wickjeci.tk Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response wickjeci.tk/	80 KB 26 KB	3017ms 60ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wickjeci.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4261cfd3c3d232d4ace579690cdcebcedaeec69134f31577be249cffd944de84 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 82dba2379fb52c3e-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 29 Nov 2023 14:45:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVfjm6u2TNhw3bSJa1DMBaGZB%2BgUJZVRX8AAvJ4fskDHcjP8pcnYRxmgXvhrPJW8rTVyIRfuDFlMqDq2siYDBRJsgqxbaboXuMhxFVAhQiY74xYu6KRJMRnLpYa4JNw5cyBplvdZskJ96g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	css fonts.googleapis.com/	46 KB 2 KB	319ms 9ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i Requested by Host: wickjeci.tk URL: https://wickjeci.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4f0e83c83a1f48a6a24cf712856cd44c0af28570986734dabfe5f3df4b1662cb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://wickjeci.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 29 Nov 2023 14:45:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 29 Nov 2023 14:45:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 29 Nov 2023 14:45:19 GMT
GET H2	200	bootstrap.min.css cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/	157 KB 18 KB	346ms 32ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css Requested by Host: wickjeci.tk URL: https://wickjeci.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://wickjeci.tk/ Origin https://wickjeci.tk accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 14:45:19 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1416102 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 17550 last-modified Thu, 06 Aug 2020 17:01:51 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f2c377f-2722e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BdTBmnaHQEOEHq09Iehj1Avd5Ju1i11UegjFUeEwKHU6DGux7SZ86gd09%2FfCwsuLOUPZ%2B9y1Q5v4g4qdbPHmE3QyUmUN%2F64jA5HeKEBk0eNP5HLnfTrDnPTPxnjNTEvuU6U9uXzWsycPRLHquyVp3MZ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82dba239fa635d9e-FRA expires Mon, 18 Nov 2024 14:45:19 GMT
GET H2	200	plovdiv16-1024x576.jpg mandry.club/wp-content/uploads/2019/07/	112 KB 112 KB	416ms 93ms	Image image/jpeg	2a06:6440:0:2d12::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mandry.club/wp-content/uploads/2019/07/plovdiv16-1024x576.jpg Requested by Host: wickjeci.tk URL: https://wickjeci.tk/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d12::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash 75483017027b696f8df618fc17e62c69cbbbe33201f0e7ecbf9f4392a7429385 Request headers accept-language nl-NL,nl;q=0.9 Referer https://wickjeci.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 14:45:19 GMT x-ray p999:0.000/wn10325:0.000/ last-modified Sun, 21 Jul 2019 14:18:51 GMT server nginx etag "5d34744b-1be27" content-type image/jpeg cache-control max-age=604800 accept-ranges bytes content-length 114215 expires Wed, 06 Dec 2023 14:45:19 GMT
GET H2	200	2101116469_square.jpg dallas.wmbcdn.com/34/06/66/1792666043/	21 KB 21 KB	483ms 49ms	Image image/jpeg	151.236.71.248 CDNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://dallas.wmbcdn.com/34/06/66/1792666043/2101116469_square.jpg?hash=Yry_9PIyjUDqTEBLc4H9pw&expires=64060578000&updated=1641571424 Requested by Host: wickjeci.tk URL: https://wickjeci.tk/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU), Reverse DNS Software nginx / Resource Hash 823c0c2fbf5d5f163ade65488ef9132f76f3ad38118ca48c616874fb39fa5439 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://wickjeci.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 14:45:19 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-cdn-edge-id 2315 x-mmb-prowered-by photostorage3 x-mmb-proxed-by photostorage2 cross-origin-resource-policy cross-origin content-length 21342 last-modified Fri, 07 Jan 2022 16:03:43 GMT server nginx etag "61d8645f-535e" content-type image/jpeg cache-control max-age=31536000 x-cdn-edge-cache HIT accept-ranges bytes x-cdn-request-id f8f767017ceb1bcccfaaf031d3004593 expires Thu, 28 Nov 2024 10:22:35 GMT
GET H2	200	2039272933_square.jpg dallas.wmbcdn.com/58/27/27/1780727285/	2 KB 2 KB	157ms 50ms	Image image/gif	151.236.71.248 CDNETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://dallas.wmbcdn.com/58/27/27/1780727285/2039272933_square.jpg?hash=s-XhlflK0P7LvzUPoxkbqg&expires=64060578000&updated=1612487384 Requested by Host: wickjeci.tk URL: https://wickjeci.tk/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU), Reverse DNS Software nginx / Resource Hash ef27afcea7e4d3aa979055e3d1b1c97824fd70ae833861ecc91babcb858be9fc Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://wickjeci.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 14:45:19 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-cdn-edge-id 2315 x-mmb-prowered-by photostorage4 x-mmb-proxed-by photostorage7 cross-origin-resource-policy cross-origin content-length 1551 last-modified Tue, 01 Dec 2015 09:05:33 GMT server nginx etag "565d62dd-60f" content-type image/gif cache-control max-age=31536000 x-cdn-edge-cache HIT accept-ranges bytes x-cdn-request-id ed263119b35fb596b8bec716de5b9796 expires Thu, 28 Nov 2024 10:22:29 GMT
