03 Dec 2021 13:32:00 GMT
Server: UploadServer
ETag: "8a688d8c67c35de8666ac31c12345dca"
X-HW: 1639033637.dop113.am5.t,1639033637.cds291.am5.shn,1639033639.dop113.am5.t,1639033639.cds007.am5.c
x-goog-generation: 1638538320639776
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 55062
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D495 37 KB
13 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 09 Dec 2021 07:45:53 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9871 37 KB
13 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:45:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 09 Dec 2021 07:45:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11B3 0
0 90ms
90ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=4394669239311329&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 3179903F4840DAD5EE68EFACDC3EB18A.jpg
m104216-ucdn.mp.lura.live/iupl_lin/317/990/ Frame E3D6 532 KB
532 KB 14ms
14ms Image
image/jpeg 34.117.216.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-ucdn.mp.lura.live/iupl_lin/317/990/3179903F4840DAD5EE68EFACDC3EB18A.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=Xk74dkF6hV8Lm0KJ-LMC2thbqww
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.216.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.216.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6d0018d957c8b0fd7c83a012a2a0d5eea54a8ba95c67cb232dee807c0d5f2af6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:34:17 GMT
age: 1982
x-guploader-uploadid: ADPycduZbs5Hu4BtxRi2E2sIrKR6MVXWGJ_ldyUp96SUkrAZtxG4pgu99J-B0JrAOxMlIM55ADRKzoclx7v5bt704w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 544753
last-modified: Wed, 08 Dec 2021 12:22:29 GMT
server: UploadServer
etag: "01140e8cab3bce7bedd5929ae5342278"
x-goog-hash: crc32c=NRvqIA==, md5=ARQOjKs7znvt1ZKa5TQieA==
x-goog-generation: 1638966149982034
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 544753
accept-ranges: bytes
content-type: image/jpeg

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 30BB 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 18:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 133444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 18:03:15 GMT

GET
H2 200 anvato.js Show response
segment.psg.nexstardigital.net/ Frame B1A7 64 KB
22 KB 40ms
6ms Script
application/x-javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://segment.psg.nexstardigital.net/anvato.js

Requested by

Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ba08d089deaf9ab4e9b0760ebea31f3b587dce750d5928aa5b97e454d6a7e70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1826
via: 1.1 varnish
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:564329123274:build/prod-frontend-segment:a0947da3-12a6-4d11-9a0d-58592c364188
x-cache: HIT
x-amz-request-id: HJ7AYDNB0EJQDWRG
x-amz-meta-codebuild-content-md5: 91f4f751a7000c23606574e4a00b8681
content-length: 21454
x-amz-id-2: yWVeucpOnsV1nGvQSU6U/bGcXY+a97Oa5OcLs0MfmnVWxEn22rhyQkHNxCn+0RivE81bEyGcFtA=
x-served-by: cache-hhn4067-HHN
last-modified: Thu, 02 Dec 2021 21:22:41 GMT
server: AmazonS3
x-timer: S1639033640.573712,VS0,VE0
etag: "899dde54c59091b16380f2ca1521a112"
strict-transport-security: max-age=300
x-amz-meta-codebuild-content-sha256: 663db6abe6e104dff62b7b1df0cafdce13d75dd6a7f2e16ceb901f6cac73328b
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 5

GET
H2 200 PD2EC7072-2730-4C32-B2A3-C9AEE77824F4.js Show response
cdn-gl.imrworldwide.com/conf/ Frame E3D6 33 KB
7 KB 83ms
16ms Script
application/javascript 2600:9000:2156:c800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PD2EC7072-2730-4C32-B2A3-C9AEE77824F4.js
Requested by: Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/novms/js/2/ggcmb500.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c023e6b10b9d088f8a9fee48cad2c00dc9d8b1d87de3f3cf30242443fef73247

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: ddp5CWzwhvwXd6A2695ZqnifGlEfZpO2
content-encoding: gzip
etag: W/"0b28627cfc1cc567da33fd7a0ffcf33b"
last-modified: Wed, 08 Dec 2021 17:18:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Thu, 09 Dec 2021 07:07:19 GMT
x-amz-cf-id: dq7G_5TgVSeTw0W9tEj0YvN84SLTKqnyvMMZmt5OV3SHgqqc5T-bTg==

GET
H2 200 anvato.js Show response
segment.psg.nexstardigital.net/ Frame E3D6 64 KB
21 KB 13ms
8ms Script
application/x-javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://segment.psg.nexstardigital.net/anvato.js

Requested by

Host: w3.mp.lura.live
URL: https://w3.mp.lura.live/player/prod/v3/9f486f97/scripts/anvplayer.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ba08d089deaf9ab4e9b0760ebea31f3b587dce750d5928aa5b97e454d6a7e70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1826
via: 1.1 varnish
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:564329123274:build/prod-frontend-segment:a0947da3-12a6-4d11-9a0d-58592c364188
x-cache: HIT
x-amz-request-id: HJ7AYDNB0EJQDWRG
x-amz-meta-codebuild-content-md5: 91f4f751a7000c23606574e4a00b8681
content-length: 21454
x-amz-id-2: yWVeucpOnsV1nGvQSU6U/bGcXY+a97Oa5OcLs0MfmnVWxEn22rhyQkHNxCn+0RivE81bEyGcFtA=
x-served-by: cache-hhn4067-HHN
last-modified: Thu, 02 Dec 2021 21:22:41 GMT
server: AmazonS3
x-timer: S1639033640.573829,VS0,VE0
etag: "899dde54c59091b16380f2ca1521a112"
strict-transport-security: max-age=300
x-amz-meta-codebuild-content-sha256: 663db6abe6e104dff62b7b1df0cafdce13d75dd6a7f2e16ceb901f6cac73328b
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 6

