urlscan.io logo urlscan.io
SecurityTrails logo

nancydrew.su Open in urlscan Pro
2606:4700:3037::6815:130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nancydrew.su/
Effective URL: https://nancydrew.su/
Submission Tags: l4ing tld su ru rf cccp h8 n* Search All
Submission: On January 19 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 15 domains to perform 80 HTTP transactions. The main IP is 2606:4700:3037::6815:130, located in United States and belongs to CLOUDFLARENET, US. The main domain is nancydrew.su.
TLS certificate: Issued by GTS CA 1P5 on December 24th 2023. Valid for: 3 months.
This is the only time nancydrew.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3036::ac43:8088 (United States)

ASN13335 (CLOUDFLARENET, US)
nancydrew.su
29    2606:4700:3037::6815:130 (United States)

ASN13335 (CLOUDFLARENET, US)
nancydrew.su
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
7    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
6    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
14    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    3.222.255.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-255-115.compute-1.amazonaws.com
ad.admitad.com
1    2606:4700:20::681a:5af (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.admitad-connect.com
4    2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)
site.yandex.net
yastatic.net
4    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
8    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
Apex Domain
Subdomains		 Transfer
30 nancydrew.su
nancydrew.su
367 KB
14 youtube.com
www.youtube.com — Cisco Umbrella Rank: 75
2 MB
8 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 220
80 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
cse.google.com — Cisco Umbrella Rank: 3031
160 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
static.doubleclick.net — Cisco Umbrella Rank: 263
1 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8747
3 KB
3 yandex.net
site.yandex.net — Cisco Umbrella Rank: 130843
24 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
6 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93
93 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
87 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3982
57 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 11938
1 KB
1 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6536
28 KB
1 admitad-connect.com
cdn.admitad-connect.com — Cisco Umbrella Rank: 222590
6 KB
1 admitad.com
ad.admitad.com — Cisco Umbrella Rank: 74161
268 B
80 15
Domain Requested by
30 nancydrew.su 1 redirects nancydrew.su
14 www.youtube.com nancydrew.su
www.youtube.com
8 jnn-pa.googleapis.com www.youtube.com
6 www.google.com 1 redirects www.google.com
www.youtube.com
5 mc.yandex.com 2 redirects nancydrew.su
4 googleads.g.doubleclick.net 2 redirects www.youtube.com
3 site.yandex.net nancydrew.su
site.yandex.net
2 yt3.ggpht.com www.youtube.com
2 i.ytimg.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 connect.facebook.net nancydrew.su
connect.facebook.net
2 mc.yandex.ru 1 redirects nancydrew.su
2 counter.yadro.ru 1 redirects nancydrew.su
1 yastatic.net site.yandex.net
1 cdn.admitad-connect.com nancydrew.su
1 ad.admitad.com 1 redirects
1 cse.google.com nancydrew.su
80 17

This site contains links to these domains. Also see Links.

Domain
forum.nancydrew.su
alitems.com
Subject Issuer Validity Valid
nancydrew.su
GTS CA 1P5		 2023-12-24 -
2024-03-23		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-29 -
2024-01-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-20 -
2024-07-21		 7 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://nancydrew.su/
Frame ID: C9F61F777DB96C47B3282741579BA5A7
Requests: 48 HTTP requests in this frame

Frame: https://www.youtube.com/embed/WgIHT-6C_xU
Frame ID: 2F2F77CE47A57D7A5A6DD51CA2C7D089
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/J_FVpGkH7VY
Frame ID: 349E0D7CC654DF928A0EF49766BE5DCD
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Прохождение Нэнси Дрю

Page URL History Show full URLs

  1. http://nancydrew.su/ HTTP 301
    https://nancydrew.su/ Page URL
  2. https://nancydrew.su/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • <script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

80
Requests

88 %
HTTPS

88 %
IPv6

15
Domains

17
Subdomains

15
IPs

3
Countries

2854 kB
Transfer

8521 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nancydrew.su/ HTTP 301
    https://nancydrew.su/ Page URL
  2. https://nancydrew.su/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://nancydrew.su/ HTTP 301
  • https://nancydrew.su/
Request Chain 12
  • https://counter.yadro.ru/hit?rhttps%3A//nancydrew.su/;s1600*1200*24;uhttps%3A//nancydrew.su/;0.319667482373428 HTTP 302
  • https://counter.yadro.ru/hit?q;rhttps%3A//nancydrew.su/;s1600*1200*24;uhttps%3A//nancydrew.su/;0.319667482373428
Request Chain 14
  • https://www.google.com/cse/cse.js?cx=000384470560964373072:pjnnmbs3hnq HTTP 301
  • https://cse.google.com/cse/cse.js?cx=000384470560964373072:pjnnmbs3hnq
Request Chain 26
  • https://ad.admitad.com/b/a0emyz3whsf5b4b4aeea7a660ebfae/ HTTP 302
  • https://cdn.admitad-connect.com/public/default/banners/2010/03/04/61d76c7835b5296711d37e69af5f0c25.jpg
Request Chain 39
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10253.joQkiyM_aJS3molLCN7PaSLa253vNU_CINBgWO80VgtFq9NbHba25mKCYEgaKDdS.7_GSXc8_9GTlGD71kj8R2lR68Hw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10253.eCwKtCh8WgSWMwZDSEb6BWXmF_FQPEhtTHqYGWuS4LDf-IiG1u3xlIFQfPtpyZqdC6lbHZoZUjscSZFBIZYdxGiEkIBXztUJBeDLSoz7cjXz-Xt_hA3ZmlOtndrPclQdHZcu7LznwF3w7r_8A6z_4PmIVjGGG5c0zYcyTZaqK4WO9A6Gf3MnZcV5PGCEyqoMCBntF0nv5DrEL4YaREBmYgrKH82r6crT0cs2jqA47WA%2C.4ecTbw5kDvBQv2AEA-Wpre4XC3s%2C
Request Chain 40
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 74
  • https://mc.yandex.com/watch/47737168?wmode=7&page-url=https%3A%2F%2Fnancydrew.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1133132232260%3Ahid%3A894965014%3Az%3A60%3Ai%3A20240119200239%3Aet%3A1705690959%3Ac%3A1%3Arn%3A759555834%3Arqn%3A1%3Au%3A1705690959486688216%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C638%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1705690957998%3Afp%3A749%3Arqnl%3A1%3Ast%3A1705690960%3At%3A%D0%9F%D1%80%D0%BE%D1%85%D0%BE%D0%B6%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%9D%D1%8D%D0%BD%D1%81%D0%B8%20%D0%94%D1%80%D1%8E&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/47737168/1?wmode=7&page-url=https%3A%2F%2Fnancydrew.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1133132232260%3Ahid%3A894965014%3Az%3A60%3Ai%3A20240119200239%3Aet%3A1705690959%3Ac%3A1%3Arn%3A759555834%3Arqn%3A1%3Au%3A1705690959486688216%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C638%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1705690957998%3Afp%3A749%3Arqnl%3A1%3Ast%3A1705690960%3At%3A%D0%9F%D1%80%D0%BE%D1%85%D0%BE%D0%B6%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%9D%D1%8D%D0%BD%D1%81%D0%B8%20%D0%94%D1%80%D1%8E&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nancydrew.su/
Redirect Chain
  • http://nancydrew.su/
  • https://nancydrew.su/
274 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
848155468e6db95c-AMS
content-encoding
br
content-type
text/html
date
Fri, 19 Jan 2024 19:02:37 GMT
last-modified
Wed, 18 Nov 2020 15:57:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P18%2Fvm1wuuxyPz1WMbqgHAD9bu7Xi2ftF0VQAqwVJCfGthP4vVQOOrTgiZGSo2qIb1p174Eqpv%2FitDOddMS8FN9fiuJPzSr4ozG%2F4TyZvH4%2F75QG9rwsHulqmlSpV%2FIKH9ikbqA0KzmXZVA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
84815545ccbc39c1-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 19 Jan 2024 19:02:37 GMT
Expires
Fri, 19 Jan 2024 20:02:37 GMT
Location
https://nancydrew.su/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXNRdanZwbpYiLO9CNgPRL4EIzxTYEQ4JgHTgCNm0pyGTgWu77YoVbf995JrPe7JklYPljaRQSH09%2B7Krh9kpDe8FxiFPWEaXPQN%2FG%2FiULOboeWWOEoXNRCuK%2FtgUCTBlGCrIgZOY8UbtGw%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
Primary Request /
nancydrew.su/ 		66 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
f0e8ebe9189b521f0b9c46a3768a437622fc2c638b88105d8af9753e4f01b112

