Submitted URL: http://officialrostam.com/
Effective URL: https://officialrostam.com/
Submission: On October 02 via api from US — Scanned from DE

Summary

This website contacted 27 IPs in 5 countries across 19 domains to perform 111 HTTP transactions. The main IP is 166.62.73.162, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is officialrostam.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 18th 2022. Valid for: a year.
This is the only time officialrostam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 166.62.73.162 26496 (AS-26496-...)
3 2a05:d014:275... 16509 (AMAZON-02)
15 2400:52e0:1e0... 200325 (BUNNYCDN)
17 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 151.101.66.49 54113 (FASTLY)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2600:9000:214... 16509 (AMAZON-02)
1 99.86.4.50 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 23.36.163.138 20940 (AKAMAI-ASN1)
2 2600:9000:205... 16509 (AMAZON-02)
2 44.239.255.239 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 35.168.71.120 14618 (AMAZON-AES)
111 27
Apex Domain
Subdomains
Transfer
18 officialrostam.com
officialrostam.com
730 KB
17 youtube.com
www.youtube.com — Cisco Umbrella Rank: 95
2 MB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
150 KB
10 optmnstr.com
a.optmnstr.com — Cisco Umbrella Rank: 19652
66 KB
9 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 275
fonts.googleapis.com — Cisco Umbrella Rank: 41
62 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
static.doubleclick.net — Cisco Umbrella Rank: 342
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
2 KB
6 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 4599
api.omappapi.com — Cisco Umbrella Rank: 4724
85 KB
5 seated.com
widget.seated.com — Cisco Umbrella Rank: 108628
cdn.seated.com — Cisco Umbrella Rank: 136444
38 KB
4 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3245
rp.liadm.com — Cisco Umbrella Rank: 1590
rp4.liadm.com — Cisco Umbrella Rank: 7339
i.liadm.com Failed
18 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
252 B
4 aegpresents.com
tracking.aegpresents.com — Cisco Umbrella Rank: 74408
b.aegpresents.com — Cisco Umbrella Rank: 72188
79 KB
3 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 947
97 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
195 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
28 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 118
54 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 228
6 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6301
501 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
132 KB
111 19
Domain Requested by
18 officialrostam.com 1 redirects officialrostam.com
17 www.youtube.com officialrostam.com
www.youtube.com
10 a.optmnstr.com officialrostam.com
a.optmnstr.com
8 jnn-pa.googleapis.com www.youtube.com
8 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
5 a.omappapi.com a.optmnstr.com
officialrostam.com
4 www.facebook.com officialrostam.com
4 www.gstatic.com www.youtube.com
www.gstatic.com
4 googleads.g.doubleclick.net 2 redirects www.youtube.com
3 analytics.tiktok.com officialrostam.com
analytics.tiktok.com
3 connect.facebook.net officialrostam.com
connect.facebook.net
3 www.google.com www.youtube.com
officialrostam.com
3 widget.seated.com officialrostam.com
widget.seated.com
2 b.aegpresents.com tracking.aegpresents.com
2 b-code.liadm.com www.googletagmanager.com
b-code.liadm.com
2 tracking.aegpresents.com officialrostam.com
2 www.google-analytics.com officialrostam.com
www.google-analytics.com
2 i.ytimg.com www.youtube.com
2 yt3.ggpht.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 cdn.seated.com widget.seated.com
1 rp4.liadm.com
1 rp.liadm.com 1 redirects
1 fonts.googleapis.com a.omappapi.com
1 www.google.de officialrostam.com
1 www.googletagmanager.com tracking.aegpresents.com
1 stats.g.doubleclick.net www.google-analytics.com
1 api.omappapi.com a.optmnstr.com
0 i.liadm.com Failed b-code.liadm.com
111 29
Subject Issuer Validity Valid
officialrostam.com
Go Daddy Secure Certificate Authority - G2
2022-02-18 -
2023-03-22
a year crt.sh
widget.seated.com
R3
2022-09-15 -
2022-12-14
3 months crt.sh
a.optmnstr.com
R3
2022-09-04 -
2022-12-03
3 months crt.sh
*.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
cdn.seated.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-09-28 -
2023-10-30
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
www.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-07-11 -
2022-10-09
3 months crt.sh
tracking.aegpresents.com
Amazon
2022-05-25 -
2023-06-23
a year crt.sh
a.omappapi.com
R3
2022-09-04 -
2022-12-03
3 months crt.sh
api.opmnstr.com
Amazon
2022-02-09 -
2023-03-10
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
www.google.de
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-13 -
2023-01-13
a year crt.sh
*.liadm.com
Amazon
2022-01-31 -
2023-03-01
a year crt.sh

This page contains 4 frames:

Primary Page: https://officialrostam.com/
Frame ID: 797F0FE56C1CEF7A89BCD8AA5EA8ECF4
Requests: 64 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DW-_NldiM9I
Frame ID: A353154C45F02AD181CD113FEDEB945F
Requests: 21 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DW-_NldiM9I
Frame ID: 98AB16496D715D8D7642089D76FEAA75
Requests: 21 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=10f95f72ab0a--01gecj88eb9952xf7eqexjk7j9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: C402C9E135F44D2B4AC77EBAD1BDDDFD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Rostam - The New Album Changephobia Out June 4thFacebookTwitterYoutubeInstagramTumblrPage 1

Page URL History Show full URLs

  1. http://officialrostam.com/ HTTP 301
    https://officialrostam.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

111
Requests

95 %
HTTPS

78 %
IPv6

19
Domains

29
Subdomains

27
IPs

5
Countries

3356 kB
Transfer

9272 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://officialrostam.com/ HTTP 301
    https://officialrostam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 74
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 106
  • https://rp.liadm.com/j?dtstmp=1664721625660&aid=a-08c7&se=e30&duid=10f95f72ab0a--01gecj88eb9952xf7eqexjk7j9&tna=v2.5.0&pu=https%3A%2F%2Fofficialrostam.com%2F&wpn=lc-bundle&c=PHRpdGxlPlJvc3RhbSAtIFRoZSBOZXcgQWxidW0gQ2hhbmdlcGhvYmlhIE91dCBKdW5lIDR0aDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJvc3RhbSBfIHByb2R1Y2VyICsgc2luZ2VyLiB1IG1heSBrbm93IG1lIGZyb20gc29uZ3Mgd2l0aCBWYW1waXJlIFdlZWtlbmQsIEhhaW0sIENsYWlybywgRGlzY292ZXJ5LCBIYW1pbHRvbiBMZWl0aGF1c2VyIj4 HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1664721625660&aid=a-08c7&se=e30&duid=10f95f72ab0a--01gecj88eb9952xf7eqexjk7j9&tna=v2.5.0&pu=https%3A%2F%2Fofficialrostam.com%2F&wpn=lc-bundle&c=PHRpdGxlPlJvc3RhbSAtIFRoZSBOZXcgQWxidW0gQ2hhbmdlcGhvYmlhIE91dCBKdW5lIDR0aDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJvc3RhbSBfIHByb2R1Y2VyICsgc2luZ2VyLiB1IG1heSBrbm93IG1lIGZyb20gc29uZ3Mgd2l0aCBWYW1waXJlIFdlZWtlbmQsIEhhaW0sIENsYWlybywgRGlzY292ZXJ5LCBIYW1pbHRvbiBMZWl0aGF1c2VyIj4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojc%3D&n3pc=true

111 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
officialrostam.com/
Redirect Chain
  • http://officialrostam.com/
  • https://officialrostam.com/
37 KB
12 KB
Document
General
Full URL
https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache / Craft CMS
Resource Hash
6f75aa6ec563f13bb977daf8d244acc143876f18fcc43f01e75509e935622010

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
charset
utf-8
content-encoding
br
content-length
12313
content-type
text/html; charset=utf-8
date
Sun, 02 Oct 2022 14:40:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-powered-by
Craft CMS

