www.twidouga.net Open in urlscan Pro
2606:4700:10::6816:2255 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.twidouga.net/ko/ranking_tweek2.php
Submission: On March 20 via manual (March 20th 2022, 11:24:42 am UTC) from KR — Scanned from DE

Summary HTTP 121 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 36 domains to perform 121 HTTP transactions. The main IP is 2606:4700:10::6816:2255, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.twidouga.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 4th 2022. Valid for: a year.

This is the only time www.twidouga.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:10:... 2606:4700:10::6816:2255	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:1600:c:dd71:23c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	185.94.236.245 185.94.236.245	42567 (MOJHOST-EU) (MOJHOST-EU)
10	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
3	222.230.178.132 222.230.178.132	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9165:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9274:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	45.133.44.25 45.133.44.25	7018 (ATT-INTER...) (ATT-INTERNET4)
3	222.230.178.130 222.230.178.130	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	185.98.53.17 185.98.53.17	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
4	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
3 3	133.186.12.16 133.186.12.16	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
1	222.230.178.21 222.230.178.21	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
1	52.69.206.159 52.69.206.159	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
3	13.114.113.27 13.114.113.27	16509 (AMAZON-02) (AMAZON-02)
2 2	2a01:4f8:252:... 2a01:4f8:252:564d::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:59... 2a02:128:7:5917::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	2a02:128:7:52... 2a02:128:7:5241::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1	2606:4700::68... 2606:4700::6812:1b68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:128:7:48... 2a02:128:7:4860::2	50245 (SERVEREL-AS) (SERVEREL-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:1a::6	15169 (GOOGLE) (GOOGLE)
121	36

15 2606:4700:10::6816:2255 (United States)

ASN13335 (CLOUDFLARENET, US)

www.twidouga.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1600:c:dd71:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

yqmxfz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stream.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.236.245 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 222.230.178.132 (Karasawa, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

js.gsspcln.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9165:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

yfetyg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
54ad995902.92291944cd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9274:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

kiynew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 222.230.178.130 (Karasawa, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

aladdin.genieesspv.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

i.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.53.17 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

r.trwl1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

static.javhd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

js.octopuspop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 133.186.12.16 (Minatomirai, Japan) 3 redirects

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p016.net133186012.broadline.ne.jp

cs.gssprt.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 222.230.178.21 (Karasawa, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

rt.gsspat.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.69.206.159 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-206-159.ap-northeast-1.compute.amazonaws.com

bypass.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.114.113.27 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-113-27.ap-northeast-1.compute.amazonaws.com

ap.octopuspop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:252:564d::2 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

rtbbnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5917::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tcimp.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5241::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

tb.baimgfroggd.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b68 (United States)

ASN13335 (CLOUDFLARENET, US)

static.octopus.tokyo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:128:7:4860::2 (Czech Republic)

ASN50245 (SERVEREL-AS, NL)

vs.bantgoau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:1a::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr1---sn-4g5edndz.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	771 KB
15	twidouga.net www.twidouga.net	91 KB
11	googlevideo.com rr1---sn-4g5edndz.googlevideo.com — Cisco Umbrella Rank: 72073	859 KB
10	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 615	512 KB
8	javhd.com static.javhd.com — Cisco Umbrella Rank: 49483	24 KB
7	octopuspop.com js.octopuspop.com — Cisco Umbrella Rank: 278070 ap.octopuspop.com — Cisco Umbrella Rank: 248601	13 KB
5	bantgoau.com stream.bantgoau.com — Cisco Umbrella Rank: 54409 vs.bantgoau.com — Cisco Umbrella Rank: 50627	717 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 jnn-pa.googleapis.com — Cisco Umbrella Rank: 1708	46 KB
5	jads.co 1 redirects poweredby.jads.co — Cisco Umbrella Rank: 38378 i.jads.co — Cisco Umbrella Rank: 63962	39 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 310	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
3	gssprt.jp 3 redirects cs.gssprt.jp — Cisco Umbrella Rank: 14618	948 B
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 29780 audiencedata.im-apps.net — Cisco Umbrella Rank: 27321	4 KB
3	genieesspv.jp aladdin.genieesspv.jp — Cisco Umbrella Rank: 94613	4 KB
3	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 30985	31 KB
3	gsspcln.jp js.gsspcln.jp — Cisco Umbrella Rank: 61010	11 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
2	rtbbnr.com 2 redirects rtbbnr.com — Cisco Umbrella Rank: 37356	2 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 214	6 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 49	39 KB
1	octopus.tokyo static.octopus.tokyo — Cisco Umbrella Rank: 336626	68 KB
1	baimgfroggd.site 1 redirects tb.baimgfroggd.site — Cisco Umbrella Rank: 45329	687 B
1	zog.link 1 redirects tcimp.zog.link — Cisco Umbrella Rank: 47467	321 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	29 KB
1	ad-stir.com bypass.ad-stir.com — Cisco Umbrella Rank: 76297	182 B
1	gsspat.jp rt.gsspat.jp — Cisco Umbrella Rank: 52011	249 B
1	trwl1.com r.trwl1.com — Cisco Umbrella Rank: 41619	1 KB
1	cabnnr.com js.cabnnr.com — Cisco Umbrella Rank: 47255	12 KB
1	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 43183	6 KB
1	92291944cd.com 54ad995902.92291944cd.com	199 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 47436	614 B
1	kiynew.com kiynew.com — Cisco Umbrella Rank: 72038
1	cloudflare.com cloudflare.com — Cisco Umbrella Rank: 137	432 B
1	yfetyg.com yfetyg.com — Cisco Umbrella Rank: 56606	128 B
1	yqmxfz.com yqmxfz.com — Cisco Umbrella Rank: 61884	74 KB
1	juicyads.com js.juicyads.com — Cisco Umbrella Rank: 70713	35 KB
121	36