Request headers

Referer
https://nancydrew.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
848155479824b95c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 19:02:38 GMT
link
<https://nancydrew.su/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NioJGSz5279K0xtxRG1buT4bQGczh%2FoXex1u2ouRUd%2BitSa%2FMmVr20aJwOdhtMOmjabzEeX6pL0pq%2BbvI178mMVV27LtuDLm2wO8Xm8T0xpHDtoaLPA65VsfknREiLjpFpw0fV08eaaEk1c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
style.css
nancydrew.su/wp-content/themes/ND-theme/ 		274 B
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-content/themes/ND-theme/style.css
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0032588b8d93a807cf0f48a806ccf125677503a6fabe4105a6dc69e81ace6091

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 15:57:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3143
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMeDopuLD72YqKl7hDicDV2qFF%2FxdKhaqIWS9pr8TCCrdPeV0NR%2B1Llu2p4hNO1S%2Bp%2FoCKcRCAFkvGI0flot%2FG5%2BFLZs84WIgPtkEtJ9xb3uFfb3TVzsDi2sDlWrFh2WhN2Tvlb4DLcjnlk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8481554b8cfd65c0-FRA
alt-svc
h3=":443"; ma=86400
dhtml.js
nancydrew.su/wp-content/themes/ND-theme/ 		390 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-content/themes/ND-theme/dhtml.js
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a5b3e6acd18ee30726c7910b5a6d7d4920f95f6dc6c9cef43447cfad32dfdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
157672
etag
W/"653a49ab-186"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVzNjYOQpo%2F4TkIzEandEQ5WrC8FRKaN%2F%2BHbUW%2FX0fFvpmyBKDjnjsu%2F%2Bj8cWVOst95nAiewiLPOVoLvoQcPTwoE5Qm5RmvCsRkce11tHmErYRkSYp10m0Ij1Zs%2FMCWmbs7DXsMoGG6%2B5UA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=604800
cf-ray
8481554b8cfe65c0-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 23:14:46 GMT
style.min.css
nancydrew.su/wp-includes/css/dist/block-library/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-includes/css/dist/block-library/style.min.css?ver=5.4.14
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
147828
etag
W/"653a49ac-d159"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHcVPgpe7dJTc%2FAnRiA1%2Fja06iwnmj4ErlTPDr5mLIpR%2By89pbJtgEmSfLQooa1MjBUZHbOImpeXwiPtT9rlBvgeHCsYeflIbgzxnWT6MCMFIN7sRCV8ALlHhkrBKWOeGPxMdRvHRRJAgrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
8481554b8d0065c0-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 25 Jan 2024 01:58:50 GMT
app.css
nancydrew.su/wp-content/plugins/simple-lightbox/client/css/ 		274 B
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-content/plugins/simple-lightbox/client/css/app.css?ver=2.8.1
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0032588b8d93a807cf0f48a806ccf125677503a6fabe4105a6dc69e81ace6091

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 15:57:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3143
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C32USxwHW63yFd0JdecngQ8WdZXcpZZsQFuQ6qa96jdYzCiVODuCpm6aIkrcgip%2BTgFDQ9U%2FEX%2BLcg3KCsyZabmj2fZ7hf87DlC4eHyvq31ey40y0BeWOSIlJRgAXxoVRnx04RA6BCtcFtU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
8481554b8d0165c0-FRA
alt-svc
h3=":443"; ma=86400
jquery.js
nancydrew.su/wp-includes/js/jquery/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-includes/js/jquery/jquery.js
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
495261
etag
W/"653a49ad-17a69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQwUgJdEkZkX%2BVLhgJnAhvNjMo%2F3K9zKKmVnRVUcSSDTaBWo2GGfM0PocblRjIB6bHn2rMeBb%2BFGQH24hl7U9lgVGQgudycd8B4SpdTZ2%2FGSJjR3ogcTXQrzSdaYQhm0zHgMDCDH0WgwiI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=604800
cf-ray
8481554b8d0265c0-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 21 Jan 2024 01:28:17 GMT
spoiler.js
nancydrew.su/js/ 		188 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/js/spoiler.js
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddee6575d7e0d0cba71dc70f59871e7d0afe2f19e3d7a89e46652c9cce66aa53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
157672
etag
W/"653a49aa-bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJrc9mPFQbOC3JWd1JrYdxGAMpFClZrPbqzWO7zySwwsujVUgK4BEirLX7Nh%2BfocyVepw%2BdlXdVAcy%2FswyIDhIeRonIZ64VKxQ6w7owPQzWj78Ml7WveIN0rXkj2BkxosIYl%2BE4hm5T%2FMkc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=604800
cf-ray
8481554b8d0565c0-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 23:14:46 GMT
wp-emoji-release.min.js
nancydrew.su/wp-includes/js/ 		0
0
cat_bullet.jpg
nancydrew.su/wp-content/themes/ND-theme/images/ 		419 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/themes/ND-theme/images/cat_bullet.jpg
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8a4a7941b42e4a7b96b983e03d1c4ef663c275f5c48b74268f45003da7a386