Redirect headers

Connection
Keep-Alive
Content-Length
235
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 02 Oct 2022 14:40:23 GMT
Keep-Alive
timeout=5
Location
https://officialrostam.com/
Server
Apache
all.min.css
officialrostam.com/dist/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://officialrostam.com/dist/css/all.min.css?v=555
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
f11f319f1549dcb9050fa167b07121caf08a20bf8cd3f8235a2742ddfb79a550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:23 GMT
content-encoding
br
last-modified
Tue, 02 Mar 2021 19:16:04 GMT
server
Apache
etag
"4a62327-37fa-5bc9290d22c05-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2982
flag-right.svg
officialrostam.com/dist/images/
1 KB
503 B
Image
General
Full URL
https://officialrostam.com/dist/images/flag-right.svg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
81f2b6e2ede264f2133791556b890cf10d734b83a4e500aecc0d24c28d1253f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:23 GMT
content-encoding
br
last-modified
Wed, 12 Sep 2018 11:02:07 GMT
server
Apache
etag
"4a62330-40c-575aa856f0de4-br"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
405
flag-left.svg
officialrostam.com/dist/images/
1 KB
492 B
Image
General
Full URL
https://officialrostam.com/dist/images/flag-left.svg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
93d0f4963fc723bcfac5a89849ed2469aad27e6b150d77148fe2e80880ec9ebd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:23 GMT
content-encoding
br
last-modified
Wed, 12 Sep 2018 11:02:07 GMT
server
Apache
etag
"4a6232f-422-575aa856e5263-br"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
434
changephobia.jpg
officialrostam.com/dist/images/
80 KB
81 KB
Image
General
Full URL
https://officialrostam.com/dist/images/changephobia.jpg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
8fd1ef61bbb729cfc82c83b871403192889eb36c7fe3a984be4f8f6b3ada731a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:23 GMT
last-modified
Fri, 04 Jun 2021 09:14:28 GMT
server
Apache
accept-ranges
bytes
etag
"4a63895-141ad-5c3ed1e65d9a4"
content-length
82349
content-type
image/jpeg
Changephobia%20Vinyl%20mockup%20(black).jpg
officialrostam.com/dist/images/
24 KB
24 KB
Image
General
Full URL
https://officialrostam.com/dist/images/Changephobia%20Vinyl%20mockup%20(black).jpg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
5a72b81238de491fed35aa9b4e84f6bebd0b8d56d8b4d3ad8cd248b460cdeb6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
last-modified
Fri, 04 Jun 2021 09:17:39 GMT
server
Apache
accept-ranges
bytes
etag
"4a62bf9-5f55-5c3ed29c6e173"
content-length
24405
content-type
image/jpeg
Changephobia%20Vinyl%20mockup%20(Crystal%20Clear).jpg
officialrostam.com/dist/images/
21 KB
21 KB
Image
General
Full URL
https://officialrostam.com/dist/images/Changephobia%20Vinyl%20mockup%20(Crystal%20Clear).jpg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
ab9d2eb2b96f1c782f8950774a4f08c5cd42f0c47aabf8cd7688a02f0be09351

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
last-modified
Fri, 04 Jun 2021 09:19:22 GMT
server
Apache
accept-ranges
bytes
etag
"4a62bfa-5377-5c3ed2fec3dfd"
content-length
21367
content-type
image/jpeg
Changephobia%20Vinyl%20mockup%20(Opaque%20Yellow).jpg
officialrostam.com/dist/images/
23 KB
23 KB
Image
General
Full URL
https://officialrostam.com/dist/images/Changephobia%20Vinyl%20mockup%20(Opaque%20Yellow).jpg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
1bbbd756860a0ae5318221030589d74edc472ca11ff8bb189261831e1c0558b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
last-modified
Fri, 04 Jun 2021 09:21:04 GMT
server
Apache
accept-ranges
bytes
etag
"4a62bfb-5b76-5c3ed360aeb90"
content-length
23414
content-type
image/jpeg
Changephobia%20Vinyl%20mockup%20(Opaque%20Violet).jpg
officialrostam.com/dist/images/
23 KB
23 KB
Image
General
Full URL
https://officialrostam.com/dist/images/Changephobia%20Vinyl%20mockup%20(Opaque%20Violet).jpg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
a0a4bf05bc5c763fd9fc1e2bc0c62cb71f9017bbfad884a7ad414fe50e5b0057

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
last-modified
Fri, 04 Jun 2021 09:25:01 GMT
server
Apache
accept-ranges
bytes
etag
"4a62bfc-5aa2-5c3ed442169f1"
content-length
23202
content-type
image/jpeg
Changephobia%20Vinyl%20mockup%20(Metallic%20Silver).jpg
officialrostam.com/dist/images/
21 KB
21 KB
Image
General
Full URL
https://officialrostam.com/dist/images/Changephobia%20Vinyl%20mockup%20(Metallic%20Silver).jpg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
af4631b10e348ebfb10dbe414d2b25ee5fb9323ae047052580b1ba525a8d665f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
last-modified
Fri, 04 Jun 2021 09:25:46 GMT
server
Apache
accept-ranges
bytes
etag
"4a62bfd-5328-5c3ed46d54e29"
content-length
21288
content-type
image/jpeg
Changephobia%20Vinyl%20mockup%20(Coke%20Bottle).jpg
officialrostam.com/dist/images/
22 KB
22 KB
Image
General
Full URL
https://officialrostam.com/dist/images/Changephobia%20Vinyl%20mockup%20(Coke%20Bottle).jpg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
619ad49366d57734f21bf5eb23a55bf9681f3974ee2b803d59027b9b692227dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
last-modified
Fri, 04 Jun 2021 09:26:35 GMT
server
Apache
accept-ranges
bytes
etag
"4a62bfe-562b-5c3ed49bb856b"
content-length
22059
content-type
image/jpeg
Sports%20Bra%20with%20background.jpg
officialrostam.com/dist/images/
252 KB
253 KB
Image
General
Full URL
https://officialrostam.com/dist/images/Sports%20Bra%20with%20background.jpg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
b978c8df6dc42edbbad10e3a4a48218ac5e5cd51166cabca310f1bf2df437fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
last-modified
Sat, 05 Jun 2021 12:06:39 GMT
server
Apache
accept-ranges
bytes
etag
"4a62bf6-3ee23-5c403a40b6974"
content-length
257571
content-type
image/jpeg
Changephobiacassettemockupwithtape_clear_1000x.jpg
officialrostam.com/dist/images/
160 KB
161 KB
Image
General
Full URL
https://officialrostam.com/dist/images/Changephobiacassettemockupwithtape_clear_1000x.jpg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
14ccf0ced2f6615fec7aedc1fdee71f12eb09836c0d15454474dc9d6b3712961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
last-modified
Tue, 02 Mar 2021 16:22:34 GMT
server
Apache
accept-ranges
bytes
etag
"4a637a7-27f0e-5bc90245a118e"
content-length
163598
content-type
image/jpeg
ChangephobiaLS_1_1000x-1.jpg
officialrostam.com/dist/images/
48 KB
49 KB
Image
General
Full URL
https://officialrostam.com/dist/images/ChangephobiaLS_1_1000x-1.jpg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
4cb6281763159b32fbd4c71f541f56696171898ed68d55017527c8744750340e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
last-modified
Tue, 02 Mar 2021 16:22:21 GMT
server
Apache
accept-ranges
bytes
etag
"4a63899-c09f-5bc9023946b07"
content-length
49311
content-type
image/jpeg
app.js
widget.seated.com/
2 KB
1 KB
Script
General
Full URL
https://widget.seated.com/app.js
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:ec0d:12e2:df27:aa60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
ff9a1e3e286ae70a1754e4bb40685492d7143e53cc1f2b26d57f5e9c45198e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-nf-request-id
01GECJ86XV01JY3QS0KC9KNAVB
date
Sat, 01 Oct 2022 17:26:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
Netlify
age
76454
etag
"a70f41e06f423ed7942dcc737c70b0ef-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
content-length
910
rostam-logo.svg
officialrostam.com/dist/images/
5 KB
2 KB
Image
General
Full URL
https://officialrostam.com/dist/images/rostam-logo.svg
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
f5ddbf2d39dc3c17957b24096e2b44f3376228dca54852d0d44b8bb174eb5e0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
content-encoding
br
last-modified
Wed, 14 Oct 2020 12:44:21 GMT
server
Apache
etag
"4a60715-15a0-5b1a0e3f739a9-br"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
2286
app.bundle.js
officialrostam.com/dist/js/
2 KB
1 KB
Script
General
Full URL
https://officialrostam.com/dist/js/app.bundle.js
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
77bae5cc89c56392d8d209e860ee1d20a1518eae6e66c3d58b6cd58eaa387242