	Domain	Requested by
17	www.youtube.com	www.google.com www.youtube.com
15	www.twidouga.net	www.twidouga.net
11	rr1---sn-4g5edndz.googlevideo.com	www.youtube.com
10	pbs.twimg.com	www.twidouga.net
8	static.javhd.com	r.trwl1.com static.javhd.com
4	jnn-pa.googleapis.com	www.youtube.com
4	js.octopuspop.com	www.twidouga.net js.octopuspop.com
4	poweredby.jads.co	1 redirects www.twidouga.net poweredby.jads.co
3	stream.bantgoau.com	js.cabnnr.com stream.bantgoau.com
3	ap.octopuspop.com	code.jquery.com
3	cs.gssprt.jp	3 redirects
3	aladdin.genieesspv.jp	www.twidouga.net
3	js.wpadmngr.com	yqmxfz.com js.wpadmngr.com
3	js.gsspcln.jp	www.twidouga.net
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google.com	stream.bantgoau.com www.youtube.com
2	vs.bantgoau.com	stream.bantgoau.com
2	rtbbnr.com	2 redirects
2	dmp.im-apps.net	js.gsspcln.jp dmp.im-apps.net
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	lh3.googleusercontent.com	stream.bantgoau.com
1	static.octopus.tokyo
1	tb.baimgfroggd.site	1 redirects
1	tcimp.zog.link	1 redirects
1	code.jquery.com	js.octopuspop.com
1	bypass.ad-stir.com	www.twidouga.net
1	rt.gsspat.jp	www.twidouga.net
1	r.trwl1.com	poweredby.jads.co
1	i.jads.co	poweredby.jads.co
1	audiencedata.im-apps.net	dmp.im-apps.net
1	js.cabnnr.com	js.wpadmngr.com
1	js.wpushsdk.com	js.wpadmngr.com
1	54ad995902.92291944cd.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	kiynew.com	yqmxfz.com
1	cloudflare.com	yqmxfz.com
1	yfetyg.com	yqmxfz.com
1	ajax.googleapis.com	www.twidouga.net
1	yqmxfz.com	www.twidouga.net
1	js.juicyads.com	www.twidouga.net
121	43

This site contains links to these domains. Also see Links.

Domain
www.nurumayu.net
twitter.com
video.twimg.com
ap.octopuspop.com
line.me
www.facebook.com
plus.google.com
pinterest.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-04` - `2023-03-04`	a year	crt.sh
*.juicyads.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-20` - `2022-04-23`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.gsspcln.jp GeoTrust RSA CA 2018	`2021-03-19` - `2022-04-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.jads.co Sectigo RSA Domain Validation Secure Server CA	`2021-11-30` - `2022-12-31`	a year	crt.sh
yfetyg.com R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
js.wpadmngr.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
kiynew.com R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh
na.nawpush.com R3	`2022-02-09` - `2022-05-10`	3 months	crt.sh
54ad995902.92291944cd.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
js.wpushsdk.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
js.cabnnr.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
*.genieesspv.jp GeoTrust RSA CA 2018	`2021-03-22` - `2022-04-22`	a year	crt.sh
*.im-apps.net DigiCert SHA2 Secure Server CA	`2021-06-25` - `2022-06-30`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2022-02-22` - `2022-05-23`	3 months	crt.sh
r.trwl1.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-24` - `2022-07-11`	a year	crt.sh
1079288232.rsc.cdn77.org R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
*.octopuspop.com GoGetSSL RSA DV CA	`2021-03-22` - `2022-04-22`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.octopus.tokyo E1	`2022-02-26` - `2022-05-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
vs.bantgoau.com R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-03-08` - `2022-05-17`	2 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.twidouga.net/ko/ranking_tweek2.php
Frame ID: 165208D48106FC7E640231CE5C69ED04
Requests: 58 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=906135
Frame ID: 0920D930819E6B1193997F1542C57336
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=906135
Frame ID: AA15F82565F96116CE1C2505D084B75E
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=906869
Frame ID: E7A12845EECE27ED4C0F7D215B313AD1
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=906869
Frame ID: 6032C9BCF7ED0A11F6D068537359EC89
Requests: 1 HTTP requests in this frame

Frame: https://r.trwl1.com/s1/5496d364-aa38-44ef-a23d-88514ef26641?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=DE&cv3=161749&cv4=263919&cv5=906869&cv6=
Frame ID: 67D81F791210C16A5C19536AE5C1EA42
Requests: 1 HTTP requests in this frame

Frame: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Frame ID: 1FC7F5B69E1E46441771E629BD88B3ED
Requests: 8 HTTP requests in this frame

Frame: https://js.octopuspop.com/view/ls.html
Frame ID: 215B2D4B84938EC0C97DD1A095ED8AB7
Requests: 1 HTTP requests in this frame

Frame: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.3318&oid=1600413&sp=0.048000&spp=1000&se=impression&vi=9ihCdzcvlec&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1647775476&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14
Frame ID: D050D76BDFE999F85C67BFE4C79FBFC7
Requests: 4 HTTP requests in this frame

Frame: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Frame ID: 8BD1C495AAD27C8677BC6F2D3B96AA1C
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: DEEA7F87A509E68EC2E5CD1063CFC9C0
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

트위터동영상주간저장 랭킹!