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
831394
alt-svc
h3=":443"; ma=86400
content-length
419
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
server
cloudflare
etag
"653a49ab-1a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdOkp%2BAIlI%2FBY%2FI%2FLLhLokFeN8Vd%2FuKkNJ9plp7z6u60KPOYbACxbbX%2BophGvzRsxnzHwP0lncDth2O%2BV8szUOx4v8S92x%2FErmNlRkkcQdBSmczbVLpG05K6wJXa589x2ozwyx%2FTj6p%2F0w0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c0d8965c0-FRA
expires
Fri, 09 Feb 2024 04:06:03 GMT
date_bullet.gif
nancydrew.su/wp-content/themes/ND-theme/images/ 		643 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/themes/ND-theme/images/date_bullet.gif
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b6a4ba889d0e1348f34ba5f18d35b95509bd6263df0cfa9d09e9bdaed11d9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
326822
alt-svc
h3=":443"; ma=86400
content-length
643
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
server
cloudflare
etag
"653a49ab-283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Lc0KGLVVIKS9O3Ku7DD%2FVkPE3oEmTzyToMgDNedtuOZ4ChL4iwV524J8x%2BSI1XEe4s3p23l%2FMdDAeL4MGy8Nv536Gj9a5MNhMibZDPdSOMSoiCNE%2Bdkx%2B5SkcJEJTNPMMofCwxHJtfWrAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c0d8a65c0-FRA
expires
Thu, 15 Feb 2024 00:15:36 GMT
MID_DVDWrap-212x300.jpg
nancydrew.su/wp-content/uploads/2020/08/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/uploads/2020/08/MID_DVDWrap-212x300.jpg
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9950963a0c1d5bcd28b279760032ea5bdfbac52f3a23fab3c20dc2680b276a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
295511
alt-svc
h3=":443"; ma=86400
content-length
20853
last-modified
Thu, 26 Oct 2023 11:12:44 GMT
server
cloudflare
etag
"653a49ac-5175"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LR9FyNlGtPXG6A8VoHqn4NAj8qKsRynEKlGMOkbhAg2hfS6HS0RPGOY0%2FT7MZhMAhjA85mB0HQaZCu2vDdt%2FMLQ0rriYxJL6LDPpeSukhYUKsPF53lFj19%2By713Lxz%2FhNr8%2Br6ApJhSAQqE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c1d9665c0-FRA
expires
Thu, 15 Feb 2024 08:57:27 GMT
bullet.gif
nancydrew.su/wp-content/themes/ND-theme/images/ 		57 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/themes/ND-theme/images/bullet.gif
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7a701fb3bc6b9bf7b4ec22441af234654c67d09712647f656a40a31d810528c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1850250
alt-svc
h3=":443"; ma=86400
content-length
57
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
server
cloudflare
etag
"653a49ab-39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YsqtlHK936unWVaYv5mft6To0C3lgu7vEIL5l6xnOigPWknuiXtZNQhoQvqIsQJ6p2zYmG%2FwrX9kmL6J7QJpQDeVNqzAHbXPu6o8WFp%2Fi%2B%2FkfBKDnxG%2FClo5i8JaZMBA7DJKvvHK4MY3zdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c1d9865c0-FRA
expires
Sun, 28 Jan 2024 09:05:08 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?rhttps%3A//nancydrew.su/;s1600*1200*24;uhttps%3A//nancydrew.su/;0.319667482373428
  • https://counter.yadro.ru/hit?q;rhttps%3A//nancydrew.su/;s1600*1200*24;uhttps%3A//nancydrew.su/;0.319667482373428
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;rhttps%3A//nancydrew.su/;s1600*1200*24;uhttps%3A//nancydrew.su/;0.319667482373428
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 19:02:38 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Wed, 18 Jan 2023 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Jan 2024 19:02:38 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;rhttps%3A//nancydrew.su/;s1600*1200*24;uhttps%3A//nancydrew.su/;0.319667482373428
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Wed, 18 Jan 2023 21:00:00 GMT
watch.js
mc.yandex.ru/metrika/ 		157 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
2424b2e976617601f41ddb5d7258048adff1c50e9b4e82c42f5bd7ef864ebd54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 18 Jan 2024 16:14:38 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65a94e6e-ddde"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
56798
expires
Fri, 19 Jan 2024 20:02:38 GMT
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=000384470560964373072:pjnnmbs3hnq
  • https://cse.google.com/cse/cse.js?cx=000384470560964373072:pjnnmbs3hnq
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=000384470560964373072:pjnnmbs3hnq
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
ee85632c09a7dafe7488681f1b1cb4e2f1e2760d5caa9f2191f71089e324bf51
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-9WpY9ahtA5LjFwiAdW-jwQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-9WpY9ahtA5LjFwiAdW-jwQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Fri, 19 Jan 2024 19:02:38 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3010
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
server
gws
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Fri, 19 Jan 2024 19:02:38 GMT

Redirect headers

date
Fri, 19 Jan 2024 18:33:36 GMT
x-content-type-options
nosniff
server
sffe
age
1742
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/cse.js?cx=000384470560964373072:pjnnmbs3hnq
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
267
x-xss-protection
0
expires
Fri, 19 Jan 2024 19:03:36 GMT
all.js
connect.facebook.net/ru_RU/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/all.js
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
abf87fb7dfeb8e4d112b8a86407704c570065bbada34d0c8c912e9af55a7cacf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 19:02:38 GMT
content-md5
t8Q9Ja3TB3fO6QP/FozNIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
whTMY1LhwlpXOTZYXMpbnSaqBA+RRDTgv5iw5WXKMXSiCAV6jR8qYMOs4zPtXNlxlwvCw/t52etPrq6LuDCuDg==
x-fb-content-md5
996cab89fc7ead9fc3d9329451b377ef
cross-origin-opener-policy
same-origin-allow-popups
etag
"cc1499c19212993f872591da676c21d4"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 19 Jan 2024 19:21:26 GMT
1Ku5rsory.png
nancydrew.su/wp-content/uploads/2014/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/uploads/2014/01/1Ku5rsory.png
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77219571d01c44983cf4ea930977dd7eb8185c412d09948a9a77dc1a7670639b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1850250
alt-svc
h3=":443"; ma=86400
content-length
2063
last-modified
Thu, 26 Oct 2023 11:12:44 GMT
server
cloudflare
etag
"653a49ac-80f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgW%2FXG6byeOD32NMxrt4IW4uS6Hydp5JLM5qehLeNYragSo7aGAit8TlkVcbBN%2F%2FH%2FBwyBKGz2kGEz9eMo%2FlhfNsGBSku8NvPAY%2FxiJBlLND1bcMeqRUt1TmTD4KYv1ukQlldguw4qXoz6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c1d9d65c0-FRA
expires
Sun, 28 Jan 2024 09:05:08 GMT
2Kursory.png
nancydrew.su/wp-content/uploads/2014/01/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/uploads/2014/01/2Kursory.png
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7231c4166fb11241c258caf5a116982c5243bfa372dc7754e2f493a2d9581690