GET H2	200	1735546.jpg showbiz.24tv.ua/resources/photos/news/1200x1200_DIR/202109/	70 KB 70 KB	541ms 0ms	Image image/jpeg	2606:4700:10::6816:32f4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://showbiz.24tv.ua/resources/photos/news/1200x1200_DIR/202109/1735546.jpg?v=202111001032 Requested by Host: wickjeci.tk URL: https://wickjeci.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:32f4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bb45f2b94f290baf95ab6c63c545963786a2fb7cfac5143b91cbd0adf18e822 Security Headers Name Value Strict-Transport-Security max-age=17280000; Request headers accept-language nl-NL,nl;q=0.9 Referer https://wickjeci.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-images-api 5 date Wed, 29 Nov 2023 14:45:19 GMT strict-transport-security max-age=17280000; cf-cache-status HIT cf-polished origSize=74397 x-cache-status BYPASS x-upstream-response-length 74885 cross-origin-resource-policy cross-origin content-disposition inline; filename=image.jpg alt-svc h3=":443"; ma=86400 content-length 71606 cf-bgj imgq:100,h2pri last-modified Wed, 29 Nov 2023 10:22:31 GMT server cloudflare vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes timing-allow-origin * cf-ray 82dba23cdcf23835-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	5df2d05abcdcc937940264.jpg georgia.mfa.gov.ua/storage/app/uploads/public/5df/2d0/5ab/	76 KB 76 KB	624ms 0ms	Image image/jpeg	172.64.149.209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://georgia.mfa.gov.ua/storage/app/uploads/public/5df/2d0/5ab/5df2d05abcdcc937940264.jpg Requested by Host: wickjeci.tk URL: https://wickjeci.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.149.209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa282280a3c4efa44d8e81d6a7ede37d1a7b215b4f1825ebbe6c7d2fc87e1701 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://wickjeci.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 14:45:19 GMT x-content-type-options nosniff cf-cache-status MISS last-modified Thu, 12 Dec 2019 23:42:18 GMT server cloudflare etag "5df2d05a-12e85" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/jpeg accept-ranges bytes cf-ray 82dba23d88c26637-AMS content-length 77445 x-xss-protection 1; mode=block
GET H2	200	EqS_kAp5o-I Show response www.youtube.com/embed/ Frame 3595	91 KB 40 KB	1568ms 1272ms	Document text/html	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/EqS_kAp5o-I Requested by Host: wickjeci.tk URL: https://wickjeci.tk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a58868b00dc8d441578399892a6e2203df7e46a3e048fd81b94f9cf42e87c07c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://wickjeci.tk/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Wed, 29 Nov 2023 14:45:20 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 fonts.gstatic.com/s/opensans/v36/	26 KB 26 KB	514ms 47ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://wickjeci.tk accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 23 Nov 2023 18:27:08 GMT x-content-type-options nosniff age 505091 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26640 x-xss-protection 0 last-modified Thu, 14 Sep 2023 01:00:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Nov 2024 18:27:08 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v36/	47 KB 47 KB	472ms 5ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://wickjeci.tk accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:29:28 GMT x-content-type-options nosniff age 432951 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48432 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:40:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 23 Nov 2024 14:29:28 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	514ms 48ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://wickjeci.tk accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Fri, 24 Nov 2023 16:18:30 GMT x-content-type-options nosniff age 426409 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7748 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 23 Nov 2024 16:18:30 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	290ms 0ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://wickjeci.tk accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 25 Nov 2023 00:19:52 GMT x-content-type-options nosniff age 397527 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Nov 2024 00:19:52 GMT