GET
H2 200 PD2EC7072-2730-4C32-B2A3-C9AEE77824F4.js Show response
cdn-gl.imrworldwide.com/conf/ Frame B1A7 33 KB
7 KB 11ms
10ms Script
application/javascript 2600:9000:2156:c800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PD2EC7072-2730-4C32-B2A3-C9AEE77824F4.js
Requested by: Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/novms/js/2/ggcmb500.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c023e6b10b9d088f8a9fee48cad2c00dc9d8b1d87de3f3cf30242443fef73247

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: ddp5CWzwhvwXd6A2695ZqnifGlEfZpO2
content-encoding: gzip
etag: W/"0b28627cfc1cc567da33fd7a0ffcf33b"
last-modified: Wed, 08 Dec 2021 17:18:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Thu, 09 Dec 2021 07:07:19 GMT
x-amz-cf-id: jDi12QrSdeWEKVXc-VE-1Sb8rw8wXk5iHFrBb0FPLgkL9kgM0WlSSw==

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ Frame E3D6 193 KB
54 KB 12ms
11ms Script
application/javascript 2600:9000:2156:c800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PD2EC7072-2730-4C32-B2A3-C9AEE77824F4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: cMRN_04lvqSJdvtl7TZbazXb3VGsS_cB
content-encoding: gzip
etag: W/"711241d99f4dbd99c7bef0f79ce85582"
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
server: AmazonS3
age: 1056
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 09 Dec 2021 06:49:44 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 60eiAYiVprFEM6kTJsWWjTIDArMaYIBNZEiPeRd_ir6PRLH1-ZryWA==

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ Frame B1A7 193 KB
54 KB 8ms
8ms Script
application/javascript 2600:9000:2156:c800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PD2EC7072-2730-4C32-B2A3-C9AEE77824F4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: cMRN_04lvqSJdvtl7TZbazXb3VGsS_cB
content-encoding: gzip
etag: W/"711241d99f4dbd99c7bef0f79ce85582"
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
server: AmazonS3
age: 1056
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 09 Dec 2021 06:49:44 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0Lm_o9ZVjp4isEUfLMlVBFT9KXrODLGsZSDZbYcCDs0Q91ZS5dwN1Q==

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame BDA9 12 KB
4 KB 8ms
7ms Document
text/html 2600:9000:2156:c800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/

Response headers

content-type: text/html
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: IljONPHQ882rCgbxybbkGTEVB8TZxE7m
server: AmazonS3
content-encoding: gzip
date: Thu, 09 Dec 2021 06:08:42 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Tqx0KUAtrvr9abAj62ixwyWSy6QujbxJyrRkgdxvwA5WAPxqgxUATQ==
age: 3517

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame CA11 12 KB
4 KB 7ms
7ms Document
text/html 2600:9000:2156:c800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/

Response headers

content-type: text/html
last-modified: Mon, 29 Nov 2021 14:37:17 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: IljONPHQ882rCgbxybbkGTEVB8TZxE7m
server: AmazonS3
content-encoding: gzip
date: Thu, 09 Dec 2021 06:08:42 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: F6ftPDvrIzelZuu5jf0qus1T-H2_mVDdo6mrL0PaRQo42YNW-eTzmg==
age: 3517

GET
H2 200 74B405120D6BD7E00098E4BF15452CCA.jpg
m104216-ucdn.mp.lura.live/iupl_lin/74B/405/ Frame B1A7 142 KB
143 KB 16ms
16ms Image
image/jpeg 34.117.216.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-ucdn.mp.lura.live/iupl_lin/74B/405/74B405120D6BD7E00098E4BF15452CCA.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=-FUfslksZB0_p6Zf1VYSVU-0xvk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.216.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.216.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9def22b041e07eab02739bdc6098e2c4247733973d4ff1c16fb8df165653ee1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:19 GMT
age: 0
x-guploader-uploadid: ADPycdtZhmw4LUiTEPb3TUByclz4ePSSzeJ0WYSJz-stJ-vBgTrZE7VuRlG6VjUp1UMW8ORYVPJ-RM6DtmLRzedKHLsOOOkU_g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 145911
last-modified: Thu, 09 Dec 2021 03:03:29 GMT
server: UploadServer
etag: "6b8bf79b05db3c7d653b3df120211914"
x-goog-hash: crc32c=hS43NQ==, md5=a4v3mwXbPH1lOz3xICEZFA==
x-goog-generation: 1639019009015361
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 145911
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame BDA9 44 B
561 B 34ms
33ms Image
image/gif 34.250.37.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PD2EC7072-2730-4C32-B2A3-C9AEE77824F4&sessionId=aqxxvhh8dxxv1r86us6jzka63fyhy1639033639&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.615&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.37.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-37-38.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 07:07:19 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
aqxxvhh8dxxv1r86us6jzka63fyhy1639033639.nuid.imrworldwide.com/ Frame BDA9 35 B
350 B 69ms
16ms Image
image/gif 2600:9000:2156:c00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aqxxvhh8dxxv1r86us6jzka63fyhy1639033639.nuid.imrworldwide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:29:10 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 13090
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: QX7Ur303D8q9rd8pSI0saZpr_jFzSuiDpiR4iXWcft7HPChKM7jdqw==