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1157532
alt-svc
h3=":443"; ma=86400
content-length
2240
last-modified
Thu, 26 Oct 2023 11:12:44 GMT
server
cloudflare
etag
"653a49ac-8c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T52hXIMk38dFfQp97IGIrQypMZMNJoidFONHNkJ%2BOrdKUHUC0lz512LlWxUWq3fGxtPzHW2%2Bhd6dlh3DvGf6eB%2BvhSjlIRBak0D3MDpBDP%2Fkup8USR%2FCw%2BnyHH6dfN5FGAgA664iMjPidFI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c1d9f65c0-FRA
expires
Mon, 05 Feb 2024 09:30:26 GMT
banner_pr_nancydrewmidnightinsalem-768x346.jpg
nancydrew.su/wp-content/uploads/2020/08/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/uploads/2020/08/banner_pr_nancydrewmidnightinsalem-768x346.jpg
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
337aa9ec8f47cc655c29ba38c2703a008e21663bc3ad2e9a92621e6c01cff36f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
295511
alt-svc
h3=":443"; ma=86400
content-length
52086
last-modified
Thu, 26 Oct 2023 11:12:44 GMT
server
cloudflare
etag
"653a49ac-cb76"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Qmv5%2Fovx%2F0pIohXe0Xtj3KZpNQgxkWZ3cJiKoFlJ0GTexlYx4V9eqd26V%2Bfi%2BwJD3YlnjhSpqzCNJYu9cqRqLJT2ZMqu%2BiOjlwQUGq%2BAy85NygSLWQGVgtvM27RBnWsF6XSfX%2BrBOZbsRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c3dbc65c0-FRA
expires
Thu, 15 Feb 2024 08:57:27 GMT
1575450214_56fg-212x300.jpg
nancydrew.su/wp-content/uploads/2019/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/uploads/2019/12/1575450214_56fg-212x300.jpg
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3926b5210eea38e9a03455d5c3124138c48e9342424a10ac42aa0952253d9047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
831394
alt-svc
h3=":443"; ma=86400
content-length
17013
last-modified
Thu, 26 Oct 2023 11:12:44 GMT
server
cloudflare
etag
"653a49ac-4275"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNiMn63QROx4kCWlazSqrdfeuwYLWN5dJsGf8G2JH9GpIiRN0on%2Bi%2BYzz9Ht3CTNTPXpSZf4GkIAer0rVKVXuneuUpJvLey5KLBglzOX7OyJfacKZDQLoiVMO3oEhX2herblCAguq3K1raI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c3dbd65c0-FRA
expires
Fri, 09 Feb 2024 04:06:04 GMT
5U-e1AquL-s-300x300.jpg
nancydrew.su/wp-content/uploads/2019/05/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/uploads/2019/05/5U-e1AquL-s-300x300.jpg
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c55e0636b4fbe28d39b7086232641cde64396596250462c6359587aada809ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
295511
alt-svc
h3=":443"; ma=86400
content-length
16091
last-modified
Thu, 26 Oct 2023 11:12:44 GMT
server
cloudflare
etag
"653a49ac-3edb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciaQCCPhbFC2xYUXvD1HGZcIs1Thvlh4CH0NI2%2Bi2wC365jNJprpyPqTza5NLNlia%2FrOqvOo%2BXJYpNf9HRmPMKEePOpyVAWfbOvMML2InMC2k%2FHBIHFUQKyw4dVzmZvSu%2BD9ZyVmNLobC%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c6e0a65c0-FRA
expires
Thu, 15 Feb 2024 08:57:27 GMT
WgIHT-6C_xU
www.youtube.com/embed/ Frame 2F2F 		94 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/WgIHT-6C_xU
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
345b0dd1b13d4846f18f051a0912a138b9208953634051d0ebf285c202c1fb5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nancydrew.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 19:02:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
ZWykAWQa6t8.jpg
nancydrew.su/wp-content/uploads/2015/03/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/uploads/2015/03/ZWykAWQa6t8.jpg
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f49b71f1beb2491f4c7b88068ec7d19dfd738f17e8fdea3c96d6e8786d33ae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
295511
alt-svc
h3=":443"; ma=86400
content-length
64729
last-modified
Thu, 26 Oct 2023 11:12:44 GMT
server
cloudflare
etag
"653a49ac-fcd9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3qkYjdNTmPzJaekKuPwq0Almtklk%2FTiIPlJQVu4jZMe%2B7MBgEX3NDLfweiwTc8fnfoNQIuwI8bMxfffw6vdXC%2Fp0BaUac%2BBE6EXSakV0SPsGIeIUYOlBXvLG5%2BQlNXBMfE7iQVMqxHkYeI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c9e3b65c0-FRA
expires
Thu, 15 Feb 2024 08:57:27 GMT
ZWykAWQa6t8-343x480.jpg
nancydrew.su/wp-content/uploads/2015/03/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nancydrew.su/wp-content/uploads/2015/03/ZWykAWQa6t8-343x480.jpg
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8c93c3dc80c18d2f0c585fba666ddabd0378f89c37bb046413108c888ba790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
295511
alt-svc
h3=":443"; ma=86400
content-length
69213
last-modified
Thu, 26 Oct 2023 11:12:44 GMT
server
cloudflare
etag
"653a49ac-10e5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obyG1AZbHBE60borSvdEALOzQEhCLGKfD0AqTb%2F6lhC5JQwx5EQWEzoqHQuL1jvumc9ZnSzg%2F9RbcQnnxx6gjMR7%2FUFcIejpyET75FCNA2KAQghm8nsKgyUnk3%2FR8Wex%2BiYy3x7F%2FSssSSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8481554c9e3d65c0-FRA
expires
Thu, 15 Feb 2024 08:57:27 GMT
all.js
connect.facebook.net/ru_RU/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/all.js?hash=c9d5562c6424c7387cb5a8776eeed677
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
06440d1bf786d0d1aaec9abeed3ad238a3f7458302a30a33d740fb2f2264dd2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nancydrew.su/
Origin
https://nancydrew.su
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 19:02:38 GMT
content-md5
0PGGo4zhE3DioYXj5cMASw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86606
reporting-endpoints
x-fb-debug
Wj0+x5arNjtLcbJgf5Wz04dJO+qTygP1cW5QapWHDWV0Ayl8/i9vUAzZXE859Aa4ie/zpzTnJ0IYHsQ3/+7ctg==
x-fb-content-md5
86e6c0276a82722c3d9008e25d3d787c
cross-origin-opener-policy
same-origin-allow-popups
etag
"24b545fec37d79bf0417a94257218562"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 18 Jan 2025 16:59:43 GMT
J_FVpGkH7VY
www.youtube.com/embed/ Frame 349E 		94 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/J_FVpGkH7VY
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
403a05b42f2ac8ce28f5198c52de3027059ef4bb90349ae2557a1baa8974eae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nancydrew.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 19:02:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
61d76c7835b5296711d37e69af5f0c25.jpg
cdn.admitad-connect.com/public/default/banners/2010/03/04/
Redirect Chain
  • https://ad.admitad.com/b/a0emyz3whsf5b4b4aeea7a660ebfae/
  • https://cdn.admitad-connect.com/public/default/banners/2010/03/04/61d76c7835b5296711d37e69af5f0c25.jpg
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.admitad-connect.com/public/default/banners/2010/03/04/61d76c7835b5296711d37e69af5f0c25.jpg
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Server
2606:4700:20::681a:5af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bb89b78a13242014d4f84c7d36580dac170526f643982e75cb51fc1ed1d9c79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5328
content-length
5124
cf-bgj
h2pri
last-modified
Tue, 03 Mar 2020 16:45:31 GMT
server
cloudflare
etag
"48495db338523fa862a10a7289f492e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wpr5QHQCw6PEvERWLxkzR0hDZF08RXLT9HmrNIVr%2B%2BGNOWjd4rQYU8pKHLt2wo17IVEfXh7J9qZvwRs3%2FbTf9ob%2B5g0Wc8BYbcOGPqp4EsMMoPShxoo4RcswW2VUBidoJdfDywxGFWTjfwcYbb2aoxZ21MTk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
8481554f9c3b0497-FRA
expires
Sat, 20 Jan 2024 17:33:51 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 19:02:39 GMT
server
nginx/1.18.0
content-type
text/html; charset=utf-8
location
https://cdn.admitad-connect.com/public/default/banners/2010/03/04/61d76c7835b5296711d37e69af5f0c25.jpg
p3p
CP="NON DSP COR CURa TIA"
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
expires
Tue, 01 Jan 1980 1:00:00 GMT
all.js
site.yandex.net/v2.0/js/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/all.js
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9882e083aad0be394eef2bc511fbd204f670004b4ff09e627197805c5c7ceb9a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:15:05 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
15226
last-modified
Tue, 14 Feb 2023 08:57:29 GMT
etag