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

121
Requests

93 %
HTTPS

69 %
IPv6

36
Domains

43
Subdomains

36
IPs

5
Countries

3441 kB
Transfer

8002 kB
Size

10
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nurumayu.net/ko/twidouga/gettwi.php
Title: 저장

Search URL Search Domain Scan URL

URL: https://www.nurumayu.net/ko/instagazou/ranking.php

Search URL Search Domain Scan URL

URL: https://www.nurumayu.net/ko/instagazou/ranking_d.php

Search URL Search Domain Scan URL

URL: https://twitter.com/i/status/1501178198662742018
Title: risklee

Search URL Search Domain Scan URL

URL: https://video.twimg.com/ext_tw_video/1501178070736465920/pu/vid/540x960/sf-CArh90C9qHHu9.mp4?tag=12

Search URL Search Domain Scan URL

URL: https://twitter.com/gomu_s2/status/1503029577974657024?s=20
Title: 박호두

Search URL Search Domain Scan URL

URL: https://video.twimg.com/ext_tw_video/1503028977027354634/pu/vid/720x720/a-ws523-oRQN7_I8.mp4?tag=12

Search URL Search Domain Scan URL

URL: https://twitter.com/i/status/1502684083301732354
Title: risklee

Search URL Search Domain Scan URL

URL: https://video.twimg.com/ext_tw_video/1502683994755768321/pu/vid/1280x720/iIwPaKfDqUqOMQqW.mp4?tag=12

Search URL Search Domain Scan URL

URL: https://twitter.com/i/status/1503681231115804673
Title: 걸레 지안

Search URL Search Domain Scan URL

URL: https://video.twimg.com/ext_tw_video/1503681097367924744/pu/vid/720x1280/OKiLJGxLtJRZBvIr.mp4?tag=12

Search URL Search Domain Scan URL

URL: https://twitter.com/i/status/1505059213164179457
Title: ????????????????????????????????????????

Search URL Search Domain Scan URL

URL: https://video.twimg.com/ext_tw_video/1505059075209322499/pu/vid/866x720/k1gyyINDN2o-9stk.mp4?tag=12

Search URL Search Domain Scan URL

URL: https://twitter.com/i/status/1499579169000226818
Title: risklee

Search URL Search Domain Scan URL

URL: https://video.twimg.com/ext_tw_video/1499578985109356546/pu/vid/540x960/x3IBGbXzE6OEMJT9.mp4?tag=12

Search URL Search Domain Scan URL

URL: https://ap.octopuspop.com/click/?_spot=41983&_ad=35445&_article=104694&_uid=diu394f1a41f3f51a2a931993d2ee659a8d&_origin=https%3A%2F%2Fwww.twidouga.net%2Fko%2Franking_tweek2.php

Search URL Search Domain Scan URL

URL: https://twitter.com/i/status/1433388265369862151
Title: eXper yX

Search URL Search Domain Scan URL

URL: https://video.twimg.com/ext_tw_video/1433387728054353924/pu/vid/480x640/t7Tuxfq0Cy8lSlqg.mp4?tag=12

Search URL Search Domain Scan URL

URL: https://twitter.com/i/status/1503751462803116033
Title: risklee

Search URL Search Domain Scan URL

URL: https://video.twimg.com/ext_tw_video/1503751406809149441/pu/vid/270x480/bo5kK1XyVBWM8E67.mp4?tag=12

Search URL Search Domain Scan URL

URL: https://twitter.com/i/status/1502843220815798277
Title: 박호두

Search URL Search Domain Scan URL

URL: https://video.twimg.com/ext_tw_video/1502842711035981828/pu/vid/882x720/0F6HiWeyulzCgSLZ.mp4?tag=12

Search URL Search Domain Scan URL

URL: https://twitter.com/Kang_Jun_x/status/1504472589032325137?s=20
Title: 강준

Search URL Search Domain Scan URL

URL: https://video.twimg.com/ext_tw_video/1504472501551730689/pu/vid/540x960/3-vJuOItkEtL4hL9.mp4?tag=12

Search URL Search Domain Scan URL

URL: https://line.me/R/msg/text/?%ED%8A%B8%EC%9C%84%ED%84%B0%EB%8F%99%EC%98%81%EC%83%81%EC%A0%80%EC%9E%A5%20%EB%9E%AD%ED%82%B9!https://www.twidouga.net/ko/ranking_t.php
Title: new media_line_me.LineButton({"pc":true,"lang":"ja","type":"a"});

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=https%3A%2F%2Fwww.twidouga.net%2Fko%2Franking_t.php&text=:%20https%3A%2F%2Fwww.nurumayu.net%2Fko%2Ftwidouga%2Franking_t.php

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.twidouga.net%2Fko%2Franking_t.php&t=

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fwww.twidouga.net%2Fko%2Franking_t.php