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame CA11 44 B
560 B 41ms
41ms Image
image/gif 34.250.37.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PD2EC7072-2730-4C32-B2A3-C9AEE77824F4&sessionId=plzkwur5avx7gcrulukzym6izttgm1639033639&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.615&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.37.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-37-38.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 07:07:20 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
plzkwur5avx7gcrulukzym6izttgm1639033639.nuid.imrworldwide.com/ Frame CA11 35 B
349 B 48ms
7ms Image
image/gif 2600:9000:2156:c00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plzkwur5avx7gcrulukzym6izttgm1639033639.nuid.imrworldwide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:29:10 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 13090
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: PfdY5j7jR0fgNrVn0AykQBvSCbaernYiPKq0Q-cL1QEdzgYJGctJtA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=4394669239311329&bg=!mJulm9_NAAZKWFskSlg7ACkAdvg8WhIZZppUHR70ejXtf4ZqRll7L4_JiyebKw8EWE0EvgQXQjM_GAIAAAFFUgAAABpoAQcKAIQvoqb6c1c6AxRH0RNvJ8gAyXytla_CY3zekzC53WvyUrUvf4Z879sSCaciNaPKwqzNLBtvb_O55miMzoE4r_LVIyK1DpHIP1_PitXkzvaKIUjGBA7uIytK0kPnsSnzRd0o3ZGqmpLzZJ-gNia0AWb0x7UW6F6jxcbyMl5MfXtck7yOn3WZApLFRKi0nPer0Z3h2TrQbzzrqyLxTDsWCu9_JZOptZzV4U-HyLogKifgmfZL0VpDHqhGSrE-129lzyUIQjn2nTg-7I7qncH8qpmss588ZpPblD46s1W5OWQjUAFXzD7xuPXp_P5QXvQlWR-OREyOcTW5w4uDSQTJKvS38JcCFx_kzlAgReM8YHW3TU5lzlp8JIMDQe-3m2UcMv1AywlsAZfLzrlvHFGk9tpNEWoXNxUTWtbYY9LCA6TIn34orbVOLcAyhrFusr0dMHbYpw1g5wcFLwt7amHkgCeK9IuC-hXgjAkj1zTLnH9_UG2-0yKRI_Tdhy5ITQh5paGF2K3HGLSUWOn4H7vHMsuU3gd469d7Bkm65doXeOgHtnt7uy0779P39woxajS16ZG4iH3SnKnVj0cQsDteQ22wP7f1dR6rcEKSApUCrHiBD54WzCGokoaZUo-fyw2PpoZJffbBZ0iyDIywN5LTWtVr1hTqbH9TihCllqjD-eZEYAK5xNNyrCPMkiqXiaxdwOpfW6MjOPuUIAKdSsw0Gjr-SeHJz6mFi7GL_iaO55OidcGTFHjxzLwFFeHBH6pgluHblwWaBpMuVTPge8qZnQYSJ7ynWmMNr-7b9zfBZdcayMVWfhlVZZGXuBdU0EYTXbH8ZDv5IK22dxj2gfyVG6lfbrKmxtdjYXFjW5CJrjXXucB8dE8xcQ8ZhSE4_iCZQxl4i4JlRX83Bbe_9-M_gFOg089CKG-1wQXDt2K3_JT806D-R_NyxjlSZFZ55n4wydA5HWfxHW427LBUGbyfue1BgZuan_7UWgyhSGZRuNJDW_oQqQP88Kl7mZSB8zOQf1xAWStra8xdIrD9YEKAY9QEKWas4sTKw2dF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gua.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 07:07:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A8A7 28 B
54 B 56ms
56ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/46ac5f60/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/78HGjCX5L7o?start=
X-YouTube-Client-Version: 1.20211205.00.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt1UVl4U2ZVal9UOCil1saNBg%3D%3D
X-YouTube-Ad-Signals: dt=1639033638019&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C897%2C592&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 09 Dec 2021 07:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 09 Dec 2021 07:07:20 GMT

GET
H2 200 592034FE7B406E93DF1C2584C7F31646_pvw-M0.jpg
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/ Frame B1A7 83 KB
83 KB 496ms
455ms Image
image/jpeg 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/592034FE7B406E93DF1C2584C7F31646_pvw-M0.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=iG5PsJ-VFAE6TtajL2UTL8iY494
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 83281e89d0daa0d1bb2810c64f6353b56babd9b83ee4553cd9b9a4da4104f714