"bec5d321335c0f9cabe51a146402ed2e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 22 Jan 2024 07:02:40 GMT
cse_element__ru.js
www.google.com/cse/static/element/8435450f13508ca1/ 		323 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8435450f13508ca1/cse_element__ru.js?usqp=CAI%3D
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000384470560964373072:pjnnmbs3hnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cf1b604cac5c2ac9c94b1287a8fe96a3f529002a1c85a940871e068f0bde805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108822
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 16:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 19 Jan 2024 19:02:39 GMT
default+ru.css
www.google.com/cse/static/element/8435450f13508ca1/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8435450f13508ca1/default+ru.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000384470560964373072:pjnnmbs3hnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9068
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 16:43:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 19 Jan 2024 19:02:39 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=000384470560964373072:pjnnmbs3hnq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 19 Jan 2024 19:19:42 GMT
www-player.css
www.youtube.com/s/player/42a553e1/ Frame 2F2F 		359 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/42a553e1/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WgIHT-6C_xU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WgIHT-6C_xU
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 03:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
55318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47506
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 18 Jan 2025 03:40:40 GMT
embed.js
www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/ Frame 2F2F 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WgIHT-6C_xU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cf84a627cedd7cb2c641ab9d6d5c1feeedcb0075e558b290c00945c7a2839ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WgIHT-6C_xU
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:24:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
211101
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16787
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Jan 2025 08:24:17 GMT
www-embed-player.js
www.youtube.com/s/player/42a553e1/www-embed-player.vflset/ Frame 2F2F 		323 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/42a553e1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WgIHT-6C_xU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e1bec93b1cd6c4565d9a6df68892a7e77e26899952c274fd37683ca1e30a1fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WgIHT-6C_xU
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 03:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98861
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 18 Jan 2025 03:28:21 GMT
base.js
www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/ Frame 2F2F 		2 MB
772 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WgIHT-6C_xU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2e79d451fb3ce1699993fcabdde8640e19e54520fe1be648af0b1cf64f4cf45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WgIHT-6C_xU
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211101
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
789974
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Jan 2025 08:24:17 GMT
www-player.css
www.youtube.com/s/player/42a553e1/ Frame 349E 		359 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/42a553e1/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J_FVpGkH7VY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/J_FVpGkH7VY
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 03:40:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
55319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47506
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 18 Jan 2025 03:40:40 GMT
embed.js
www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/ Frame 349E 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J_FVpGkH7VY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cf84a627cedd7cb2c641ab9d6d5c1feeedcb0075e558b290c00945c7a2839ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/J_FVpGkH7VY
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:24:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
211102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16787
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Jan 2025 08:24:17 GMT
www-embed-player.js
www.youtube.com/s/player/42a553e1/www-embed-player.vflset/ Frame 349E 		323 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/42a553e1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J_FVpGkH7VY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e1bec93b1cd6c4565d9a6df68892a7e77e26899952c274fd37683ca1e30a1fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/J_FVpGkH7VY
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 03:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98861
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 18 Jan 2025 03:28:21 GMT
base.js
www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/ Frame 349E 		2 MB
772 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J_FVpGkH7VY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2e79d451fb3ce1699993fcabdde8640e19e54520fe1be648af0b1cf64f4cf45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/J_FVpGkH7VY
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:24:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
211102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
789974
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Jan 2025 08:24:17 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10253.joQkiyM_aJS3molLCN7PaSLa253vNU_CINBgWO80VgtFq9NbHba25mKCYEgaKDdS.7_GSXc8_9GTlGD71kj8R2lR68Hw%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10253.eCwKtCh8WgSWMwZDSEb6BWXmF_FQPEhtTHqYGWuS4LDf-IiG1u3xlIFQfPtpyZqdC6lbHZoZUjscSZFBIZYdxGiEkIBXztUJBeDLSoz7cjXz-Xt_hA3ZmlOtndrPclQdHZcu7LznwF...
43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10253.eCwKtCh8WgSWMwZDSEb6BWXmF_FQPEhtTHqYGWuS4LDf-IiG1u3xlIFQfPtpyZqdC6lbHZoZUjscSZFBIZYdxGiEkIBXztUJBeDLSoz7cjXz-Xt_hA3ZmlOtndrPclQdHZcu7LznwF3w7r_8A6z_4PmIVjGGG5c0zYcyTZaqK4WO9A6Gf3MnZcV5PGCEyqoMCBntF0nv5DrEL4YaREBmYgrKH82r6crT0cs2jqA47WA%2C.4ecTbw5kDvBQv2AEA-Wpre4XC3s%2C
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10253.eCwKtCh8WgSWMwZDSEb6BWXmF_FQPEhtTHqYGWuS4LDf-IiG1u3xlIFQfPtpyZqdC6lbHZoZUjscSZFBIZYdxGiEkIBXztUJBeDLSoz7cjXz-Xt_hA3ZmlOtndrPclQdHZcu7LznwF3w7r_8A6z_4PmIVjGGG5c0zYcyTZaqK4WO9A6Gf3MnZcV5PGCEyqoMCBntF0nv5DrEL4YaREBmYgrKH82r6crT0cs2jqA47WA%2C.4ecTbw5kDvBQv2AEA-Wpre4XC3s%2C
date
Fri, 19 Jan 2024 19:02:39 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
id
googleads.g.doubleclick.net/pagead/ Frame 2F2F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WgIHT-6C_xU
Protocol
H2
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43216db1c4b30051a2c3c7fc08eefe5ed0ad2cd1a140c1021c82b511baf74553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 19 Jan 2024 19:02:39 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2F2F 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:55:32 GMT
x-content-type-options
nosniff
age
427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 19:10:32 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 19 Jan 2024 19:02:39 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2F2F 		86 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
486d2a1865bb7dd4dcf2b8a100a0987309feb0fa777f0bc66d22aec630da9834
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40638
x-xss-protection
0
dPc0_tWkrQe483WRw3jUNtbjgz6OKwJaH3sn-InkIiE.js
www.google.com/js/th/ Frame 2F2F 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/dPc0_tWkrQe483WRw3jUNtbjgz6OKwJaH3sn-InkIiE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74f734fed5a4ad07b8f37591c378d436d6e3833e8e2b025a1f7b27f889e42221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Wed, 17 Jan 2024 19:43:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