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fwww.twidouga.net%2Fko%2Franking_t.php&description=

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

Request Chain 54

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=1 HTTP 302
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp HTTP 302
https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adPHOfb_GwjlBT4q-NeiNF2pG4hDQQfD31-SlYiTjvGY72bungnLmrA0i5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=

Request Chain 55

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=motionbeat2&format=gif&vid=1 HTTP 302
https://bypass.ad-stir.com/push_sync?xid=12345

Request Chain 69

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiNTEzNjYzMDE4IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTE4NzgsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIn0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTE4NzgiLCJwYWdlIjoiaHR0cHM6Ly93d3cudHdpZG91Z2EubmV0L2tvL3JhbmtpbmdfdHdlZWsyLnBocCJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiJhNDA3OTUyMTM3OThhMTcxMDk3OWFjNDM0MWJhYzhlNSJ9LCJleHQiOnsiZHQiOjE2NDc3NzU0NzY3NTZ9fQ== HTTP 302
https://rtbbnr.com/banner/in/show/?mid=197363218&pid=0&site=11878&sc=DE&usage_type=DCH&subid=513663018&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=www.twidouga.net&hostname=auc-banner-hz-3&site_id=0&spot_id=11878&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2001:ac8:20:303::203e&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&min_cpm=0&ttl=&space_id=1695&banner_width=1&banner_height=1&url=%2F%2Ftcimp.zog.link%2Fin%2Fbanners%3Fkatds_ep%3DGh6BbgK5QWkaA9SO2Hn5KTFGCh5kb3SNQizI7T4YEWmDV5pP1MzKdAt0k7-H69rRaJc3wuz-EllEYLgs1HrYmGFjWSoKCQLN0UP9CYbeIri1pUr2Kthbfuzg5iPYEwMPx_BzstEk5llWSVpQN7ZDcblWOTCvpu0grvfBZ9QPsbhYLVDAq9Z31-r_RWMddhQ4uHO1Dd86lJbB6wDSajXR8peWZ4pduMlgKGiepTN1QDasBpeQ84ag2_BeFG1Dph1nnVSB-LxaTYV0LUmELy1Q-qbGwJk9ZWSo8ENkYG10rYkwwGvjRjTHVYrobr07zhudX-mQGSCdvHkSlrb-5TVdnqn37AwKAgRvDY2nalAlegTkFB1f-quxE48gRW0PeYbP2EzE63zliofE4bgANhEtA_gtXmr6Lzp2ChrYs7I5jXulHbHDfI1XE82iPLcEYRb9p6YiN9ETk5FE4cp8y2AEWFRYkqn93gCaJZ6bsA&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags= HTTP 302
https://tcimp.zog.link/in/banners?katds_ep=Gh6BbgK5QWkaA9SO2Hn5KTFGCh5kb3SNQizI7T4YEWmDV5pP1MzKdAt0k7-H69rRaJc3wuz-EllEYLgs1HrYmGFjWSoKCQLN0UP9CYbeIri1pUr2Kthbfuzg5iPYEwMPx_BzstEk5llWSVpQN7ZDcblWOTCvpu0grvfBZ9QPsbhYLVDAq9Z31-r_RWMddhQ4uHO1Dd86lJbB6wDSajXR8peWZ4pduMlgKGiepTN1QDasBpeQ84ag2_BeFG1Dph1nnVSB-LxaTYV0LUmELy1Q-qbGwJk9ZWSo8ENkYG10rYkwwGvjRjTHVYrobr07zhudX-mQGSCdvHkSlrb-5TVdnqn37AwKAgRvDY2nalAlegTkFB1f-quxE48gRW0PeYbP2EzE63zliofE4bgANhEtA_gtXmr6Lzp2ChrYs7I5jXulHbHDfI1XE82iPLcEYRb9p6YiN9ETk5FE4cp8y2AEWFRYkqn93gCaJZ6bsA HTTP 302
https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.048000&katds_labels=&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14&ts=1647775476 HTTP 302
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.3318&oid=1600413&sp=0.048000&spp=1000&se=impression&vi=9ihCdzcvlec&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1647775476&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14

Request Chain 85

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

121 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ranking_tweek2.php Show response
www.twidouga.net/ko/ 16 KB
4 KB 539ms
498ms Document
text/html 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30a2dd1dfac59cb0b73dc6b8330f69269143d1f21e3d2af414141df216612a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6eee14ff5ce601e7-ZRH
content-encoding: br

GET
H2 200 twirank.css
www.twidouga.net/ko/ 2 KB
1002 B 39ms
39ms Stylesheet
text/css 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twidouga.net/ko/twirank.css
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e2092ae75275f8cc6d68353a6640528ad7655662c1b3c2e95b86982bed71505

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Jun 2018 05:34:00 GMT
server: cloudflare
age: 152500
etag: W/"3a1d9e-8b7-56e9372462200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-polished: origSize=2231
cf-ray: 6eee15028a6301e7-ZRH
cf-bgj: minify