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:20 GMT
x-guploader-uploadid: ADPycdtuPRxKh1tmYjAo81_dWqBdTgC_02RmWPUaN3Hw72AObw1OKTnYVpQqFeVI5MKdIL07TM3zZ7FV5ur1xSg1ddxaxb5Ozw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 84528
last-modified: Thu, 09 Dec 2021 03:07:45 GMT
server: UploadServer
etag: "aea5b7423d24315636bb0d56f315fa72"
x-goog-hash: crc32c=pj6knA==, md5=rqW3Qj0kMVY2uw1W8xX6cg==
x-goog-generation: 1639019265360265
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 84528
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 592034FE7B406E93DF1C2584C7F31646_pvw-M1.jpg
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/ Frame B1A7 83 KB
83 KB 480ms
439ms Image
image/jpeg 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/592034FE7B406E93DF1C2584C7F31646_pvw-M1.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=6sNG5qMpx61Ifllrsf6iHQ_5SsM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0c49ad3056cb84fd38dd808c0fbbc7b36c0efe1cfd8203c2c1d116a5988e63e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:20 GMT
x-guploader-uploadid: ADPycduBkntJChSWoaSKOdFUihgKTMI4FN7TCd-EjJBCWEATeJzNkwX_qtiq_S0fmk5TITDstvgacfvb5BTFTTzLye8zQdHOzw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 84619
last-modified: Thu, 09 Dec 2021 03:07:45 GMT
server: UploadServer
etag: "84ee005cb285d6c2ab391f5ca0f02ca4"
x-goog-hash: crc32c=mhZlOQ==, md5=hO4AXLKF1sKrOR9coPAspA==
x-goog-generation: 1639019265405891
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 84619
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 592034FE7B406E93DF1C2584C7F31646_pvw-M2.jpg
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/ Frame B1A7 61 KB
61 KB 621ms
581ms Image
image/jpeg 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/592034FE7B406E93DF1C2584C7F31646_pvw-M2.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=WBHU3giSxiIZxy5fBCQemxDXDLc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 18fbf31fe7ee8d6e6fa57b6f330670a3131a54d7a4a3f6cd25886f888d2d3378

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:20 GMT
x-guploader-uploadid: ADPycds-fgDnWJ6YWYNY0fPLXZ7OTPZJcSmLbBiy8To8KV0cHTgfbxyA53IDrLmsQXZx6-zDnlUh-_TonN3JM3KmJgACsI_4Tg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 62000
last-modified: Thu, 09 Dec 2021 03:07:45 GMT
server: UploadServer
etag: "0ba4a554657c2d911f1a63392a59f63c"
x-goog-hash: crc32c=d9Ilmg==, md5=C6SlVGV8LZEfGmM5Kln2PA==
x-goog-generation: 1639019265457731
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 62000
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 592034FE7B406E93DF1C2584C7F31646_pvw-M00.jpg
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/ Frame B1A7 75 KB
75 KB 431ms
391ms Image
image/jpeg 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/592034FE7B406E93DF1C2584C7F31646_pvw-M00.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=z6flnSW7TjnDNFK0pNf5SPFYaf4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 29e807320e7325d468eb8a030d50d6d216ea95d9f6b2e187741ae40fba2cd33a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:20 GMT
x-guploader-uploadid: ADPycdvr4-OhchYMZ5TpGvmCVLkoANq8a8RFsfQZ57s4qYCsK2wGYbKbYZhn4aOaXEKP2izpowFoj_FrMgxso_PiX2eZpwqWMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 76564
last-modified: Thu, 09 Dec 2021 03:07:45 GMT
server: UploadServer
etag: "2406c8497246e1d8c11adeedbbbd36bf"