170356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19617
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 19:43:23 GMT
sddefault.jpg
i.ytimg.com/vi/WgIHT-6C_xU/ Frame 2F2F 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/WgIHT-6C_xU/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WgIHT-6C_xU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f96c94aca68560775d54ad93e13d7621da16253e397ba470d95e16314b1f023a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31314
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 Jan 2024 21:02:39 GMT
truncated
/ Frame 2F2F 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/png
AIf8zZTIlowy-w8hor5duZ8SEGpK6Zz3CK6_W5KTt7is1Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2F2F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIf8zZTIlowy-w8hor5duZ8SEGpK6Zz3CK6_W5KTt7is1Q=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WgIHT-6C_xU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
69269b533435578772a310a327c649543ec2de635dfc2372e07cf21e263184a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
x-content-type-options
nosniff
server
fife
etag
"v110"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2965
x-xss-protection
0
expires
Sat, 20 Jan 2024 19:02:39 GMT
jquery.min.js
yastatic.net/jquery/1.6.2/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/jquery/1.6.2/jquery.min.js
Requested by
Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:45:03 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
28368
last-modified
Mon, 12 Nov 2018 13:13:42 GMT
etag
"57f5e4ce99f95e1eb0f18d52b65b6769"
vary
Accept-Encoding
x-nginx-request-id
219719563ce337e8
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
content-type
application/x-javascript
cache-control
public, max-age=31556952
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jan 2025 00:51:51 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 349E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J_FVpGkH7VY
Protocol
H3
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fb1bd704f5e6f470a4463297b8fa45f6729220a67a877c63edf81e069d1e8d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 19 Jan 2024 19:02:39 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 349E 		29 B
89 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:55:32 GMT
x-content-type-options
nosniff
age
427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 19:10:32 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 19 Jan 2024 19:02:39 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 349E 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94b3893d94dd0354dcbc6992a9717d641e77e116ee5e9dbbdb8c680bf5610fe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40708
x-xss-protection
0
dPc0_tWkrQe483WRw3jUNtbjgz6OKwJaH3sn-InkIiE.js
www.google.com/js/th/ Frame 349E 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/dPc0_tWkrQe483WRw3jUNtbjgz6OKwJaH3sn-InkIiE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74f734fed5a4ad07b8f37591c378d436d6e3833e8e2b025a1f7b27f889e42221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Wed, 17 Jan 2024 19:43:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
170356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19617
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 19:43:23 GMT
sddefault.jpg
i.ytimg.com/vi/J_FVpGkH7VY/ Frame 349E 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/J_FVpGkH7VY/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J_FVpGkH7VY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16b85bd225981889212e6b475c413f45119a126ba9da454218af739debffa764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63492
x-xss-protection
0
server
sffe
etag
"1429034537"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 19 Jan 2024 21:02:39 GMT
truncated
/ Frame 349E 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
image/png
KdfqpM6yZxKi-x-hDztguAmvyh35a5MRjGBEnJxhWinlB5CZAOQk09oZcxEA5jlp0pblsG7V1Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 349E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/KdfqpM6yZxKi-x-hDztguAmvyh35a5MRjGBEnJxhWinlB5CZAOQk09oZcxEA5jlp0pblsG7V1Q=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/J_FVpGkH7VY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2de9899bb34107a4355943c3752b8193992d4f2fbf4579989f04bc72e536aca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:00:26 GMT
x-content-type-options
nosniff
age
3733
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3079
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 20 Jan 2024 18:00:26 GMT
generate_204
www.youtube.com/ Frame 2F2F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?Sw9Dpw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/WgIHT-6C_xU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/WgIHT-6C_xU
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 19 Jan 2024 19:02:39 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2F2F 		94 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ace29a17f5ee9a64ecdc31a3b0c10cb2357c87d119e037e2807d830943e786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 19 Jan 2024 19:02:39 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 349E 		94 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4894b089ed40638f7d9250ee0daa0ae4642f09d36b21549d25277148b0242cfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114
x-xss-protection
0
wp-embed.min.js
nancydrew.su/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-includes/js/wp-embed.min.js?ver=5.4.14
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
157672
etag
W/"653a49ad-5c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrcgCjvWc3SMISmqsN06XXDa0vyvloArP3KPJ4Qw%2FtTI1Dj4bfow3Lnehx0HRogVD7VO2IObipzlI6tFmQZb2HsYLYopLfIWU%2F10zs8uBCnjIYH%2BGGbuzDlYw9bMzjF7gKOSkuvNjFRyceE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=604800
cf-ray
848155517bf465c0-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jan 2024 23:14:46 GMT
jquery.js
nancydrew.su/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538
etag
W/"17a69-6089ca6b791e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSmb8bI3BLLBL2NW6v1iMm%2F%2FUF%2BcjyzwbbEYV1MfXxnl%2BL6oqfk2JAxMCvlNG0z1cwK4IEXAjH2u9l1WWvhB4zHMmd7QndeoT8uNaziRECc3Iv5KNIGcH9FYL%2BS7Wy3DM0q%2BUgWF3nXdt3A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
848155518bf665c0-FRA
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
nancydrew.su/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
305486
etag
W/"653a49ad-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTMcjUDG%2F3C9JvbYRBJZJ9%2FZje42SWgWDe%2B1nCH7Xe9G2GBedmyPvfsphaDdrx4qd72TCguTgxzj4tDgofT1ulmaisQJytrnaM3oQJI7WKX3WIgvu3idEnSkxEpYRTkHJhvv0Maf7sd%2F9Hc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=604800
cf-ray
848155518bf865c0-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 23 Jan 2024 06:11:13 GMT
lib.core.js
nancydrew.su/wp-content/plugins/simple-lightbox/client/js/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-content/plugins/simple-lightbox/client/js/prod/lib.core.js?ver=2.8.1
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfe866ace75096679951eb43f972afff1e81c44724705c6b16557108bd415dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
br
cf-cache-status
STALE
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10070
etag
W/"1f2d-6089ca69d6026"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NfqOsoJBKXZ1tX0XwCwAPwR%2BLRHUaCZeHY1sYt1hiMuIOZcwpBb%2FX6g%2F3ENzLNzinGRbglivBLoa9k0ZaEN%2B8BBCJUMGOt4hQ8K%2F0GOspnH2BgkTVAa%2BR%2BHHM%2ByxN4Kb%2BgqYs%2FRejK2t%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
848155518bf965c0-FRA
alt-svc
h3=":443"; ma=86400
lib.view.js
nancydrew.su/wp-content/plugins/simple-lightbox/client/js/prod/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-content/plugins/simple-lightbox/client/js/prod/lib.view.js?ver=2.8.1
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d73cb975e113b73f43b90b1cb76d3c7267bb48ad515874b50aba4081390f922