GET
H2 200 jp.php Show response
js.juicyads.com/ 93 KB
35 KB 47ms
9ms Script
application/javascript 2600:9000:2156:1600:c:dd71:23c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.juicyads.com/jp.php?c=34b4v213t2a4u4q2u2946364a4&u=http%3A%2F%2Fwww.juicyads.rocks
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:c:dd71:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7eee9b40c75a5fef31769f1a3f62e96a3deaf717b7f1d30e48e93145e4513f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: cache
date: Sun, 20 Mar 2022 11:18:02 GMT
content-encoding: gzip
server: nginx
age: 390
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: aTfh1o5SPwaUm3ev4ZRuQt5gwPn_ugVab5iYtxfD19laOuQaDhYfmQ==
expires: Sun, 20 Mar 2022 11:33:02 GMT

GET
H2 200 waWQiOjExMTY0OTUsInNpZCI6MTEyOTMxNCwid2lkIjozMDk3MTQsInNyYyI6Mn0=eyJ.js Show response
yqmxfz.com/pw/ 191 KB
74 KB 195ms
135ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yqmxfz.com/pw/waWQiOjExMTY0OTUsInNpZCI6MTEyOTMxNCwid2lkIjozMDk3MTQsInNyYyI6Mn0=eyJ.js
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76fa7d42e84662cd82b1e9ab8f8c078c33f44865866bd52d685dea366fc1a9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 20 Mar 2022 09:17:54 GMT
server: cloudflare
e-tag: 6796259ef09523408acbb8859d9b0f41
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bx4TylBTI5QMt3vVK3oDDS5ShrllJofzbDSboO%2F%2FNWcRbZnHAWClk7v5mkmSGSMwdztiZPwmWJkfZTcgW4P8ZPDP691vGWRWpT%2BMD1SbCfBROVff5duRUVATznOLUg9gTvwHLE72SRpI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www.twidouga.net
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6eee1502fe99e914-MRS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 twiranking.png
www.twidouga.net/ko/img/ 7 KB
7 KB 42ms
40ms Image
image/png 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twidouga.net/ko/img/twiranking.png
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e1e064b6b182afbe948c1f2ffeac927a1044c8d90fe87c29da1737e6788857e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Dec 2016 15:15:00 GMT
server: cloudflare
age: 92222
etag: "3a1dca-3815-544b96eaca500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
cf-polished: origSize=14357
accept-ranges: bytes
cf-ray: 6eee1502ba9501e7-ZRH
content-length: 7137
cf-bgj: imgq:100,h2pri

GET
H2 200 instaranking.png
www.twidouga.net/ko/img/ 9 KB
9 KB 43ms
41ms Image
image/png 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twidouga.net/ko/img/instaranking.png
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfda1a9ca320d6c942a26de1a7a3039f87cb8d39083412fdaea6112c49ae4e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Nov 2016 00:43:00 GMT
server: cloudflare
age: 152492
etag: "3a1dab-24be-541b0d2308d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 6eee1502ba9701e7-ZRH
content-length: 9406
cf-bgj: imgq:100,h2pri

GET
H2 200 instaranking_d.png
www.twidouga.net/ko/img/ 15 KB
15 KB 43ms
41ms Image
image/png 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twidouga.net/ko/img/instaranking_d.png
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f79258d031b43ce1702c4660872e4405f17dc69fba8b37ce01b8a8ea91fc8bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
cf-cache-status: HIT
last-modified: Sun, 01 Jan 2017 07:07:00 GMT
server: cloudflare
age: 152492
etag: "3a1dac-6260-5450314d0cd00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
cf-polished: origSize=25184
accept-ranges: bytes
cf-ray: 6eee1502ba9801e7-ZRH
content-length: 14961
cf-bgj: imgq:100,h2pri

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

https://poweredby.jads.co/js/jads.js
https://poweredby.jads.co/js/jads2.js

4 KB
2 KB

61ms
20ms

Script
application/x-javascript

185.94.236.245
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/js/jads2.js
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: HTTP/1.1
Server: 185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Mar 2022 11:24:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Dec 2019 19:10:29 GMT
Server: nginx
ETag: W/"5e0262a5-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Sun, 20 Mar 2022 11:24:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 rank4.png
www.twidouga.net/ko/img/ 293 B
417 B 44ms
42ms Image
image/png 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twidouga.net/ko/img/rank4.png
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c148df2b4d8e867c942dfc3a8f4e70836bcc48e0cd493bdb7eae075fa1c669

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Dec 2016 15:53:00 GMT
server: cloudflare
age: 520103
etag: "3a1dc1-188-5444143866f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
cf-polished: origSize=392
accept-ranges: bytes
cf-ray: 6eee1502ba9a01e7-ZRH
content-length: 293
cf-bgj: imgq:100,h2pri

GET
H2 200 4jz1KoJj5Lasbmzx.jpg
pbs.twimg.com/ext_tw_video_thumb/1501178070736465920/pu/img/ 41 KB
42 KB 41ms
17ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1501178070736465920/pu/img/4jz1KoJj5Lasbmzx.jpg

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

9e1dc966d9191c34f0e53d1bbb55e7277c662720f32366a6ed95f4c62477fdc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
age: 426909
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 42453
x-response-time: 185
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/6 ext_tw_video_thumb/1501178070736465920
last-modified: Tue, 08 Mar 2022 12:46:37 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6450c8db3ada4723ec4be99747310fb8c0fda95b872aa378fb2da51060fc75cb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 saisei.png
www.twidouga.net/ko/img/ 1 KB
1 KB 46ms
44ms Image
image/png 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twidouga.net/ko/img/saisei.png
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ea6707211a08d985100fce389c6108765b64329ceea7012db687793956c15c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Jun 2017 18:46:00 GMT
server: cloudflare
age: 152491
etag: "3a1dc6-a3d-551dbd8c48a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
cf-polished: origSize=2621
accept-ranges: bytes
cf-ray: 6eee1502ba9b01e7-ZRH
content-length: 1037
cf-bgj: imgq:100,h2pri