x-goog-hash: crc32c=SECCtQ==, md5=JAbISXJG4djBGt7tu702vw==
x-goog-generation: 1639019265501415
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 76564
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 592034FE7B406E93DF1C2584C7F31646_pvw-hi.bif
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/ Frame B1A7 51 KB
51 KB 595ms
554ms Image
binary/octet-stream 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/592034FE7B406E93DF1C2584C7F31646_pvw-hi.bif?Expires=1639037238&KeyName=mcpkey1&Signature=IdT5zmG2-N9B8vsvhcKAw7C0sJ0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:20 GMT
x-guploader-uploadid: ADPycdvh_eqJgX3-rdfkeGt3hPDFEGJden0PqNpivMbDpnrAU45OZOB3LsQOPMtoWRNl_bKROy2t2vhqHsuK12na6HjkNzhkUg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 3970372
last-modified: Thu, 09 Dec 2021 03:07:45 GMT
server: UploadServer
etag: "1a7983ca5e534f2bddbc60442afb1dd8"
x-goog-hash: crc32c=+IVO5A==, md5=GnmDyl5TTyvdvGBEKvsd2A==
x-goog-generation: 1639019265674380
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 3970372
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 592034FE7B406E93DF1C2584C7F31646_pvw-med.bif
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/ Frame B1A7 62 KB
62 KB 457ms
417ms Image
binary/octet-stream 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/592034FE7B406E93DF1C2584C7F31646_pvw-med.bif?Expires=1639037238&KeyName=mcpkey1&Signature=iAYvL2uyMXcWswdpl1NQIMtEkYs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:20 GMT
x-guploader-uploadid: ADPycds8aF5Vj72T6RQ1znHnH-y4NhYnJmBD3xph5h4iQyX-w6q9TcBHztcaTx_GziBtgwobeL-nkC4RRvz-hztoWR98ndeBOQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 1297446
last-modified: Thu, 09 Dec 2021 03:07:45 GMT
server: UploadServer
etag: "a2c49d5fd76f70ef9cc497ad5afa2190"
x-goog-hash: crc32c=6XHNyw==, md5=osSdX9dvcO+cxJetWvohkA==
x-goog-generation: 1639019265751149
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 1297446
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 592034FE7B406E93DF1C2584C7F31646_pvw-lo.bif
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/ Frame B1A7 62 KB
62 KB 388ms
388ms Image
binary/octet-stream 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/592/034/592034FE7B406E93DF1C2584C7F31646_pvw-lo.bif?Expires=1639037238&KeyName=mcpkey1&Signature=eoSpRz_ima0V7gESTTN0MgP3EDg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 07:07:21 GMT
x-guploader-uploadid: ADPycdsOoMkjonRUxUrffRM9PU4ZyMDZujZH5KvWJvQscgG4LZfmbHE4thtDgf0o5F6t__OUE6jmACQFCkWZxRPb48loeZhxfw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 433204
last-modified: Thu, 09 Dec 2021 03:07:45 GMT
server: UploadServer
etag: "686701025ed6b96d8097b14b5c80550f"
x-goog-hash: crc32c=lqLEXg==, md5=aGcBAl7WuW2Al7FLXIBVDw==
x-goog-generation: 1639019265821807
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 433204
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 FEC465E944B9C073A051CC2CAC316761_pvw-M0.jpg
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/ Frame E3D6 86 KB
86 KB 78ms
68ms Image
image/jpeg 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/FEC465E944B9C073A051CC2CAC316761_pvw-M0.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=W9kkkykeWoqk7mJHBma2hu3K14g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 92f0f4b57fc4a1ff73ffc82d8e3f3dffbc362e2d16923a455edd78dab5294414