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:23 GMT
content-encoding
br
last-modified
Thu, 21 Sep 2017 21:42:29 GMT
server
Apache
etag
"49810ec-961-559b9f816e8ba-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
985
api.min.js
a.optmnstr.com/app/js/
130 KB
41 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/api.min.js
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
51843919396cc1dca86350d4c2f510319eade39d98009a6c286be653863a6431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
content-encoding
br
cdn-edgestorageid
883
perma-cache
MISS
x-amz-request-id
AYNH67JQYSWB7DKC
cdn-cachedat
09/30/2022 17:27:51
cdn-pullzone
293267
x-amz-id-2
tYKsbK70+czHDig3SKsGfyiQS2klHNPRBqNuf3o8Di8bWUG7WxbbGqIleTmxBdosRINNcYpuUeM=
last-modified
Fri, 30 Sep 2022 17:27:42 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"4f0000c188b7c8456bd4b237217f603d"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
700c2ff5f9499b2f4eca3b1f5ef7c9f0
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
DW-_NldiM9I
www.youtube.com/embed/ Frame A353
68 KB
28 KB
Document
General
Full URL
https://www.youtube.com/embed/DW-_NldiM9I
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f2afa99e99cc6ac02f8b73906a18515f1a805567b9740180f17e03a32d8cb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://officialrostam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sun, 02 Oct 2022 14:40:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
widget.js
widget.seated.com/
118 KB
35 KB
Script
General
Full URL
https://widget.seated.com/widget.js
Requested by
Host: widget.seated.com
URL: https://widget.seated.com/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:ec0d:12e2:df27:aa60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
73c6e87b5c09c75f090c069f0d84fb0044ea3c66b9f96c9f3bd9b1355f37e888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-nf-request-id
01GECJ86ZQVXHTZ3EYDRBHPJ68
date
Sat, 01 Oct 2022 17:26:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
Netlify
age
76455
etag
"b7926d2f4df70a536e979d2ca91a0019-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
content-length
35553
FuturaPT-Book.woff2
officialrostam.com/dist/fonts/
32 KB
32 KB
Font
General
Full URL
https://officialrostam.com/dist/fonts/FuturaPT-Book.woff2
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/dist/css/all.min.css?v=555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.73.162 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
162.73.62.166.host.secureserver.net
Software
Apache /
Resource Hash
ecb36fe21cfde0bb0037a4fdf8588706a30031ceba1ed1840a364f2b2bce5d80

Request headers

Referer
https://officialrostam.com/dist/css/all.min.css?v=555
Origin
https://officialrostam.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
content-encoding
br
last-modified
Wed, 14 Oct 2020 12:44:57 GMT
server
Apache
etag
"4981182-7fd0-5b1a0e62850e0-br"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
content-length
32717
www-player.css
www.youtube.com/s/player/a336babc/ Frame A353
360 KB
49 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/a336babc/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
015bfbbcb959c4b17e2f284dae3c5f9a43a0211e5b8831034200117e4c50e6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
258251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49958
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A353
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:18:05 GMT
x-content-type-options
nosniff
age
444139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 27 Sep 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A353
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 18:59:48 GMT
x-content-type-options
nosniff
age
416436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 27 Sep 2023 18:59:48 GMT
www-embed-player.js
www.youtube.com/s/player/a336babc/www-embed-player.vflset/ Frame A353
305 KB
95 KB
Script
General
Full URL
https://www.youtube.com/s/player/a336babc/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1233bf552d2d4f2d61bd479b44c6f11670bb0af3c292bb79703f9d06810504a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
258251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97177
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:13 GMT
base.js
www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/ Frame A353
2 MB
579 KB
Script
General
Full URL
https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6327e533ee835df219dd29376468437c6f5f5c37e07a59d1c0bb49efabc35d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
258251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
592521
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:13 GMT
fetch-polyfill.js
www.youtube.com/s/player/a336babc/fetch-polyfill.vflset/ Frame A353
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/a336babc/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
258251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:13 GMT
92050108-2cfb-45a1-be6c-28b491d58344
cdn.seated.com/api/tour/ Frame
0
0
Preflight
General
Full URL
https://cdn.seated.com/api/tour/92050108-2cfb-45a1-be6c-28b491d58344?include=tour-events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client-version
Access-Control-Request-Method
GET
Origin
https://officialrostam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-Token,X-Client-Version
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
cache-control
max-age=0, private, must-revalidate
date
Sun, 02 Oct 2022 14:40:24 GMT
server
Cowboy
strict-transport-security
max-age=31536000
via
1.1 vegur, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-request-id
b397707f-6513-45ac-af6b-2726c7f9734a
x-served-by
cache-lga21942-LGA, cache-hhn4023-HHN
x-timer
S1664721624.201914,VS0,VE93
app-v2.css
widget.seated.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://widget.seated.com/app-v2.css
Requested by
Host: widget.seated.com
URL: https://widget.seated.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:ec0d:12e2:df27:aa60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
605cbe6ca432832b7cf1973a10c9b3147e1a34561698358a95dd0b7588ee4296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-nf-request-id
01GECJ8726MDT4RM0Y3D0VGY8Y
date
Sat, 01 Oct 2022 17:26:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
76415
etag
"a73fcbaa0f08ea60e4bdc18edc0a51d1-ssl"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
1006
92050108-2cfb-45a1-be6c-28b491d58344
cdn.seated.com/api/tour/
360 B
526 B
Fetch
General
Full URL
https://cdn.seated.com/api/tour/92050108-2cfb-45a1-be6c-28b491d58344?include=tour-events
Requested by
Host: widget.seated.com
URL: https://widget.seated.com/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
950e8cccfa5379bba744eac23b9071779298371f08e24c4f4dab1aac639a9e2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://officialrostam.com/
X-Client-Version
b6c986da9ea13d67da41517f3adcda6c7278a3bf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 vegur, 1.1 varnish, 1.1 varnish
date
Sun, 02 Oct 2022 14:40:24 GMT
age
0
x-cache
MISS, MISS
content-length
360
x-request-id
4c862fa1-03df-4d8c-a741-11e75c55d885
x-served-by
cache-lga13625-LGA, cache-hhn4023-HHN
server
Cowboy
x-timer
S1664721624.319900,VS0,VE111
content-type
application/vnd.api+json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0, 0
id
googleads.g.doubleclick.net/pagead/ Frame A353
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
609ea785d35d1daff787e72b585f5250c6007057818b77b1619787d318fff6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 02 Oct 2022 14:40:24 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A353
29 B
587 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:39:54 GMT
x-content-type-options
nosniff
age
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Oct 2022 14:54:54 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 02 Oct 2022 14:40:24 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A353
65 KB
30 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7499b89d3beae3f7252cd17cb34a158c8203746e7bf615984b552ce8f1c77dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30663
x-xss-protection
0
remote.js
www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/ Frame A353
118 KB
36 KB
Script
General
Full URL
https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
094f668634220dfd33241ddafa1331cc260a6f56266910c4a1250794666132e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:57:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
258199
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37169
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:57:05 GMT
NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js
www.google.com/js/th/ Frame A353
36 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3407536ab7f00669953768cef7f6436576d6d89a1b7572b5a59274f6b0b605cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 12:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
6839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14149
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 15:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Oct 2023 12:46:25 GMT
embed.js
www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/ Frame A353
25 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcb101643feea0516c0197ceb767e07ac38f328dd84871fbc748a5bc0fdc7895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
258251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8110
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:13 GMT
truncated
/ Frame A353
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu_yRf_y0zuUwI8usmKH79xUCug2VXdJCaK-OQhI=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A353
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_yRf_y0zuUwI8usmKH79xUCug2VXdJCaK-OQhI=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
172e879975c17085fd085f13b91794adc34b6ad84c60aba06b89e10d811ec5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3006
x-xss-protection
0
server
fife
etag
"v6d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 28 Sep 2022 22:53:05 GMT
sddefault.webp
i.ytimg.com/vi_webp/DW-_NldiM9I/ Frame A353
17 KB
18 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/DW-_NldiM9I/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2016 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c32bf74f46b32a01f872d18acc684e43ff877d055aee693779a3eb9042018ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17610
x-xss-protection
0
server
sffe
etag
"1620091351"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 02 Oct 2022 16:40:24 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A353
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 14:40:24 GMT
generate_204
www.youtube.com/ Frame A353
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?Q-e28w
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/106/ Frame A353
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/106/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 22:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 15:10:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 02 Oct 2022 22:55:27 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A353
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15ff5659cab8fc98265e2c7a61f5536f34628ce02aba7339796171690edffe4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 02 Oct 2022 14:40:24 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Oct 2022 13:01:59 GMT
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
5905
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Sun, 02 Oct 2022 15:01:59 GMT
fbevents.js
connect.facebook.net/en_US/
101 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 02 Oct 2022 14:40:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
S8P8OYRS1GlkUbuM9ZdYYOeIGV1p+uSx8xvopl6d/S6R+d+97dGtMcmDlaVWXDDx4rLL6yEHC3I84iI5HNSyEQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
universalpixel.js
tracking.aegpresents.com/universalpixel/
353 B
721 B
Script
General
Full URL
https://tracking.aegpresents.com/universalpixel/universalpixel.js?t=1664755200000
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7600:11:65f0:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
860982f7df0344e1608e42a5279603244e7bb6c6c92f99a7d8442ff61a4637a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 18:04:46 GMT
x-amz-version-id
yzC2d5nyWhAWpaIfBFOzFwofkVYfpPI6
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified
Thu, 25 Oct 2018 06:36:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
74139
etag
"43b149699f79e5268943f6db2d7e2edb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
353
x-amz-cf-id
Iz-LrnVoXOiu_3R7PQkYtyg2Ux_VoW3yLcXhKdaWq9TEm5WZb02Bcw==
api.min.css
a.omappapi.com/app/js/
18 KB
3 KB
Stylesheet
General
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
879
perma-cache
MISS
x-amz-request-id
AYNKXRTMFXEX8MV3
cdn-cachedat
09/30/2022 17:27:51
cdn-pullzone
293267
x-amz-id-2
ekcqi0dFqQM1/ZLi/N274FKXMHaZWpKM09CMTS3Uqb0WptOBxpCdU610u7o8s24ni8gXIahArBw=
last-modified
Fri, 30 Sep 2022 17:27:42 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"fdfc47d7f4872c3530f2516e9f42a6ed"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
ec3334582303fb41b265a9088f0ec13b
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
44385
api.omappapi.com/v2/embed/
3 KB
2 KB
XHR
General
Full URL
https://api.omappapi.com/v2/embed/44385?d=officialrostam.com
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
8e0e9a1bafe741fefd5367e4d0ba8f6e94f115ced0d606e2f26fa7c25bca6a1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:16 GMT
content-encoding
gzip
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-cache-config
0 0
x-amz-cf-pop
FRA6-C1
x-cache-status
HIT
x-cache
Miss from cloudfront
x-optinmonster-account
50361
x-user-agent
standard--
last-modified
Wed, 14 Oct 2020 18:23:35 GMT
server
Pagely Gateway/1.5.1
etag
W/"13619587facc71bbac2118af01a478bb"
vary
Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
x-amz-cf-id
cl-uHNNv-ChDWoC7v0XqCM3iCsCa9C57qr3PJvbQjFVZFZCd7Z-YMw==
expires
Sun, 02 Oct 2022 14:11:20 GMT
atr
www.youtube.com/api/stats/ Frame A353
0
0