GET
H2 200 gCFDz3V4xP19vNQx.jpg
pbs.twimg.com/ext_tw_video_thumb/1503028977027354634/pu/img/ 91 KB
92 KB 32ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1503028977027354634/pu/img/gCFDz3V4xP19vNQx.jpg

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) /

Resource Hash

fc25db678d231bbcc957b309ae879f9e2ed948ca8d615b4cfb26fdd7270df773

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
age: 590261
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 93311
x-response-time: 288
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/6 ext_tw_video_thumb/1503028977027354634
last-modified: Sun, 13 Mar 2022 15:21:27 GMT
server: ECS (frb/67D4)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e44750854c5f5981afb5ef11a253a38a1169dcd504bafe4fb4c84bffbed580ee
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FGtLOOV-lS0fKHAJ.jpg
pbs.twimg.com/ext_tw_video_thumb/1502683994755768321/pu/img/ 58 KB
58 KB 45ms
21ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1502683994755768321/pu/img/FGtLOOV-lS0fKHAJ.jpg

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) /

Resource Hash

3014146f70c95aba2802185ac6e7550f529877c862a8cd26de2fe8a6da4052cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
age: 66925
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=3
content-length: 59249
x-response-time: 177
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/9 ext_tw_video_thumb/1502683994755768321
last-modified: Sat, 12 Mar 2022 16:30:37 GMT
server: ECS (frb/6738)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 67ebd4e9d9643abc2def38338296c0577ef6a460ba37a9e980d111f13bfdf393
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 zzxosF5vDOvd71BI.jpg
pbs.twimg.com/ext_tw_video_thumb/1503681097367924744/pu/img/ 54 KB
54 KB 45ms
21ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1503681097367924744/pu/img/zzxosF5vDOvd71BI.jpg

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

107ebc6c82dd48f7d074295301954a000ad7aa7860198a67b5ec05745248661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
age: 434921
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 55544
x-response-time: 308
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/0 ext_tw_video_thumb/1503681097367924744
last-modified: Tue, 15 Mar 2022 10:32:45 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 619c0cfbcad633fb9618454800187af034f315819c9912b0b4d80fd54fb0a6dd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 fVguyOMf7eWTMW6i.jpg
pbs.twimg.com/ext_tw_video_thumb/1505059075209322499/pu/img/ 90 KB
91 KB 45ms
21ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1505059075209322499/pu/img/fVguyOMf7eWTMW6i.jpg

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

e88c1f3f41d07370613bc9a97f32dc8c92f3c5ba123c91b5a547df0e3c2420d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
age: 106292
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
content-length: 92564
x-response-time: 291
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/1 ext_tw_video_thumb/1505059075209322499
last-modified: Sat, 19 Mar 2022 05:48:20 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 24951e073d8d6118e4d7bfbbd1515cbdf7490a4e155201836399394bae869627
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FSCwa6CtP1zNBfzu.jpg
pbs.twimg.com/ext_tw_video_thumb/1499578985109356546/pu/img/ 40 KB
41 KB 45ms
21ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1499578985109356546/pu/img/FSCwa6CtP1zNBfzu.jpg

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6731) /

Resource Hash

590287681b71bd6862fe6ac84f1f31659ad1ce48cacdcd2b5f160e503d3d107a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
age: 193070
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 41376
x-response-time: 173
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/4 ext_tw_video_thumb/1499578985109356546
last-modified: Fri, 04 Mar 2022 02:52:25 GMT
server: ECS (frb/6731)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5b9e102c469299e53e95788ced13472e33f24df0a5c950e4466610fee985c15e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 a1239601.js Show response
js.gsspcln.jp/t/239/601/ 8 KB
3 KB 819ms
270ms Script
application/javascript 222.230.178.132
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gsspcln.jp/t/239/601/a1239601.js
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.132 Karasawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: f75568d334c6a3ef9c8f47a2927445cbf6d1c40344a236922abaa2dc3b3c5e22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 03:20:08 GMT
server: nginx
etag: W/"62281ce8-2013"
content-type: application/javascript
cache-control: private
cross-origin-resource-policy: cross-origin

GET
H2 404 _Elvwkmk5SF80El3.jpg
pbs.twimg.com/ext_tw_video_thumb/1433387728054353924/pu/img/ 0
206 B 18ms
18ms Image
text/plain 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1433387728054353924/pu/img/_Elvwkmk5SF80El3.jpg

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668D) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
age: 19276
x-cache: 404-HIT
server-timing: "x-cache;desc= 404-HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 0
x-response-time: 114
last-modified: Sun, 20 Mar 2022 06:03:17 GMT
server: ECS (frb/668D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=86400, must-revalidate
x-connection-hash: 26da054a4023f4c308b76b73f7209620ee7655a060df1fed1b5be6a86718e966
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FvVV4b6f40Qd3AwT.jpg
pbs.twimg.com/ext_tw_video_thumb/1503751406809149441/pu/img/ 16 KB
16 KB 18ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1503751406809149441/pu/img/FvVV4b6f40Qd3AwT.jpg