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:38:30 GMT
age: 1730
x-guploader-uploadid: ADPycdsU1Mw54H6JQxz6jY9eHu-6h6S7nn7NNA7sQRj45oiG0QrQrJIfQfhJwVBhFsH4Y8Qj8du-H5dr49-zBueP1a-ze56iQQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 87683
last-modified: Wed, 08 Dec 2021 12:26:34 GMT
server: UploadServer
etag: "4f475800784c662c0bf1bfc9073ef569"
x-goog-hash: crc32c=Oo7S/g==, md5=T0dYAHhMZiwL8b/JBz71aQ==
x-goog-generation: 1638966394106737
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 87683
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 FEC465E944B9C073A051CC2CAC316761_pvw-M1.jpg
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/ Frame E3D6 76 KB
76 KB 76ms
66ms Image
image/jpeg 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/FEC465E944B9C073A051CC2CAC316761_pvw-M1.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=P9sD5d_p-lisHcr7dlEntwyLgCk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7d443e9660a48b6d35688849e0e6a73ef80f197ba83c72323d2bcfaac4b8fce8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:38:30 GMT
age: 1730
x-guploader-uploadid: ADPycdu1TdcmbWocuaEDYDoXqouLhpPJumFYTrtDvi8WvNWJgJjUTH5yoRxKtBcf7e8o_VfoZznZfbWZFX75MxMhnkdD-0IeOg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 77998
last-modified: Wed, 08 Dec 2021 12:26:34 GMT
server: UploadServer
etag: "801e216a64f5c75c7450a697d6b9bb8a"
x-goog-hash: crc32c=K9crXA==, md5=gB4hamT1x1x0UKaX1rm7ig==
x-goog-generation: 1638966394157730
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 77998
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 FEC465E944B9C073A051CC2CAC316761_pvw-M2.jpg
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/ Frame E3D6 17 KB
17 KB 82ms
72ms Image
image/jpeg 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/FEC465E944B9C073A051CC2CAC316761_pvw-M2.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=mt8NU1Kx08vEBHX26-UkcGBbVVk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dece9f8cf1ecdeeedfc42944633b716cb39eef216ac1b7dabce877543e6f7c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:38:30 GMT
age: 1730
x-guploader-uploadid: ADPycdvBlYvfJhztnOCGbB3a8um3iX51sCiE07Ul_kqbAIDOAPNtlYsB5ta01q6LJpLvm3G2b9jJodSmmT2BfZEK6Tu2q0ZQTQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 17234
last-modified: Wed, 08 Dec 2021 12:26:34 GMT
server: UploadServer
etag: "a3bd8e1a603ddfc6a111fa5a7f44de0f"
x-goog-hash: crc32c=EPl/lQ==, md5=o72OGmA938ahEfpaf0TeDw==
x-goog-generation: 1638966394210856
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 17234
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 FEC465E944B9C073A051CC2CAC316761_pvw-M00.jpg
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/ Frame E3D6 58 KB
58 KB 80ms
70ms Image
image/jpeg 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/FEC465E944B9C073A051CC2CAC316761_pvw-M00.jpg?Expires=1639037238&KeyName=mcpkey1&Signature=sjACoO3Axc-wdW_Jb9pR5_OwxcQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: def2c5aeddc2cce637bbc11539332e0b332c2535dc871e0b72b25d51c3475dac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:38:30 GMT
age: 1730
x-guploader-uploadid: ADPycdtVYSJTIS_AA0-O1PTsL3L8nGpc7KPJLI_wQC4d2KMnGOc0m8FvyInID5FlOupVim7giuU7qQ7N1cvo_ZSNBJKRC9RsGw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 59633
last-modified: Wed, 08 Dec 2021 12:26:34 GMT
server: UploadServer
etag: "8d3a443ec13a89a459eba71ddb685d5a"
x-goog-hash: crc32c=iV0Eiw==, md5=jTpEPsE6iaRZ66cd22hdWg==
x-goog-generation: 1638966394263134
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 59633
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 FEC465E944B9C073A051CC2CAC316761_pvw-hi.bif
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/ Frame E3D6 64 KB
64 KB 90ms
81ms Image
binary/octet-stream 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/FEC465E944B9C073A051CC2CAC316761_pvw-hi.bif?Expires=1639037238&KeyName=mcpkey1&Signature=L7U3W6djekIlv7yos1bg8y8hQ-A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:23:14 GMT
age: 2646
x-guploader-uploadid: ADPycdtwXTrRv6zKJpVIyoIAJu_OTMuCG-DjbbMHI_v54P3dZu9aM3mIjbpFgQ7z3IIY8CUAJr0R5_qjsH4aXUSBaw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 3155745
last-modified: Wed, 08 Dec 2021 12:26:34 GMT
server: UploadServer
etag: "59bd8f5456b8853878bc4b5ac9c8adc8"
x-goog-hash: crc32c=m4iY/g==, md5=Wb2PVFa4hTh4vEtaycityA==
x-goog-generation: 1638966394519039
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 3155745
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 FEC465E944B9C073A051CC2CAC316761_pvw-med.bif
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/ Frame E3D6 27 KB
27 KB 29ms
20ms Image
binary/octet-stream 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/FEC465E944B9C073A051CC2CAC316761_pvw-med.bif?Expires=1639037238&KeyName=mcpkey1&Signature=O4RFfMUTxL29LKkUs4CPt3-z6Lc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:38:30 GMT
age: 1730
x-guploader-uploadid: ADPycduW0cWXE3RC5yNNpnbolQfEyKUSZP6IAwY2JG0kF0nhmkBDUFqKactRBiaoDWB-JNK48OK8tLNEDWUuFS3MVJ0fgqLYyA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 1032921
last-modified: Wed, 08 Dec 2021 12:26:34 GMT
server: UploadServer
etag: "a2704a0398e117679de43f9183aeb7a5"
x-goog-hash: crc32c=Stu4RQ==, md5=onBKA5jhF2ed5D+Rg663pQ==
x-goog-generation: 1638966394598113
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 1032921
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 200 FEC465E944B9C073A051CC2CAC316761_pvw-lo.bif
m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/ Frame E3D6 32 KB
32 KB 45ms
45ms Image
binary/octet-stream 34.149.83.205
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m104216-gcdn.mp.lura.live/1/938884/pvw_lin/FEC/465/FEC465E944B9C073A051CC2CAC316761_pvw-lo.bif?Expires=1639037238&KeyName=mcpkey1&Signature=VnKy_V_qSUq3qJsEGwh20DAlDq4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.83.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.83.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://w3.mp.lura.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 06:38:30 GMT
age: 1730
x-guploader-uploadid: ADPycdu7c-xfoSt69wV8B88hGEPE-d0sLVMCEd_Dl__5nhydNCzuzjYKo-UUCRMxAYfrZrNe6ZjPU-h7Plgglc-nVU8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 339681
last-modified: Wed, 08 Dec 2021 12:26:34 GMT
server: UploadServer
etag: "ea49067ec0ec7d4cafa4ad90a1f513bd"
x-goog-hash: crc32c=DVTGMg==, md5=6kkGfsDsfUyvpK2QofUTvQ==
x-goog-generation: 1638966394653118
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 339681
accept-ranges: bytes
content-type: binary/octet-stream