GET H2	200	www-player.css www.youtube.com/s/player/5753e790/ Frame 3595	378 KB 48 KB	376ms 0ms	Stylesheet text/css	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/5753e790/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EqS_kAp5o-I Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8b61fa32cdb1dbe2ce40d7e0636c394dc63b7615cb05bcd9ca1a0f6e1501d80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/EqS_kAp5o-I User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 11:51:06 GMT content-encoding br x-content-type-options nosniff age 10454 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48796 x-xss-protection 0 last-modified Mon, 27 Nov 2023 02:43:52 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 28 Nov 2024 11:51:06 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 3595	15 KB 15 KB	295ms 0ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EqS_kAp5o-I Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 23 Nov 2023 23:26:56 GMT x-content-type-options nosniff age 487104 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Nov 2024 23:26:56 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 3595	15 KB 15 KB	302ms 0ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EqS_kAp5o-I Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 22 Nov 2023 21:01:27 GMT x-content-type-options nosniff age 582233 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Nov 2024 21:01:27 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/5753e790/player_ias.vflset/nl_NL/ Frame 3595	56 KB 17 KB	295ms 149ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/5753e790/player_ias.vflset/nl_NL/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EqS_kAp5o-I Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab3b15e22d05fe1fdbc9d15983dff4e4933036b8b26132e94d9225a10f8d70aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/EqS_kAp5o-I User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:36:22 GMT content-encoding br x-content-type-options nosniff age 7738 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17846 x-xss-protection 0 last-modified Mon, 27 Nov 2023 02:43:52 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 28 Nov 2024 12:36:22 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/5753e790/www-embed-player.vflset/ Frame 3595	322 KB 96 KB	284ms 138ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/5753e790/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EqS_kAp5o-I Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 810892545e4b290f8b8516bda6858ef698a342489be9800e2ba0e358c8d5d7a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/EqS_kAp5o-I User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 14:37:38 GMT content-encoding br x-content-type-options nosniff age 462 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 98548 x-xss-protection 0 last-modified Mon, 27 Nov 2023 02:43:52 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 28 Nov 2024 14:37:38 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/5753e790/player_ias.vflset/nl_NL/ Frame 3595	2 MB 765 KB	307ms 162ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/5753e790/player_ias.vflset/nl_NL/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EqS_kAp5o-I Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ccb2222fe1a6c34359d9431f0d451d5bfe28f9f37b90e31b159fbdebbd70df9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/EqS_kAp5o-I User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 10:59:45 GMT content-encoding gzip x-content-type-options nosniff age 13535 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 783112 x-xss-protection 0 last-modified Mon, 27 Nov 2023 02:43:52 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 28 Nov 2024 10:59:45 GMT
GET		id googleads.g.doubleclick.net/pagead/ Frame 3595	0 0
GET		ad_status.js static.doubleclick.net/instream/ Frame 3595	0 0
OPTIONS		Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0
POST		Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3595	0 0
GET H3	200	remote.js www.youtube.com/s/player/5753e790/player_ias.vflset/nl_NL/ Frame 3595	64 KB 0	551ms 332ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/5753e790/player_ias.vflset/nl_NL/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/5753e790/player_ias.vflset/nl_NL/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.youtube.com/embed/EqS_kAp5o-I User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 06:25:06 GMT content-encoding br x-content-type-options nosniff age 30024 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33682 x-xss-protection 0 last-modified Mon, 27 Nov 2023 02:43:52 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 28 Nov 2024 06:25:06 GMT
GET		iPEf94t7kg41AT9t4roGKH7lRPlVKxurQ2Q3DUZ2d_o.js www.google.com/js/th/ Frame 3595	0 0
GET		hqdefault.jpg i.ytimg.com/vi/EqS_kAp5o-I/ Frame 3595	0 0
GET DATA	200 OK	truncated / Frame 3595	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/png
GET		APkrFKZZRgAHyiuhXCpPhkPIM3xHIj2toASD-T9ys2CQdA=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ytc/ Frame 3595	0 0
GET H3	200	KFOmCnqEu92Fr1Mu5mxKOzY.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 3595	10 KB 0	551ms 363ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/EqS_kAp5o-I Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 25 Nov 2023 08:09:07 GMT x-content-type-options nosniff age 369383 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9832 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:49 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Nov 2024 08:09:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/id