DW-_NldiM9I
www.youtube.com/embed/ Frame 98AB
67 KB
27 KB
Document
General
Full URL
https://www.youtube.com/embed/DW-_NldiM9I
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/dist/js/app.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4157df287d2c2a151cd6b706c702b0030cb35bcf38ea38ccf37f8e82c631bcfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://officialrostam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sun, 02 Oct 2022 14:40:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1752395377&t=pageview&_s=1&dl=https%3A%2F%2Fofficialrostam.com%2F&ul=en-us&de=UTF-8&dt=Rostam%20-%20The%20New%20Album%20Changephobia%20Out%20June%204th&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1209500414&gjid=1654290053&cid=7708052.1664721625&tid=UA-102870818-1&_gid=1360958038.1664721625&_r=1&_slc=1&z=1130616673
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://officialrostam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 14:40:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://officialrostam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
459580645400713
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/459580645400713?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c9beac5711042da3daf3d793faa626e1f8f59663a284341adb9a32c8e872354
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 02 Oct 2022 14:40:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
qTmyjqzR9zUCPbxR1xT+2NoWGkQSRQNmegDp+MuEGivMEwyGnSi2B8+ZYLn9C5O2hHMqxsoamXBnaZKyuN8sgw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
443 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-102870818-1&cid=7708052.1664721625&jid=1209500414&gjid=1654290053&_gid=1360958038.1664721625&_u=IEBAAEAAAAAAAC~&z=1257379008
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://officialrostam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 02 Oct 2022 14:40:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://officialrostam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/a336babc/ Frame 98AB
360 KB
49 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/a336babc/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
015bfbbcb959c4b17e2f284dae3c5f9a43a0211e5b8831034200117e4c50e6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
258252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49958
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:13 GMT
www-embed-player.js
www.youtube.com/s/player/a336babc/www-embed-player.vflset/ Frame 98AB
305 KB
95 KB
Script
General
Full URL
https://www.youtube.com/s/player/a336babc/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1233bf552d2d4f2d61bd479b44c6f11670bb0af3c292bb79703f9d06810504a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
258252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97177
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:13 GMT
base.js
www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/ Frame 98AB
2 MB
579 KB
Script
General
Full URL
https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6327e533ee835df219dd29376468437c6f5f5c37e07a59d1c0bb49efabc35d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
258252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
592521
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:13 GMT
fetch-polyfill.js
www.youtube.com/s/player/a336babc/fetch-polyfill.vflset/ Frame 98AB
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/a336babc/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
258252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 98AB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:18:05 GMT
x-content-type-options
nosniff
age
444140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 27 Sep 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 98AB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 18:59:48 GMT
x-content-type-options
nosniff
age
416437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 27 Sep 2023 18:59:48 GMT
gtm.js
www.googletagmanager.com/
575 KB
132 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Requested by
Host: tracking.aegpresents.com
URL: https://tracking.aegpresents.com/universalpixel/universalpixel.js?t=1664755200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6dc4e89d4edbdb9eefd011410d7506e343a9caa6b2db254bc7f2e15f1a7e5795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134712
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 02 Oct 2022 14:40:25 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-102870818-1&cid=7708052.1664721625&jid=1209500414&_u=IEBAAEAAAAAAAC~&z=1132278742
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 14:40:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-102870818-1&cid=7708052.1664721625&jid=1209500414&_u=IEBAAEAAAAAAAC~&z=1132278742
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Oct 2022 14:40:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
204 B
Image
General
Full URL
https://www.facebook.com/tr/?id=459580645400713&ev=PageView&dl=https%3A%2F%2Fofficialrostam.com%2F&rl=&if=false&ts=1664721625170&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664721625168.384769462&it=1664721624971&coo=false&rqm=GET
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 02 Oct 2022 14:40:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
webfont.js
a.omappapi.com/app/js/webfont/1.5.18/
16 KB
7 KB
Script
General
Full URL
https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
879
perma-cache
HIT
cdn-storageserver
DE-199
cdn-cachedat
09/28/2022 16:04:52
cdn-pullzone
293267
last-modified
Fri, 05 Aug 2022 15:30:54 GMT
server
BunnyCDN-AMS-879
cdn-fileserver
419
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
W/"62ed37ae-40cb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
730a118f8cb3baa609654968d0d7155a
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
8.f3bca198.min.js
a.optmnstr.com/app/js/
25 KB
8 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/8.f3bca198.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
b0c6a4fa6370d74665cc2541281eff7fdd171962c7abd1f956e4494e753c5867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
883
perma-cache
MISS
x-amz-request-id
GCGVESP74YZA6EHD
cdn-cachedat
09/28/2022 16:11:05
cdn-pullzone
293267
x-amz-id-2
cJWmxu2uM4rmo2O5clO+st2OQ76/TGexgSOK3XYcBUzn93SsgEnHIGi5y5pxYsf088WEAq/7wiI=
last-modified
Wed, 28 Sep 2022 16:10:55 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"e1103f16738717c74ea6e0b9e19c8a90"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
a0caec4823ed1cd8e0af890d257159b3
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
0.cfa23dcd.min.js
a.optmnstr.com/app/js/
7 KB
3 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/0.cfa23dcd.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
c151f184fa529a7c5a7e9568542b3d2c68fcafe1ae2a534666297f59ab2972f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
879
perma-cache
MISS
x-amz-request-id
GCGJ6NN1DZVH73PM
cdn-cachedat
09/28/2022 16:11:05
cdn-pullzone
293267
x-amz-id-2
1+TZJV4EFWCZA8PArfAnIk/M9MjFA67DdELkeovQI8grx9jqtjvJkafQNSj4w6xoDsJMvvtCaHo=
last-modified
Wed, 28 Sep 2022 16:10:55 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"31d4045f9f19a34fe932150efc95266c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
408b114af12253ce93259103bbf4762d
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
7.b21e555c.min.js
a.optmnstr.com/app/js/
2 KB
2 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/7.b21e555c.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
90170c06cfc78164ffb53c71f2ad709278e24ed7235dc52e5aa173effde6bb20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
883
perma-cache
MISS
x-amz-request-id
XB8AYWPRGN6D5C8M
cdn-cachedat
09/28/2022 16:11:06
cdn-pullzone
293267
x-amz-id-2
ygrKpF7P2aa5Cfv3Ewz6Wr1r/AlUtqF03m3tYsogBHf8b7aZgIwRtwhTDbRWlOHX1twOVJRgNWY=
last-modified
Wed, 28 Sep 2022 16:10:55 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"f106dbaddab04739d62aef7e414b7602"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
b40ba2ac35e9f4d91b322d872cc74ba0
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
9.1f5c2736.min.js
a.optmnstr.com/app/js/
2 KB
2 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/9.1f5c2736.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
fc4753ea69f2c58c0c9ac253d2ce4dfa872ff4337b42be14dcf4b2f77ed97d02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
879
perma-cache
MISS
x-amz-request-id
GCGJ72YVGBCMP8H9
cdn-cachedat
09/28/2022 16:11:05
cdn-pullzone
293267
x-amz-id-2
gl7wJz55xMKLPf9Spt4raGMEuluu3oaKxuzYkXVU80/eQTAoBIYCNiv84f+lTKF9jFZzky7Juzc=
last-modified
Wed, 28 Sep 2022 16:10:55 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"9781b6c486c6d676587203a4e20c426e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
a28fed7c32928084335cb3ecdcc4af6e
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
18.83980738.min.js
a.optmnstr.com/app/js/
3 KB
2 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/18.83980738.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
0569d9cfa3c0c8bb573b0d931d3ccf18fccbf15f18876ab93b384737fd227d03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
883
perma-cache
MISS
x-amz-request-id
GCGYZ743BY3BZG15
cdn-cachedat
09/28/2022 16:11:05
cdn-pullzone
293267
x-amz-id-2
1G1Y55wYamPDLg38HYRwlCkQmbFc4HQIZ10uCab6D3hOCyqn0J15qCO+7O+7ELnHHzbJmiADkQk=
last-modified
Wed, 28 Sep 2022 16:10:55 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"2321be21cff17146107e744e546a1ea4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
851602bb61fe2173018b709a2c3149d8
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
17.a750669e.min.js
a.optmnstr.com/app/js/
1 KB
1 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/17.a750669e.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
78cf7a5e5085740aee10b64344005a582eff61ca5f6861cc5790344580995b36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
883
perma-cache
MISS
x-amz-request-id
GCGS1TV5ZZHYMKV6
cdn-cachedat
09/28/2022 16:11:05
cdn-pullzone
293267
x-amz-id-2
9/VngrH1o5rcTjlR256lAUmDE0ghyuJhNOPyg1TgvAgfDl7bS1k8729cVrxCit6TzRpXfFK4Lhs=
last-modified
Wed, 28 Sep 2022 16:10:55 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"1249f6fc2d693058630db3b242ce1175"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
aca3a363169156751790d495a5a197e9
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
12.186194b2.min.js
a.optmnstr.com/app/js/
856 B
1 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/12.186194b2.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
0460c2d46b7e010fa01e3a9d966baf7937e31fc59d2368b4bf86c5977101d9f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
883
perma-cache
MISS
x-amz-request-id
GCGHGPPAJASP4ADZ
cdn-cachedat
09/28/2022 16:11:05
cdn-pullzone
293267
x-amz-id-2
hPPo/Gq0ZWw0xVyWcMemj0v1JrmHj+ZbLLboanilI9q2bIx6pKMFo6kxMgHqk+pRLUSB+JYsEYk=
last-modified
Wed, 28 Sep 2022 16:10:55 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"fbc5da4e5618bbd209895a30a6f66c21"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
f1f221729253bfe1fadee5999a6747d7
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
1.b46b7a9c.min.js
a.optmnstr.com/app/js/
11 KB
4 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/1.b46b7a9c.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
7cfcdf4ec5c1cfa7938d703299c2e55a4dd3622d7f1b8bfeb39248b3cd5add0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
883
perma-cache
MISS
x-amz-request-id
GCGZ5N5D74JKV11J
cdn-cachedat
09/28/2022 16:11:05
cdn-pullzone
293267
x-amz-id-2
vZ8b3VxJX4x2WrT/5R3ih5sgNaIEo12vSLZVlkFxI5fPV4y1HHEV8OF3MCT60HOPjSLQ0nUVO9g=
last-modified
Wed, 28 Sep 2022 16:10:55 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"eea5a382e457f40684356a72ee37fe1f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
b7e2b5676704a31fe0d10c838d22a01c
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
14.f3eb4bc4.min.js
a.optmnstr.com/app/js/
2 KB
2 KB
Script
General
Full URL
https://a.optmnstr.com/app/js/14.f3eb4bc4.min.js
Requested by
Host: a.optmnstr.com
URL: https://a.optmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
c2ef0710105f38bc6c2f2c5409cfc9d72182fbc10628ef7a25629674539f45dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
br
cdn-edgestorageid
883
perma-cache
MISS
x-amz-request-id
GCGQJGTNDJYHWAV1
cdn-cachedat
09/28/2022 16:11:05
cdn-pullzone
293267
x-amz-id-2
OX0rVizZicV00+hVQv2HccEPz+gkfFxA+lCRhUlGedLQKlq7Gt6EM8Q/oPVIgVY8XLkZ25CZTk0=
last-modified
Wed, 28 Sep 2022 16:10:55 GMT
server
BunnyCDN-AMS-879
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"f3ed68ce26f160dd8be728a94a79c209"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
8d92817cfb0f3e58143e72f3347a85f6
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
id
googleads.g.doubleclick.net/pagead/ Frame 98AB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae347eac493bf9f47aacda72d22081213c91af10d8eb6773ea36390d7d4b613e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 02 Oct 2022 14:40:25 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 98AB
29 B
54 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:39:54 GMT
x-content-type-options
nosniff
age
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 02 Oct 2022 14:54:54 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 02 Oct 2022 14:40:25 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 98AB
65 KB
30 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ec405dcb3bda509e2e86ae87b4e8f6cb88c1c5de5b10dfa03fbe5f1f6abefa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30792
x-xss-protection
0
remote.js
www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/ Frame 98AB
118 KB
36 KB
Script
General
Full URL
https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
094f668634220dfd33241ddafa1331cc260a6f56266910c4a1250794666132e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:57:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
258200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37169
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:57:05 GMT
NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js
www.google.com/js/th/ Frame 98AB
36 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3407536ab7f00669953768cef7f6436576d6d89a1b7572b5a59274f6b0b605cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 12:46:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
6840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14149
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 15:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 02 Oct 2023 12:46:25 GMT
embed.js
www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/ Frame 98AB
25 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcb101643feea0516c0197ceb767e07ac38f328dd84871fbc748a5bc0fdc7895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 14:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
258252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8110
x-xss-protection
0
last-modified
Thu, 29 Sep 2022 00:20:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Sep 2023 14:56:13 GMT
truncated
/ Frame 98AB
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu_yRf_y0zuUwI8usmKH79xUCug2VXdJCaK-OQhI=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 98AB
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AMLnZu_yRf_y0zuUwI8usmKH79xUCug2VXdJCaK-OQhI=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
172e879975c17085fd085f13b91794adc34b6ad84c60aba06b89e10d811ec5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:24 GMT
x-content-type-options
nosniff
age
1
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3006
x-xss-protection
0
server
fife
etag
"v6d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 28 Sep 2022 22:53:05 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/DW-_NldiM9I/ Frame 98AB
37 KB
37 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/DW-_NldiM9I/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2016 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1cb9b9c5bf41a5cfe79628d65680a898ef5714440d927b82d80e9175125dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
x-content-type-options
nosniff
server
sffe
etag
"1620091351"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37630
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 02 Oct 2022 16:40:25 GMT
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400%7CSource+Sans+Pro:800,700,500,600,400
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5f Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8df68c26f5ff8c99e5b8a0c4b3759b5b434b785435c95f095ecda399e7d06573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 14:40:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Oct 2022 14:40:25 GMT
5475ee8182731602696614-RostamMulti-ColorLogo_Vector.png
a.omappapi.com/users/d4e9b8c8acd3/images/
28 KB
29 KB
Image
General
Full URL
https://a.omappapi.com/users/d4e9b8c8acd3/images/5475ee8182731602696614-RostamMulti-ColorLogo_Vector.png
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
8e8e0e401c2ead86f28894b8b697452e66d7c07d56beb72134b4c9638c427044