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6453
etag
W/"b733-6089ca69d6d2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHugiByfhw%2BL2mrpJLYuifVx0wLCTVOX5kBl3uMuc0McXnOiYJRIwD2LO0hHX%2FDtWid0M2MAKmWpm3KRcen0ZZGbjOOtUh447oihTGnrqPXVouURiCueAYpq5GaWvD9WoB96cogdoVdwRhM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
848155518bfa65c0-FRA
alt-svc
h3=":443"; ma=86400
client.js
nancydrew.su/wp-content/plugins/simple-lightbox/themes/baseline/js/prod/ 		387 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-content/plugins/simple-lightbox/themes/baseline/js/prod/client.js?ver=2.8.1
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ace133d533c63432dab5271d7d3690b31035ff6b5978b453e96ef2353206661

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
495068
etag
W/"653a49ab-183"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7q31ul5c0XbxaEVb%2BVJMVKuhBeihNw1KctdIvvgujMMEPTJeEqXetAH3MNC4QugKrNyEvHL%2FuQFLDWsShYhakiw%2Bayd5BhX7gx3LQ9y0cfjoSlyawfdjnOycvLgILLt43ew%2FzBAIUoDCL8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=604800
cf-ray
848155518bfb65c0-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 21 Jan 2024 01:31:31 GMT
client.js
nancydrew.su/wp-content/plugins/simple-lightbox/themes/default/js/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-content/plugins/simple-lightbox/themes/default/js/prod/client.js?ver=2.8.1
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d8db43cc16bb7fd6e5fecae803336b806a5bf91e04f463f45184d6c55ca79f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
495068
etag
W/"653a49ab-aa5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMhoDsURq00rsgyimMEs7F%2BOPjuskfdDuiBCnDzddx%2Be5rNX8mll%2FH3OrZti3zkJcgrVV5nKtwg4k8jSYY71zTVRplFvaPKV2%2Fkk1HrKm45M9Zj9lKN69PelTCgVuIODxPXJmaOS326ggF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=604800
cf-ray
848155518bfd65c0-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 21 Jan 2024 01:31:31 GMT
tag.item.js
nancydrew.su/wp-content/plugins/simple-lightbox/template-tags/item/js/prod/ 		361 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-content/plugins/simple-lightbox/template-tags/item/js/prod/tag.item.js?ver=2.8.1
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8480e8f611b8ffae6abd8313396364e280afc155b37ea9646e2651ada7464b0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"169-6089ca69e1670"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiXsKbdk277gjb8OUz5AgMRg5o06YLb6H98sCM3kRrqK6gmnWxt%2BzxUjMboJhmlJk%2FzZWVUFOsrbHo7zt05lsxnpAauEYc7HF3sFFGSalQ5S20emEuxhzS96E0DIT2XwVH3O1ap70KoIPSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
848155518bfe65c0-FRA
alt-svc
h3=":443"; ma=86400
tag.ui.js
nancydrew.su/wp-content/plugins/simple-lightbox/template-tags/ui/js/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-content/plugins/simple-lightbox/template-tags/ui/js/prod/tag.ui.js?ver=2.8.1
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a72da25e100d458b21cdb496fed3e963e3c690a5caf191285e4fae0e3c145db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
495068
etag
W/"653a49ab-607"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tuKyGaTj4mvKFMIoAQl%2B6DNPmfZuI56KWHLikVMwmIxyHAdR%2BIfMrZg6vABUM0UpUS6XOgErSmRkrvFZF5EMuE3OLHFyHVpBqxxoRn9Go0eW9P33vw26C1%2Fm7bP%2B8SW2Jgq%2BztZW12ooL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=604800
cf-ray
848155518bff65c0-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 21 Jan 2024 01:31:30 GMT
handler.image.js
nancydrew.su/wp-content/plugins/simple-lightbox/content-handlers/image/js/prod/ 		404 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nancydrew.su/wp-content/plugins/simple-lightbox/content-handlers/image/js/prod/handler.image.js?ver=2.8.1
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7394999bd726219e5f0280fa287f7ce1d7c0d7caba61048565c4023bf50da72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 11:12:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538
etag
W/"194-6089ca69d8736"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKydtxTnr1XQw0b8fGE45xgvwpDtVmTjWhehE7%2BUnrHB16MnWo0Ewr8Y3y4HNV0bNc0uRRBikVrKK5wjT3vxtGy7PQfJIOOLVk%2BLv0Aj3jl1CSDIXYgzDFJ9AYlIUmslbmbV8Jgxqqd3rOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
848155518c0165c0-FRA
alt-svc
h3=":443"; ma=86400
suggest.js
site.yandex.net/v2.0/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/suggest.js
Requested by
Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:35:06 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2610
last-modified
Tue, 14 Feb 2023 08:57:29 GMT
etag
"5905bc95497a3dcdd5543e8af9bb2553"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 22 Jan 2024 07:02:40 GMT
opensearch.js
site.yandex.net/v2.0/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/opensearch.js
Requested by
Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 18:45:03 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
6188
last-modified
Tue, 14 Feb 2023 08:57:29 GMT
etag
"1df256fb3e065fdf3b47b6ac51380393"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 22 Jan 2024 07:02:40 GMT
1
mc.yandex.com/watch/47737168/
Redirect Chain
  • https://mc.yandex.com/watch/47737168?wmode=7&page-url=https%3A%2F%2Fnancydrew.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-...
  • https://mc.yandex.com/watch/47737168/1?wmode=7&page-url=https%3A%2F%2Fnancydrew.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Ae...
466 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/47737168/1?wmode=7&page-url=https%3A%2F%2Fnancydrew.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1133132232260%3Ahid%3A894965014%3Az%3A60%3Ai%3A20240119200239%3Aet%3A1705690959%3Ac%3A1%3Arn%3A759555834%3Arqn%3A1%3Au%3A1705690959486688216%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C638%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1705690957998%3Afp%3A749%3Arqnl%3A1%3Ast%3A1705690960%3At%3A%D0%9F%D1%80%D0%BE%D1%85%D0%BE%D0%B6%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%9D%D1%8D%D0%BD%D1%81%D0%B8%20%D0%94%D1%80%D1%8E&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
4fe7c8571dcd75645c295925af686ff4cb8cb8f22ea18738f26f2d4773bfa578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 19:02:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 19-Jan-2024 19:02:39 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nancydrew.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
466
x-xss-protection
1; mode=block
expires
Fri, 19-Jan-2024 19:02:39 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 19:02:39 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 19-Jan-2024 19:02:39 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/47737168/1?wmode=7&page-url=https%3A%2F%2Fnancydrew.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A1133132232260%3Ahid%3A894965014%3Az%3A60%3Ai%3A20240119200239%3Aet%3A1705690959%3Ac%3A1%3Arn%3A759555834%3Arqn%3A1%3Au%3A1705690959486688216%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C638%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1705690957998%3Afp%3A749%3Arqnl%3A1%3Ast%3A1705690960%3At%3A%D0%9F%D1%80%D0%BE%D1%85%D0%BE%D0%B6%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%9D%D1%8D%D0%BD%D1%81%D0%B8%20%D0%94%D1%80%D1%8E&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://nancydrew.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 19-Jan-2024 19:02:39 GMT
generate_204
www.youtube.com/ Frame 349E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?qOSg0A
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/J_FVpGkH7VY
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
advert.gif
mc.yandex.com/metrika/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: nancydrew.su
URL: https://nancydrew.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nancydrew.su/
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 19 Jan 2024 19:02:39 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 18 Jan 2024 16:14:38 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65a94e6e-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 19 Jan 2024 20:02:39 GMT
style.css
nancydrew.su/wp-content/plugins/simple-lightbox/themes/baseline/css/ 		0
0
style.css
nancydrew.su/wp-content/plugins/simple-lightbox/themes/default/css/ 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame 2F2F 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
X-Goog-Request-Time
1705690961222
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/WgIHT-6C_xU
X-YouTube-Client-Version
1.20240116.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgt2RWZjNTBHbmNNWSjOjqutBjIKCgJERRIEEgAgYA%3D%3D
X-YouTube-Ad-Signals
dt=1705690959053&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 19 Jan 2024 19:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 19 Jan 2024 19:02:41 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 349E 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11; SM-N960U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
X-Goog-Request-Time
1705690961294
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/J_FVpGkH7VY
X-YouTube-Client-Version
1.20240116.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgt0aDVRY3B6LW1QTSjOjqutBjIKCgJERRIEEgAgXQ%3D%3D
X-YouTube-Ad-Signals
dt=1705690959134&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C420%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 19 Jan 2024 19:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Fri, 19 Jan 2024 19:02:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nancydrew.su
URL
http://nancydrew.su/wp-includes/js/wp-emoji-release.min.js?ver=5.4.14
Domain
nancydrew.su
URL
http://nancydrew.su/wp-content/plugins/simple-lightbox/themes/baseline/css/style.css
Domain
nancydrew.su
URL
http://nancydrew.su/wp-content/plugins/simple-lightbox/themes/default/css/style.css