Domain

static.doubleclick.net

URL

https://static.doubleclick.net/instream/ad_status.js

Domain

jnn-pa.googleapis.com

URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain

jnn-pa.googleapis.com

URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain

www.google.com

URL

https://www.google.com/js/th/iPEf94t7kg41AT9t4roGKH7lRPlVKxurQ2Q3DUZ2d_o.js

Domain

i.ytimg.com

URL

https://i.ytimg.com/vi/EqS_kAp5o-I/hqdefault.jpg?sqp=-oaymwEmCOADEOgC8quKqQMa8AEB-AH-BIAC4AOKAgwIABABGGUgWihQMA8=&rs=AOn4CLBGl4I6QX-ZLpeDhBs_RNOGWxJ7bg

Domain

yt3.ggpht.com

URL

https://yt3.ggpht.com/ytc/APkrFKZZRgAHyiuhXCpPhkPIM3xHIj2toASD-T9ys2CQdA=s68-c-k-c0x00ffffff-no-rj

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wickjeci.tk/	1969-12-31 23:59:59	Name: ch1c Value: b
			.mfa.gov.ua/	1970-01-20 16:34:30	Name: __cf_bm Value: XJ7aV6vxsMBsSY9H6oQyVfNpIQdkmk7_F27AdCLQUKk-1701269119-0-ARDKVtaUw/KX0HvFOwAqHsyY6PpfAoV8/vHBTtnfkFHlrxXsRXJ9lDTSnEdu20Pw/7KNRGYn5Uc6ON1ypmWJxwCiPVu2ykPw6tUqFebOm/H2
			.mfa.gov.ua/	1969-12-31 23:59:59	Name: _cfuvid Value: 2TR8jYH09.0MzUdxLlbrBNHx8s8vyyEzUw0EH9Nxx4g-1701269119657-0-604800000
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: GOXF3e8kyks
			.youtube.com/	1970-01-20 20:53:41	Name: VISITOR_INFO1_LIVE Value: 3RUAa6fwqzk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
dallas.wmbcdn.com
fonts.googleapis.com
fonts.gstatic.com
georgia.mfa.gov.ua
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
mandry.club
showbiz.24tv.ua
static.doubleclick.net
wickjeci.tk
www.google.com
www.youtube.com
yt3.ggpht.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.google.com
yt3.ggpht.com
151.236.71.248
172.64.149.209
2606:4700:10::6816:32f4
2606:4700::6811:190e
2a00:1450:4001:810::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82a::200a
2a06:6440:0:2d12::1
2a06:98c1:3120::3
1ccb2222fe1a6c34359d9431f0d451d5bfe28f9f37b90e31b159fbdebbd70df9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4261cfd3c3d232d4ace579690cdcebcedaeec69134f31577be249cffd944de84
4bb45f2b94f290baf95ab6c63c545963786a2fb7cfac5143b91cbd0adf18e822
4f0e83c83a1f48a6a24cf712856cd44c0af28570986734dabfe5f3df4b1662cb
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
75483017027b696f8df618fc17e62c69cbbbe33201f0e7ecbf9f4392a7429385
810892545e4b290f8b8516bda6858ef698a342489be9800e2ba0e358c8d5d7a3
823c0c2fbf5d5f163ade65488ef9132f76f3ad38118ca48c616874fb39fa5439
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8
a58868b00dc8d441578399892a6e2203df7e46a3e048fd81b94f9cf42e87c07c
a8b61fa32cdb1dbe2ce40d7e0636c394dc63b7615cb05bcd9ca1a0f6e1501d80
ab3b15e22d05fe1fdbc9d15983dff4e4933036b8b26132e94d9225a10f8d70aa
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ef27afcea7e4d3aa979055e3d1b1c97824fd70ae833861ecc91babcb858be9fc
fa282280a3c4efa44d8e81d6a7ede37d1a7b215b4f1825ebbe6c7d2fc87e1701