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
cdn-edgestorageid
883
perma-cache
HIT
cdn-storageserver
DE-168
cdn-cachedat
09/28/2022 16:16:01
cdn-pullzone
293267
content-length
28546
last-modified
Thu, 27 May 2021 18:24:58 GMT
server
BunnyCDN-AMS-879
cdn-fileserver
102
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"60afe3fa-6f82"
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
20b9702cd6b16eecfbd10785fd354cd7
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
c7096ca2801a1602698755-Rostam-Unfold-You-Optin-Header.png
a.omappapi.com/users/d4e9b8c8acd3/images/
13 KB
14 KB
Image
General
Full URL
https://a.omappapi.com/users/d4e9b8c8acd3/images/c7096ca2801a1602698755-Rostam-Unfold-You-Optin-Header.png
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
45332061ebb149a786b7b67f72cb4d5473f9d7acf502e4bad5fd9ff60d9fc759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
cdn-edgestorageid
879
perma-cache
HIT
cdn-storageserver
DE-51
cdn-cachedat
10/01/2022 18:32:34
cdn-pullzone
293267
content-length
13692
last-modified
Thu, 27 May 2021 18:24:59 GMT
server
BunnyCDN-AMS-879
cdn-fileserver
102
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"60afe3fb-357c"
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
7b4a086dc7838b2672e5fb24940236c4
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
2ffc1e25a89b1602698227-GET-EARLY-ACCESS-TO-NEW-MUSIC-TICKETS-AND-MORE.png
a.omappapi.com/users/d4e9b8c8acd3/images/
29 KB
30 KB
Image
General
Full URL
https://a.omappapi.com/users/d4e9b8c8acd3/images/2ffc1e25a89b1602698227-GET-EARLY-ACCESS-TO-NEW-MUSIC-TICKETS-AND-MORE.png
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::879:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-879 /
Resource Hash
04a8a5416c5d62212f94178ae9dd154780bf5489245a1edd3743f955e1e5b680