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gua.media/	1969-12-31 23:59:59	Name: _csrf Value: DrofWLnxuXAAlIktxFz8ovUE
gua.media/	1970-01-19 23:37:23	Name: express.sid Value: s%3AnNkjPul_yOv2lYp30uNx-ARV9odxq8qS.%2B22C0Ru7zjG438HsSmDYXRDbH%2BqodW4gvtNpDO%2FJ4q8
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Q4nrSE5zV9M
.youtube.com/	1970-01-20 03:36:25	Name: VISITOR_INFO1_LIVE Value: uQYxSfUj_T8
.gua.media/	1970-01-20 08:38:49	Name: __gads Value: ID=aa54eef11ae733a2-2225877448cc0039:T=1639033638:RT=1639033638:S=ALNI_MYuc6KCadOYYj50a-_53-STr9VoIg
.doubleclick.net/	1970-01-19 23:17:14	Name: test_cookie Value: CheckForPermission
.imrworldwide.com/	1970-01-20 08:38:49	Name: SSCVER Value: v1
.imrworldwide.com/	1970-01-20 08:38:49	Name: IMRID Value: a660e040-58be-11ec-bf10-851509b6562a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

access.mp.lura.live
adservice.google.com
adservice.google.de
aqxxvhh8dxxv1r86us6jzka63fyhy1639033639.nuid.imrworldwide.com
cdn-gl.imrworldwide.com
cdn.statically.io
dcs-vod.mp.lura.live
fonts.gstatic.com
googleads.g.doubleclick.net
gua-prod.s3-us-west-1.amazonaws.com
gua.media
i.dailymail.co.uk
i.ytimg.com
images.chinatimes.com
imasdk.googleapis.com
m104216-gcdn.mp.lura.live
m104216-ucdn.mp.lura.live
nypost.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform.twitter.com
plzkwur5avx7gcrulukzym6izttgm1639033639.nuid.imrworldwide.com
s0.2mdn.net
secure-dcr.imrworldwide.com
secure-us.imrworldwide.com
segment.psg.nexstardigital.net
static.doubleclick.net
syndication.twitter.com
tkx.mp.lura.live
tpc.googlesyndication.com
w3.mp.lura.live
www.google-analytics.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.244.42.8
151.101.2.133
192.0.66.32
192.229.233.25
216.58.212.162
2600:9000:2156:c00:1d:667e:2a40:93a1
2600:9000:2156:c800:2:42d9:3100:93a1
2606:2800:134:1a0d:1429:742:782:b6
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2016
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:830::2006
2a00:1450:4001:830::200e
2a00:1450:4001:831::2006
2a02:26f0:6c00:2b4::16c2
2a04:4e42:400::649
34.117.216.134
34.149.83.205
34.250.37.38
35.209.67.224
35.224.142.165
35.244.137.27
35.244.172.227
52.219.116.249
54.241.229.83
69.16.175.10
01e7b173cb551eceea8f468509e0783ec619b0a44854233783803aff4555f78d
0303574f83ef71ce9e48310cd90d0249289ca8ae99979a18fed695794fd3d878
030f6f4c06a41fc7fb90257c3eae35b043299b876b7a2aba987939d8e5a60088
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
0489810074dc3a37552700794bbd809b6022054d70f1b11b8b7be375fa4ad2f5
079d1ce97042bd9131366bfa7fc499577fc1e36fddfd358a586499454e72e8fe
0c49ad3056cb84fd38dd808c0fbbc7b36c0efe1cfd8203c2c1d116a5988e63e4
0e7659842e66f19e04ca8bc0529c7b0708f7cffbe40f956e459ffb0ba5c41003
11d24f62c32af98af1804be380a821385f1f76220ff21c4207172ba9bbc2f7d6
1804940bab9497accd774bf71ed5777ac803859c10efc54e312c4457fc616427
18fbf31fe7ee8d6e6fa57b6f330670a3131a54d7a4a3f6cd25886f888d2d3378
1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9
2102c5b2944e0c392947ce586022eb776295d121f851e8327144deeb4ee56747
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
2631d5da88a6264e01949a96289fe01001017c7c9864c0e141a79dbaae0c730b
28ac362de7e7d05ab9688831b582ba5f4d801a593450d8af7f2fbd9647292e21
28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea
29e807320e7325d468eb8a030d50d6d216ea95d9f6b2e187741ae40fba2cd33a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
35760a0360e76544a9cfd3ba5390b3480d602c710c1b92f5c23e4bab9815124d
35eb98c0cb2c385a7e0dfeb5ba61367824c9786fa28f5bc85c39ecdf3c136ab2
36719929156b29b16afa1c63d3a9b991869fb9a4751f987324894b7245262d1b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405492bee11d5fd04c09e97924ce4af28642396f1daaa53fc223e7075782f507
473274e3abd6ddc6f5d2478c98396b4653f4590f2ff3ce440f542d1d270b2ef8
49f17b1dafa7f3a405c28c72763db72fdfb32fdd2a90147872f148bf0d9e1a78
531ef81b8374ae49d87401c9deff0f1f091b18a8e9c526cc37660f4efd466c8c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f50c507f91e7780daa5001dccb0fa0369a972e9c3c9bcd4ab89b4d5a574d9ef
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621f42947cbe40ddf093ba3c85daa9568ddd252ec869de0edf2a7da6eaec0633
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
661845fee6d5d628f8b4cfadcee2ccad7df9bdcdb1283ea4053ed26d975de231
66b49367038935213a885e9124e03f6b634babe7b8c7a49de6d87a8ee3388ca9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d0018d957c8b0fd7c83a012a2a0d5eea54a8ba95c67cb232dee807c0d5f2af6