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C0) /

Resource Hash

c0b69556717f563da4c13d37dc8e383a4ba218b7e93c66c922f188c071e5ea54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
age: 418086
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 16117
x-response-time: 300
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/0 ext_tw_video_thumb/1503751406809149441
last-modified: Tue, 15 Mar 2022 15:12:08 GMT
server: ECS (frb/67C0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2fb41bbbb2823f9b49313228f1dc9b206c3352a1ae98043a19898b719d714776
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5Ayr6LcAPHOHuKKR.jpg
pbs.twimg.com/ext_tw_video_thumb/1502842711035981828/pu/img/ 80 KB
80 KB 19ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1502842711035981828/pu/img/5Ayr6LcAPHOHuKKR.jpg

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674B) /

Resource Hash

baf4dab284dad79446a8c087f83481f4dfbdd0350c226ae344ffa530a81ece5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
age: 29775
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 81973
x-response-time: 245
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/1 ext_tw_video_thumb/1502842711035981828
last-modified: Sun, 13 Mar 2022 03:01:18 GMT
server: ECS (frb/674B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1d660e6676f39231e6afd096724558581b65c80da74cc99c9698f73a65da340b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 LoKbwacLEHc-I0BU.jpg
pbs.twimg.com/ext_tw_video_thumb/1504472501551730689/pu/img/ 38 KB
38 KB 19ms
18ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1504472501551730689/pu/img/LoKbwacLEHc-I0BU.jpg

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

52117d17da6124b3040ea4e88aed7fd43ed326e7ce1c1fc33d378fbfc95932b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
age: 246215
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 38740
x-response-time: 429
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/9 ext_tw_video_thumb/1504472501551730689
last-modified: Thu, 17 Mar 2022 14:57:30 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 01703b86e5a216d47aa5637feb967bcac7a6d80e2928b86e82a5b99351d8e5da
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Line.png
www.twidouga.net/ko/img/ 393 B
544 B 41ms
40ms Image
image/png 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.twidouga.net/ko/img/Line.png

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705d44f6494f03613d36e21497fc77bde7b5c29e38bb059c47694d90572d5ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 307149
cf-polished: status=not_needed
cf-bgj: imgq:100,h2pri
vary: Accept-Encoding
content-length: 393
last-modified: Thu, 20 Oct 2016 02:37:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6eee1502ba9d01e7-ZRH
expires: Wed, 23 Mar 2022 22:05:24 GMT

GET
H2 200 Twitter.png
www.twidouga.net/ko/img/ 469 B
559 B 42ms
42ms Image
image/png 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twidouga.net/ko/img/Twitter.png
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7766ef0fc17b54cadce55a16e9a6208091af302475edc15f1f2ce24e149bd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Oct 2016 02:37:00 GMT
server: cloudflare
age: 157582
etag: "3a1dcb-1d5-53f42ccce0b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 6eee1502ba9f01e7-ZRH
content-length: 469
cf-bgj: imgq:100,h2pri

GET
H2 200 Facebook.png
www.twidouga.net/ko/img/ 392 B
513 B 46ms
45ms Image
image/png 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twidouga.net/ko/img/Facebook.png
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 183dad97a5a4d0deb9ef8de05f399a1f6c93b2ccbfa9370d603dfbcd57355e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
cf-cache-status: HIT
last-modified: Wed, 19 Oct 2016 16:18:00 GMT
server: cloudflare
age: 157582
etag: "3a1da7-188-53f3a27169e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 6eee1502baa001e7-ZRH
content-length: 392
cf-bgj: imgq:100,h2pri

GET
H2 200 Google+.png
www.twidouga.net/ko/img/ 498 B
605 B 43ms
42ms Image
image/png 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twidouga.net/ko/img/Google+.png
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7499db1c527a2ad807c971a3f630ceef7db8ed7337e36ae7142e54a5c33258c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
cf-cache-status: HIT
last-modified: Wed, 19 Oct 2016 16:18:00 GMT
server: cloudflare
age: 157582
etag: "3a1da8-1f2-53f3a27169e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 6eee1502baa201e7-ZRH
content-length: 498
cf-bgj: imgq:100,h2pri

GET
H2 200 Pinterest.png
www.twidouga.net/ko/img/ 627 B
720 B 45ms
45ms Image
image/png 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.twidouga.net/ko/img/Pinterest.png
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b7ddebcf0923f8d0f922132de5b17c4327566d9e11e49dada6486a2812fe64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
cf-cache-status: HIT
last-modified: Wed, 19 Oct 2016 16:18:00 GMT
server: cloudflare
age: 118861
etag: "3a1dbc-273-53f3a27169e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 6eee1502baa301e7-ZRH
content-length: 627
cf-bgj: imgq:100,h2pri

GET
H2 200 jquery.slim.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 67 KB
24 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.slim.min.js

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45fe0169d7f20adb2f1e63bcf4151971b62f34dbd9bce4f4f002df133bc2b03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23810
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 14:03:48 GMT

GET
H2 404 jquery.lazyload.js
www.twidouga.net/ko/ 0
0 160ms
157ms Script
text/html 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twidouga.net/ko/jquery.lazyload.js

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
cf-ray: 6eee1502ba9101e7-ZRH
vary: Accept-Encoding