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
cdn-edgestorageid
883
perma-cache
HIT
cdn-storageserver
DE-51
cdn-cachedat
09/28/2022 16:16:01
cdn-pullzone
293267
content-length
30040
last-modified
Thu, 27 May 2021 18:24:59 GMT
server
BunnyCDN-AMS-879
cdn-fileserver
100
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
"60afe3fb-7558"
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
0002bb7871c8e33985815151f6010df2
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
217011611820041
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/217011611820041?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a3bcd2e6d4a3d65d125c95a21f7297769617cfc1f3ad7cbb023fb02a3df06fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 02 Oct 2022 14:40:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86184
x-fb-rlafr
0
x-xss-protection
0
pragma
private
x-fb-debug
z/vLlqpdTZwRXYPBxYystPIFlEo8GXGM4BUpVZ+ZM+VQoi553pbZTbxG2PswdzJ2n0NqylHdopRCLJquqoHK4w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
private
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/
3 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
42d627261d569e19b16b55d2549439124c5a0e24c74d26a0c9d9daada4e63a20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-akamai-request-id
316e1b63
date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=95
content-length
1182
pragma
no-cache
server
nginx
x-tt-logid
20221002144025FFD558C7A1D63904FDC0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
95,23.36.161.138
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc7310ecac05f51c7d73b5fda75fba33e27d961a94a9790a27c68e7064c1c4c59f627a04765b99e2b36a83dc60480a42f7f4fcd44f73495b72f47410eb75911f511a0
expires
Sun, 02 Oct 2022 14:40:25 GMT
a-08c7.min.js
b-code.liadm.com/
28 KB
11 KB
Script
General
Full URL
https://b-code.liadm.com/a-08c7.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9NK8HW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:be00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e68d6e042bb46e2a4d478b27daf67bf3e3f7033b252fc5f147236a7b4115dec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 17:57:49 GMT
content-encoding
gzip
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
74556
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-id
PgAw1bkHIHZD4atWKMkcxyyrzNsnNsYs9yhOBOoUfY7_KgYrrmzWZQ==
sp_2_16_3.js
tracking.aegpresents.com/
77 KB
78 KB
Script
General
Full URL
https://tracking.aegpresents.com/sp_2_16_3.js
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:7600:11:65f0:c080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf72c42dffb746770f2d19c47619718c400b840b8bf3218a60137bee7f9a16d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
S0PSeETRZEGlDS2kDiQQw_ui5Gf9x1Hi
date
Sat, 01 Oct 2022 19:37:49 GMT
via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
last-modified
Mon, 23 Nov 2020 19:35:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
68557
etag
"061218953601a45264b449ad25f296c7"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
78920
x-amz-cf-id
zjLqcjaxcnE-mxfk-b0LHNU5s226b1f1Jtme3kGCH1zQG7dvaV4E_A==
generate_204
www.youtube.com/ Frame 98AB
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?xshDWA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DW-_NldiM9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/DW-_NldiM9I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=217011611820041&ev=PageView&dl=https%3A%2F%2Fofficialrostam.com%2F&rl=&if=false&ts=1664721625495&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1664721625168.384769462&it=1664721624971&coo=false&rqm=GET
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 02 Oct 2022 14:40:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 98AB
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 14:40:25 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400%7CSource+Sans+Pro:800,700,500,600,400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://officialrostam.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 18:51:26 GMT
x-content-type-options
nosniff
age
503339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16740
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Sep 2023 18:51:26 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400%7CSource+Sans+Pro:800,700,500,600,400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://officialrostam.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:25:00 GMT
x-content-type-options
nosniff
age
328525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 19:25:00 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400%7CSource+Sans+Pro:800,700,500,600,400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://officialrostam.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 16:24:40 GMT
x-content-type-options
nosniff
age
425745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 16:24:40 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400%7CSource+Sans+Pro:800,700,500,600,400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://officialrostam.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:24:52 GMT
x-content-type-options
nosniff
age
328533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Sep 2023 19:24:52 GMT
tp2
b.aegpresents.com/com.snowplowanalytics.snowplow/ Frame
0
0
Preflight
General
Full URL
https://b.aegpresents.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.255.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-255-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://officialrostam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://officialrostam.com
access-control-max-age
5
content-length
0
date
Sun, 02 Oct 2022 14:40:26 GMT
server
nginx
tp2
b.aegpresents.com/com.snowplowanalytics.snowplow/
2 B
322 B
XHR
General
Full URL
https://b.aegpresents.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: tracking.aegpresents.com
URL: https://tracking.aegpresents.com/sp_2_16_3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.255.239 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-255-239.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://officialrostam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://officialrostam.com
date
Sun, 02 Oct 2022 14:40:26 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
sync-container.js
b-code.liadm.com/
6 KB
6 KB
Script
General
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-08c7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:be00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 17:05:41 GMT
x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
2410485
etag
"ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
5904
x-amz-cf-id
vUCzSsVBDjCEMgmRDH9iNWRSMTBcL4p943pubT56KlK7aO3R7K-UBg==
cast_sender.js
www.gstatic.com/eureka/clank/106/ Frame 98AB
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/106/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 22:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 15:10:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 02 Oct 2022 22:55:27 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 98AB
90 B
134 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0058daca36e4f8d5d827a72100a77ba753e2fe4eb47bb3255d6a5bdaa06c96cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 02 Oct 2022 14:40:25 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
main.Mi4wLjAuNTVfMQ.js
analytics.tiktok.com/i18n/pixel/static/
336 KB
95 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTVfMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2T72MSAJ6IAHR393GU0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-akamai-request-id
316e1be5
date
Sun, 02 Oct 2022 14:40:25 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20220927123930BB6B437539000E0022C4
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01f053d182073be71d547ade5dd50871625f5bbb9a7f4540ebd66f9973d7e4d4441e443f28f0763187f9930c1e3e39ceed6ec07874d09f3a0b78dc96f779e172ae822ad9cfc22a65630ea5aeaa89233310
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
96584
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1664721625660&aid=a-08c7&se=e30&duid=10f95f72ab0a--01gecj88eb9952xf7eqexjk7j9&tna=v2.5.0&pu=https%3A%2F%2Fofficialrostam.com%2F&wpn=lc-bundle&c=PHRpdGxlPlJvc3RhbSAtIFR...
  • https://rp4.liadm.com/j?dtstmp=1664721625660&aid=a-08c7&se=e30&duid=10f95f72ab0a--01gecj88eb9952xf7eqexjk7j9&tna=v2.5.0&pu=https%3A%2F%2Fofficialrostam.com%2F&wpn=lc-bundle&c=PHRpdGxlPlJvc3RhbSAtIF...
13 B
551 B
XHR
General
Full URL
https://rp4.liadm.com/j?dtstmp=1664721625660&aid=a-08c7&se=e30&duid=10f95f72ab0a--01gecj88eb9952xf7eqexjk7j9&tna=v2.5.0&pu=https%3A%2F%2Fofficialrostam.com%2F&wpn=lc-bundle&c=PHRpdGxlPlJvc3RhbSAtIFRoZSBOZXcgQWxidW0gQ2hhbmdlcGhvYmlhIE91dCBKdW5lIDR0aDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJvc3RhbSBfIHByb2R1Y2VyICsgc2luZ2VyLiB1IG1heSBrbm93IG1lIGZyb20gc29uZ3Mgd2l0aCBWYW1waXJlIFdlZWtlbmQsIEhhaW0sIENsYWlybywgRGlzY292ZXJ5LCBIYW1pbHRvbiBMZWl0aGF1c2VyIj4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojc%3D&n3pc=true
Protocol
H2
Server
35.168.71.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-71-120.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 14:40:26 GMT
x-pixel-event-id
27a76393-c7c6-4003-85b7-a8e698b117ae
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
8
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
05a5af02ec8fc9f7
content-length
13
x-xss-protection
1; mode=block