710fb367861d9e2aa054a52327c5c7f939f9c4d88f0afb5e96fac1d28595f8ef
71a192c3d5781040e9ecf3746c304715eefb61b65285533c4655e4b8a69413c1
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7d443e9660a48b6d35688849e0e6a73ef80f197ba83c72323d2bcfaac4b8fce8
83281e89d0daa0d1bb2810c64f6353b56babd9b83ee4553cd9b9a4da4104f714
859986c6ca2bee4f39918f17a31763de8819fbd59dd75014a30631b0683e5b9c
85c731335cb155ce9586c42b54bb17da38a48492902481c252447970064d9667
8d00a1a5a620b646f82f0ff47ee01b034878067a31e963ec5d8c1dddea341bf8
91d1617e85be431120f060aa741577f5660b69603adb8f5dd830892284d5626b
92f0f4b57fc4a1ff73ffc82d8e3f3dffbc362e2d16923a455edd78dab5294414
95a7e3847852009bd0e96d6ea636693bd0c2707cd78594d5f59f3fc7b0602d72
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
993c58ad3f0e7d5344de2eb67b12ea9b747a6200c990b88e0b7922a211966bc4
9bd1fe68687d635e94599589c8e439ee98cd24bc890dc4494ad70134eb63172b
9be210727903067f32a617f95fe1196d36e7cc74a34fc4bc5d0ada047fc7edee
9def22b041e07eab02739bdc6098e2c4247733973d4ff1c16fb8df165653ee1e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a58e3a7f70f9ff30b74124150cfdd6ecf164baffe00eea93cb1c3f26f5d058b9
a6ec215ae1f79058f76e3ac67a8637b37baadf10dabcd5450b0cc8d0fa97934a
ad609f7412bd864afe19e2e3f5046e0aca37045723940a4c84697b9d0e8c491c
af39b4d8dfd27cbd91c943dc79268f6fa625840e57f093c5f24b774bfc601d9d
af6b3f22fae3347e028af16caac5507109ea1161238d193467de1065060b2330
b0618e494e2482b4221278ae3af987f7c2d42ba6bc326801b735d2b21baa9cfe
b06b1f6c3a1932f34b32c00c00f7e635aeb897e0a045197f47039e44d19e938f
b0a5e84d37c0709a0ee28281b1678c168ade905efb0edd03c9aaffbf8614d144
b510a882c697c69a11442c364a3e878dd12729f27c01c3b8054c643456034932
b5498bc67ac496a3fc5af517d67021c41a5c96115e91bf953fc4d3e754b41ba7
b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6
b8d2d5f209843357c521bc9e45c43341f93933bd4ac31f7b4024931a62e82af1
ba08d089deaf9ab4e9b0760ebea31f3b587dce750d5928aa5b97e454d6a7e70b
c023e6b10b9d088f8a9fee48cad2c00dc9d8b1d87de3f3cf30242443fef73247
c0ac011e5df6196c4280c3509cd46fd0aa2d5a0c5bcef171580fcaeb21e75a29
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c240e50cc2336dd065d8cc675d4f3d44b03e22064a650a1ade27b55f782d0834
c536444c5b5dad1ab57e9554beb77255bd5f9ecb6ed0359f4b80d9a89ce90b54
c6866b9b91268d38d8d2d7c43720bef4afccf5a61cf9c341ade90b99c9bf1f83
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ca43b4701546d04698c5eb3d6cba173b76cceb3d82a0fe1e559203cf8c26faec
cb520c6b3bba20f40bb4e1a1a65dd718e510b8663fffb3b601f47e05097745a7
cf7a5e247670e38e5261135aa0a8e52c8468f57de804078c4316310b742da9a5
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3450903915ec1f9c1e658da95d93b040e35fb62de2843615b44fd446f494448
d78afd4305735be6e1642d72b3610e3a1c139d82c25d21b10e47a4a983747a17
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
db889a3046c1c11fe0ce10d282b64cf8a34d93a792189623ad6bd2baaa1f66ec
dcfd69627d561d95783543e41c60ce8e0ab36ff46aaf432f539b82daa799c405
de05e57cd7f99c2384cd286f4d885dfa4e18dab3ba02c2b1ad2aa4419bd9d418
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dece9f8cf1ecdeeedfc42944633b716cb39eef216ac1b7dabce877543e6f7c12
def2c5aeddc2cce637bbc11539332e0b332c2535dc871e0b72b25d51c3475dac
e0841beb473b9cdb1b46423472c8e0a80abc8ab37814cb0e67c63f15f900651b
e0c22c3a0050e50b95afee5c0dc7785e864d2500f1685aff40d200ab3f91df05
e1ca3842b78cf3a51bc590016a670c93e44be67511f8e26054694510799f50b0
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e649774b3f57606130ff4fb9d164501c7a2353a64104b206caa61fab58b9f98d
e718807e587606f521d1894b29c1643cc25743c5630ef7cb1eab7992989d7b50
e86ab4fac9accc234ae70623db5262c0fecb8353f8e0135018139d6cbafbdd8a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f424ba5f7f1c2cd46aaf884a93b700e817418b088c780a3579ccdf4f4f0b40d8
f725b1589eaf6b1f9cb3c0587ce4dd1b743bd95cfdb68e6443d543bfc3000a20
fe8998c04cc2bb65792b2b05c200358f8f07efcd0c3678d407cfacd2d94f3356
ff986ae6228fde43d5b830dab0d57c0da53cfee27f9acb6c23f990d97666eaf4

gua.media Open in urlscan Pro 54.241.229.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

149 Requests

99 %HTTPS

57 %IPv6

23 Domains

37 Subdomains

36 IPs

3 Countries

8916 kBTransfer

16534 kBSize

8 Cookies

6 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gua.media Open in urlscan Pro
54.241.229.83 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

99 %
HTTPS

57 %
IPv6

23
Domains

37
Subdomains

36
IPs

3
Countries

8916 kB
Transfer

16534 kB
Size

8
Cookies

149 HTTP transactions
5 data transactions