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| navHover object| _wpemojiSettings undefined| $ function| jQuery object| FB object| yandex_site_callbacks object| __buffer object| __gcse object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| Ya object| yaCounter47737168 object| wp object| SLB object| jQuery112402620431035245736

20 Cookies

Domain/Path Name / Value
nancydrew.su/ Name: beget
Value: begetok
.yadro.ru/ Name: FTID
Value: 1bgiTE29Rvuj1bgiTE001PT2
.youtube.com/ Name: YSC
Value: Bcq6HvRrt3A
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: th5Qcpz-mPM
.yadro.ru/ Name: VID
Value: 02ciF62O9rej1bgiTE001PUB
.yandex.ru/ Name: i
Value: 5Bn4HgkisDYYaG2ZTtcr6keI1uJAR+J9GfSzG6wlD5HKLYJGFzhXakVo+lu3U+WCCioLz721E/Q/Zu/Zc69b+HjeYwY=
.yandex.ru/ Name: yandexuid
Value: 9123207091705690958
.nancydrew.su/ Name: _ym_uid
Value: 1705690959486688216
.nancydrew.su/ Name: _ym_d
Value: 1705690959
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3616510844fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2398306711fake
.yandex.com/ Name: yandexuid
Value: 9123207091705690958
.yandex.com/ Name: yuidss
Value: 9123207091705690958
.yandex.com/ Name: i
Value: 5Bn4HgkisDYYaG2ZTtcr6keI1uJAR+J9GfSzG6wlD5HKLYJGFzhXakVo+lu3U+WCCioLz721E/Q/Zu/Zc69b+HjeYwY=
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 759584391705690959
.yandex.com/ Name: ymex
Value: 1737226959.yrts.1705690959
.yandex.com/ Name: bh
Value: KgI/MA==
.nancydrew.su/ Name: _ym_visorc
Value: w
.nancydrew.su/ Name: _ym_isad
Value: 2

3 Console Messages

Source Level URL
Text
security error URL: https://nancydrew.su/(Line 29)
Message:
Mixed Content: The page at 'https://nancydrew.su/' was loaded over HTTPS, but requested an insecure script 'http://nancydrew.su/wp-includes/js/wp-emoji-release.min.js?ver=5.4.14'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://nancydrew.su/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp(Line 2)
Message:
Mixed Content: The page at 'https://nancydrew.su/' was loaded over HTTPS, but requested an insecure stylesheet 'http://nancydrew.su/wp-content/plugins/simple-lightbox/themes/baseline/css/style.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://nancydrew.su/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp(Line 2)
Message:
Mixed Content: The page at 'https://nancydrew.su/' was loaded over HTTPS, but requested an insecure stylesheet 'http://nancydrew.su/wp-content/plugins/simple-lightbox/themes/default/css/style.css'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.admitad.com
cdn.admitad-connect.com
connect.facebook.net
counter.yadro.ru
cse.google.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
mc.yandex.com
mc.yandex.ru
nancydrew.su
site.yandex.net
static.doubleclick.net
www.google.com
www.youtube.com
yastatic.net
yt3.ggpht.com
nancydrew.su
2606:4700:20::681a:5af
2606:4700:3036::ac43:8088
2606:4700:3037::6815:130
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:831::200e
2a00:1450:4001:831::2016
2a02:6b8:20::215
2a02:6b8::1:119
2a03:2880:f083:9:face:b00c:0:3
3.222.255.115
88.212.201.198
0032588b8d93a807cf0f48a806ccf125677503a6fabe4105a6dc69e81ace6091
06440d1bf786d0d1aaec9abeed3ad238a3f7458302a30a33d740fb2f2264dd2a
0cf1b604cac5c2ac9c94b1287a8fe96a3f529002a1c85a940871e068f0bde805
0fb1bd704f5e6f470a4463297b8fa45f6729220a67a877c63edf81e069d1e8d8
1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e
16b85bd225981889212e6b475c413f45119a126ba9da454218af739debffa764
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2424b2e976617601f41ddb5d7258048adff1c50e9b4e82c42f5bd7ef864ebd54
2a72da25e100d458b21cdb496fed3e963e3c690a5caf191285e4fae0e3c145db
2bb89b78a13242014d4f84c7d36580dac170526f643982e75cb51fc1ed1d9c79
2de9899bb34107a4355943c3752b8193992d4f2fbf4579989f04bc72e536aca6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
337aa9ec8f47cc655c29ba38c2703a008e21663bc3ad2e9a92621e6c01cff36f
345b0dd1b13d4846f18f051a0912a138b9208953634051d0ebf285c202c1fb5a
35a5b3e6acd18ee30726c7910b5a6d7d4920f95f6dc6c9cef43447cfad32dfdc
3926b5210eea38e9a03455d5c3124138c48e9342424a10ac42aa0952253d9047
3d73cb975e113b73f43b90b1cb76d3c7267bb48ad515874b50aba4081390f922
403a05b42f2ac8ce28f5198c52de3027059ef4bb90349ae2557a1baa8974eae2
43216db1c4b30051a2c3c7fc08eefe5ed0ad2cd1a140c1021c82b511baf74553
486d2a1865bb7dd4dcf2b8a100a0987309feb0fa777f0bc66d22aec630da9834
4894b089ed40638f7d9250ee0daa0ae4642f09d36b21549d25277148b0242cfe
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4fe7c8571dcd75645c295925af686ff4cb8cb8f22ea18738f26f2d4773bfa578
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5dfe866ace75096679951eb43f972afff1e81c44724705c6b16557108bd415dc
5e8c93c3dc80c18d2f0c585fba666ddabd0378f89c37bb046413108c888ba790
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69269b533435578772a310a327c649543ec2de635dfc2372e07cf21e263184a6
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6ace29a17f5ee9a64ecdc31a3b0c10cb2357c87d119e037e2807d830943e786d
6cf84a627cedd7cb2c641ab9d6d5c1feeedcb0075e558b290c00945c7a2839ea
7231c4166fb11241c258caf5a116982c5243bfa372dc7754e2f493a2d9581690
74f734fed5a4ad07b8f37591c378d436d6e3833e8e2b025a1f7b27f889e42221
77219571d01c44983cf4ea930977dd7eb8185c412d09948a9a77dc1a7670639b
7ace133d533c63432dab5271d7d3690b31035ff6b5978b453e96ef2353206661
7b8a4a7941b42e4a7b96b983e03d1c4ef663c275f5c48b74268f45003da7a386
8480e8f611b8ffae6abd8313396364e280afc155b37ea9646e2651ada7464b0c
94b3893d94dd0354dcbc6992a9717d641e77e116ee5e9dbbdb8c680bf5610fe1
9882e083aad0be394eef2bc511fbd204f670004b4ff09e627197805c5c7ceb9a
9950963a0c1d5bcd28b279760032ea5bdfbac52f3a23fab3c20dc2680b276a8e
9e1bec93b1cd6c4565d9a6df68892a7e77e26899952c274fd37683ca1e30a1fd
9f49b71f1beb2491f4c7b88068ec7d19dfd738f17e8fdea3c96d6e8786d33ae3
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a7a701fb3bc6b9bf7b4ec22441af234654c67d09712647f656a40a31d810528c
a9d8db43cc16bb7fd6e5fecae803336b806a5bf91e04f463f45184d6c55ca79f
abf87fb7dfeb8e4d112b8a86407704c570065bbada34d0c8c912e9af55a7cacf
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c55e0636b4fbe28d39b7086232641cde64396596250462c6359587aada809ce9
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
ddee6575d7e0d0cba71dc70f59871e7d0afe2f19e3d7a89e46652c9cce66aa53
de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7394999bd726219e5f0280fa287f7ce1d7c0d7caba61048565c4023bf50da72
ee85632c09a7dafe7488681f1b1cb4e2f1e2760d5caa9f2191f71089e324bf51
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0e8ebe9189b521f0b9c46a3768a437622fc2c638b88105d8af9753e4f01b112
f2e79d451fb3ce1699993fcabdde8640e19e54520fe1be648af0b1cf64f4cf45
f8b6a4ba889d0e1348f34ba5f18d35b95509bd6263df0cfa9d09e9bdaed11d9e
f96c94aca68560775d54ad93e13d7621da16253e397ba470d95e16314b1f023a