Redirect headers

date
Sun, 02 Oct 2022 14:40:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1664721625660&aid=a-08c7&se=e30&duid=10f95f72ab0a--01gecj88eb9952xf7eqexjk7j9&tna=v2.5.0&pu=https%3A%2F%2Fofficialrostam.com%2F&wpn=lc-bundle&c=PHRpdGxlPlJvc3RhbSAtIFRoZSBOZXcgQWxidW0gQ2hhbmdlcGhvYmlhIE91dCBKdW5lIDR0aDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJvc3RhbSBfIHByb2R1Y2VyICsgc2luZ2VyLiB1IG1heSBrbm93IG1lIGZyb20gc29uZ3Mgd2l0aCBWYW1waXJlIFdlZWtlbmQsIEhhaW0sIENsYWlybywgRGlzY292ZXJ5LCBIYW1pbHRvbiBMZWl0aGF1c2VyIj4&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6Ojc%3D&n3pc=true
access-control-allow-origin
https://officialrostam.com
request-time
0
access-control-allow-credentials
true
trace-id
54993942f3745af8
content-length
0
x-xss-protection
1; mode=block
/
www.facebook.com/tr/
0
15 B
Image
General
Full URL
https://www.facebook.com/tr/?id=459580645400713&ev=Microdata&dl=https%3A%2F%2Fofficialrostam.com%2F&rl=&if=false&ts=1664721625672&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Rostam%20-%20The%20New%20Album%20Changephobia%20Out%20June%204th%22%2C%22meta%3Adescription%22%3A%22Rostam%20_%20producer%20%2B%20singer.%20u%20may%20know%20me%20from%20songs%20with%20Vampire%20Weekend%2C%20Haim%2C%20Clairo%2C%20Discovery%2C%20Hamilton%20Leithauser%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Rostam%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fofficialrostam.com%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fofficialrostam.com%2Fdist%2Fimages%2FalbumSmall.jpg%22%2C%22og%3Adescription%22%3A%22Rostam%20_%20producer%20%2B%20singer.%20debut%20album%20%27Bike%20Dream%27%20out%20now.%20u%20may%20know%20me%20from%20songs%20with%20Vampire%20Weekend%2C%20Discovery%2C%20Hamilton%20Leithauser%2C%20Haim%22%2C%22og%3Asite_name%22%3A%22Rostam%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664721625168.384769462&it=1664721624971&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: officialrostam.com
URL: https://officialrostam.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 02 Oct 2022 14:40:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
pixel
analytics.tiktok.com/api/v2/
0
688 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTVfMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-138.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://officialrostam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
288b4acb.316e1c3e
date
Sun, 02 Oct 2022 14:40:25 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-138.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time
112,23.36.161.138
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=28, inner; dur=17
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20221002144025166BC22E39F5CCFDD54A
x-cache-remote
TCP_MISS from a23-39-229-23.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
28,23.39.229.23
x-tt-trace-host
01176b51d7392c1fa000bd81347ecbc7313c4e0f04761349814dce7b330b92baae42b1c8d3a87daafc1981247513f69976f9d329086bf24b3f914a49559d869c6f9927b7c0bab8a41081e93e2f2022a0d0a2888158eff7ef94615e403c13bd3213
expires
Sun, 02 Oct 2022 14:40:25 GMT
/
www.facebook.com/tr/
0
15 B
Image
General
Full URL
https://www.facebook.com/tr/?id=217011611820041&ev=Microdata&dl=https%3A%2F%2Fofficialrostam.com%2F&rl=&if=false&ts=1664721625998&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Rostam%20-%20The%20New%20Album%20Changephobia%20Out%20June%204th%22%2C%22meta%3Adescription%22%3A%22Rostam%20_%20producer%20%2B%20singer.%20u%20may%20know%20me%20from%20songs%20with%20Vampire%20Weekend%2C%20Haim%2C%20Clairo%2C%20Discovery%2C%20Hamilton%20Leithauser%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Rostam%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fofficialrostam.com%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fofficialrostam.com%2Fdist%2Fimages%2FalbumSmall.jpg%22%2C%22og%3Adescription%22%3A%22Rostam%20_%20producer%20%2B%20singer.%20debut%20album%20%27Bike%20Dream%27%20out%20now.%20u%20may%20know%20me%20from%20songs%20with%20Vampire%20Weekend%2C%20Discovery%2C%20Hamilton%20Leithauser%2C%20Haim%22%2C%22og%3Asite_name%22%3A%22Rostam%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1664721625168.384769462&it=1664721624971&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://officialrostam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 02 Oct 2022 14:40:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
a-08c7
i.liadm.com/s/c/ Frame C402
0
0

log_event
www.youtube.com/youtubei/v1/ Frame 98AB
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/a336babc/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-Goog-Request-Time
1664721627630
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/DW-_NldiM9I
X-YouTube-Client-Version
1.20220928.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs5U2xva1dzbVlvUSjYxeaZBg%3D%3D
X-YouTube-Ad-Signals
dt=1664721625145&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C900%2C498&vis=1&wgl=true&ca_type=image

Response headers

date
Sun, 02 Oct 2022 14:40:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 02 Oct 2022 14:40:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=ClJZi3AF4XcY8kK0&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fofficialrostam.com%2F&lact=610&cl=477567167&mos=0&volume=100&cbr=Chrome&cbrver=106.0.5249.61&c=WEB_EMBEDDED_PLAYER&cver=1.20220928.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=172&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24226335%2C24248385%2C24249174%2C24255165%2C24277989%2C24278546%2C24279628%2C24283280%2C24289901%2C24290131%2C39322399&muted=0&docid=DW-_NldiM9I
Domain
i.liadm.com
URL
https://i.liadm.com/s/c/a-08c7?s=&cim=&ps=true&ls=true&duid=10f95f72ab0a--01gecj88eb9952xf7eqexjk7j9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation undefined| define object| js string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| kl object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| om50361_44385 function| omq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| omntowaozwgfw9glatzcje object| WebFont object| google_tag_manager string| TiktokAnalyticsObject object| ttq object| GlobalSnowplowNamespace function| aeg object| Snowplow object| LI object| __li__evt_bus object| liQ function| _typeof2 function| __liSync object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks

19 Cookies

Domain/Path Name / Value
officialrostam.com/ Name: CraftSessionId
Value: 6ebef844d55b0f55218a69c5a4d8db27
.youtube.com/ Name: YSC
Value: a_c79jBtZEk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 9SlokWsmYoQ
officialrostam.com/ Name: _omappvp
Value: 5MIuFYQlC6ywiwmzJ1Eoim4Pj9eq9LREJxr0QbMJnjtEET8rvmSGzHFaZyXAi5GZ8czW86FmDZbEXvdSaBQd4e30X9r1N6uM
officialrostam.com/ Name: _omappvs
Value: 1664721624887
.officialrostam.com/ Name: _ga
Value: GA1.2.7708052.1664721625
.officialrostam.com/ Name: _gid
Value: GA1.2.1360958038.1664721625
.officialrostam.com/ Name: _gat
Value: 1
.officialrostam.com/ Name: _fbp
Value: fb.1.1664721625168.384769462
.officialrostam.com/ Name: _gcl_au
Value: 1.1.1173217152.1664721625
.officialrostam.com/ Name: _sp_ses.9b5a
Value: *
.officialrostam.com/ Name: _sp_id.9b5a
Value: cb0ab362-64e9-4a59-bbf9-5bfee20e8f23.1664721626.1.1664721626.1664721626.09b053d6-3c7a-4c47-944b-de30279abf02
.officialrostam.com/ Name: _li_dcdm_c
Value: .officialrostam.com
.officialrostam.com/ Name: _lc2_fpi
Value: 10f95f72ab0a--01gecj88eb9952xf7eqexjk7j9
.officialrostam.com/ Name: _tt_enable_cookie
Value: 1
.officialrostam.com/ Name: _ttp
Value: da171111-cd8c-4973-973b-411f4039a797
.liadm.com/ Name: lidid
Value: fc3ffeae-5a9a-415b-9a3e-c9ff0bf5663b
officialrostam.com/ Name: _liChk
Value: 0.8533989941003892
b.aegpresents.com/ Name: _cf
Value: a9da3aa7-5df6-4f68-b5d5-de05710de8bf

1 Console Messages

Source Level URL
Text
security warning URL: https://officialrostam.com/(Line 351)
Message:
Mixed Content: The page at 'https://officialrostam.com/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.fanbridge.com/signup/1.5/submit?userid=222652'. This endpoint should be made available over a secure connection.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
a.optmnstr.com
analytics.tiktok.com
api.omappapi.com
b-code.liadm.com
b.aegpresents.com
cdn.seated.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.liadm.com
i.ytimg.com
jnn-pa.googleapis.com
officialrostam.com
rp.liadm.com
rp4.liadm.com
static.doubleclick.net
stats.g.doubleclick.net
tracking.aegpresents.com
widget.seated.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
i.liadm.com
www.youtube.com
151.101.66.49
166.62.73.162
23.36.163.138
2400:52e0:1e01::879:1
2600:1f18:730:b120:fbde:2d4c:4293:54de
2600:9000:2057:be00:8:8845:1500:93a1
2600:9000:214f:7600:11:65f0:c080:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9d
2a00:1450:400c:c0c::5f
2a00:1450:400d:805::2001
2a00:1450:400d:805::2003
2a00:1450:400d:807::2016
2a00:1450:400d:80a::200a
2a00:1450:400d:80e::2002
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d014:275:cb00:ec0d:12e2:df27:aa60
35.168.71.120
44.239.255.239
99.86.4.50
0058daca36e4f8d5d827a72100a77ba753e2fe4eb47bb3255d6a5bdaa06c96cb
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
015bfbbcb959c4b17e2f284dae3c5f9a43a0211e5b8831034200117e4c50e6e6
0460c2d46b7e010fa01e3a9d966baf7937e31fc59d2368b4bf86c5977101d9f3
04a8a5416c5d62212f94178ae9dd154780bf5489245a1edd3743f955e1e5b680
0569d9cfa3c0c8bb573b0d931d3ccf18fccbf15f18876ab93b384737fd227d03
094f668634220dfd33241ddafa1331cc260a6f56266910c4a1250794666132e5
0c9beac5711042da3daf3d793faa626e1f8f59663a284341adb9a32c8e872354
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
1233bf552d2d4f2d61bd479b44c6f11670bb0af3c292bb79703f9d06810504a5
14ccf0ced2f6615fec7aedc1fdee71f12eb09836c0d15454474dc9d6b3712961
15ff5659cab8fc98265e2c7a61f5536f34628ce02aba7339796171690edffe4a
172e879975c17085fd085f13b91794adc34b6ad84c60aba06b89e10d811ec5bc
1bbbd756860a0ae5318221030589d74edc472ca11ff8bb189261831e1c0558b7
1ec405dcb3bda509e2e86ae87b4e8f6cb88c1c5de5b10dfa03fbe5f1f6abefa3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3407536ab7f00669953768cef7f6436576d6d89a1b7572b5a59274f6b0b605cc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4157df287d2c2a151cd6b706c702b0030cb35bcf38ea38ccf37f8e82c631bcfa
42d627261d569e19b16b55d2549439124c5a0e24c74d26a0c9d9daada4e63a20
45332061ebb149a786b7b67f72cb4d5473f9d7acf502e4bad5fd9ff60d9fc759
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4cb6281763159b32fbd4c71f541f56696171898ed68d55017527c8744750340e
51843919396cc1dca86350d4c2f510319eade39d98009a6c286be653863a6431
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a72b81238de491fed35aa9b4e84f6bebd0b8d56d8b4d3ad8cd248b460cdeb6d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
605cbe6ca432832b7cf1973a10c9b3147e1a34561698358a95dd0b7588ee4296
609ea785d35d1daff787e72b585f5250c6007057818b77b1619787d318fff6b0
619ad49366d57734f21bf5eb23a55bf9681f3974ee2b803d59027b9b692227dd
6327e533ee835df219dd29376468437c6f5f5c37e07a59d1c0bb49efabc35d14
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a3bcd2e6d4a3d65d125c95a21f7297769617cfc1f3ad7cbb023fb02a3df06fb
6dc4e89d4edbdb9eefd011410d7506e343a9caa6b2db254bc7f2e15f1a7e5795
6e1cb9b9c5bf41a5cfe79628d65680a898ef5714440d927b82d80e9175125dfe
6f75aa6ec563f13bb977daf8d244acc143876f18fcc43f01e75509e935622010
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73c6e87b5c09c75f090c069f0d84fb0044ea3c66b9f96c9f3bd9b1355f37e888
7499b89d3beae3f7252cd17cb34a158c8203746e7bf615984b552ce8f1c77dc7
77bae5cc89c56392d8d209e860ee1d20a1518eae6e66c3d58b6cd58eaa387242
78cf7a5e5085740aee10b64344005a582eff61ca5f6861cc5790344580995b36
7cfcdf4ec5c1cfa7938d703299c2e55a4dd3622d7f1b8bfeb39248b3cd5add0b
81f2b6e2ede264f2133791556b890cf10d734b83a4e500aecc0d24c28d1253f7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860982f7df0344e1608e42a5279603244e7bb6c6c92f99a7d8442ff61a4637a3
8df68c26f5ff8c99e5b8a0c4b3759b5b434b785435c95f095ecda399e7d06573
8e0e9a1bafe741fefd5367e4d0ba8f6e94f115ced0d606e2f26fa7c25bca6a1f
8e8e0e401c2ead86f28894b8b697452e66d7c07d56beb72134b4c9638c427044
8f2afa99e99cc6ac02f8b73906a18515f1a805567b9740180f17e03a32d8cb96
8fd1ef61bbb729cfc82c83b871403192889eb36c7fe3a984be4f8f6b3ada731a
90170c06cfc78164ffb53c71f2ad709278e24ed7235dc52e5aa173effde6bb20
93d0f4963fc723bcfac5a89849ed2469aad27e6b150d77148fe2e80880ec9ebd
950e8cccfa5379bba744eac23b9071779298371f08e24c4f4dab1aac639a9e2f
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a0a4bf05bc5c763fd9fc1e2bc0c62cb71f9017bbfad884a7ad414fe50e5b0057
ab9d2eb2b96f1c782f8950774a4f08c5cd42f0c47aabf8cd7688a02f0be09351
ae347eac493bf9f47aacda72d22081213c91af10d8eb6773ea36390d7d4b613e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4631b10e348ebfb10dbe414d2b25ee5fb9323ae047052580b1ba525a8d665f
b0c6a4fa6370d74665cc2541281eff7fdd171962c7abd1f956e4494e753c5867
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b978c8df6dc42edbbad10e3a4a48218ac5e5cd51166cabca310f1bf2df437fb3
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bf72c42dffb746770f2d19c47619718c400b840b8bf3218a60137bee7f9a16d3
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c151f184fa529a7c5a7e9568542b3d2c68fcafe1ae2a534666297f59ab2972f8
c2ef0710105f38bc6c2f2c5409cfc9d72182fbc10628ef7a25629674539f45dd
c32bf74f46b32a01f872d18acc684e43ff877d055aee693779a3eb9042018ec7
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68d6e042bb46e2a4d478b27daf67bf3e3f7033b252fc5f147236a7b4115dec7
e9bd9db83268ae9694965b94341b1ac5c2da802cfb7d87ed5b1b2727d8ea5ed2
ecb36fe21cfde0bb0037a4fdf8588706a30031ceba1ed1840a364f2b2bce5d80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f11f319f1549dcb9050fa167b07121caf08a20bf8cd3f8235a2742ddfb79a550
f5ddbf2d39dc3c17957b24096e2b44f3376228dca54852d0d44b8bb174eb5e0b
fc4753ea69f2c58c0c9ac253d2ce4dfa872ff4337b42be14dcf4b2f77ed97d02
fcb101643feea0516c0197ceb767e07ac38f328dd84871fbc748a5bc0fdc7895
ff9a1e3e286ae70a1754e4bb40685492d7143e53cc1f2b26d57f5e9c45198e91