GET
H2 404 lazy.js
www.twidouga.net/ko/ 0
0 154ms
152ms Script
text/html 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.twidouga.net/ko/lazy.js

Requested by

Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
cf-ray: 6eee1502ba9301e7-ZRH
vary: Accept-Encoding

GET
H2 200 autoloading.js Show response
www.twidouga.net/ko/js/ 135 KB
50 KB 48ms
46ms Script
application/javascript 2606:4700:10::6816:2255
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.twidouga.net/ko/js/autoloading.js
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2255 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b252c03fc8a7a43ee656c7db0d8873541f7ccfc229e927efe5128aa6959a1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/ko/ranking_tweek2.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2017 15:04:00 GMT
server: cloudflare
age: 157587
etag: W/"3a1ddd-21d56-55e06d03c9800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-polished: origSize=138582
cf-ray: 6eee1502ba9401e7-ZRH
cf-bgj: minify

GET adshow.php
poweredby.jads.co/ Frame 0920 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame AA15 4 KB
2 KB 1079ms
1055ms Document
text/html 185.94.236.245
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=906135
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: ba4fe3c9e72e26dc11c9dcc1a873ef5fa9c42680f4e433bb140e802950bd30d9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/

Response headers

Server: nginx
Date: Sun, 20 Mar 2022 11:24:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Content-Encoding: gzip

GET adshow.php
poweredby.jads.co/ Frame E7A1 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame 6032 4 KB
2 KB 1193ms
1169ms Document
text/html 185.94.236.245
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=906869
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.236.245 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 49e19be7025bdeccd3204cf8bdfdf1b82898bfb19d240a041be4dbd776825bc5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/

Response headers

Server: nginx
Date: Sun, 20 Mar 2022 11:24:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Content-Encoding: gzip

GET
H2 200 wnload Show response
yfetyg.com/ 0
128 B 54ms
18ms Fetch
application/javascript 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjExMTY0OTUsInNpZCI6MTEyOTMxNCwid2lkIjozMDk3MTQsImQiOiJ0d2lkb3VnYS5uZXQiLCJsaSI6Mn0=&tz=0&if=0
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjExMTY0OTUsInNpZCI6MTEyOTMxNCwid2lkIjozMDk3MTQsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Mar 2022 11:24:33 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 282 B
432 B 59ms
21ms Fetch
text/plain 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjExMTY0OTUsInNpZCI6MTEyOTMxNCwid2lkIjozMDk3MTQsInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4c509915d89f7bfa3b07ad089740b090efa18a8a860dd604826131a770abc56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6eee15056e4d0208-ZRH
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK f5a46f2a-2f13-458c-8e1c-6141e60a0e27
https://www.twidouga.net/ 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.twidouga.net/f5a46f2a-2f13-458c-8e1c-6141e60a0e27
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 451 B
597 B 34ms
6ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjExMTY0OTUsInNpZCI6MTEyOTMxNCwid2lkIjozMDk3MTQsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 20 Mar 2022 11:29:33 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 admc
kiynew.com/ 0
0 50ms
13ms Fetch 2a02:b4a:1:7::9274:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kiynew.com/admc?a=2&pid=1116495&sid=1129314&wid=309714&fp=a40795213798a1710979ac4341bac8e5&tz=0
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjExMTY0OTUsInNpZCI6MTEyOTMxNCwid2lkIjozMDk3MTQsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9274:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.twidouga.net
date: Sun, 20 Mar 2022 11:24:33 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 0

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 81 KB
30 KB 20ms
6ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 066ef327c5f9febc223724678b1f79ac37d900b4d3325cb448508a10bbffe98b

Request headers

Referer: https://www.twidouga.net/
Origin: https://www.twidouga.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 11:48:41 GMT
server: nginx/1.18.0
etag: W/"62347199-142ca"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 20 Mar 2022 11:29:33 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 5380 Show response
na.nawpush.com/tags/ 826 B
614 B 43ms
7ms XHR
application/json 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/5380
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c81116be53710da502b39b0c977bae3077f3ec4bc77ced99bd0126bec332ecc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Mar 2022 11:24:33 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
237 B 6ms
6ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 20 Mar 2022 11:29:33 GMT
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 track Show response
54ad995902.92291944cd.com/in/ 0
199 B 61ms
31ms XHR
text/plain 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://54ad995902.92291944cd.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIzNjY3MzU1NDI0OTU2OTQ4NTAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMTguMCIsInRhZ19pZCI6NTM4MCwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMDUsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MX0=
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Mar 2022 11:24:33 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 24 KB
6 KB 198ms
7ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e24ee213782f6ed0de472f2a8b9374799b9a79643d466133d7a10a81383aa039

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 07:44:44 GMT
server: nginx/1.18.0
etag: W/"61fa366c-6155"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 20 Mar 2022 11:29:33 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 build.m.js Show response
js.cabnnr.com/banner-admanager/ 29 KB
12 KB 29ms
6ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f02f14d6675ede42f9332cad2494dec4c23cf549baf7ef7baec603b4735560e9

Request headers

Referer: https://www.twidouga.net/
Origin: https://www.twidouga.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:33 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2022 08:06:12 GMT
server: nginx/1.18.0
etag: W/"6232ebf4-7394"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 20 Mar 2022 11:29:33 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 jsk Show response
aladdin.genieesspv.jp/yie/ld/ 7 KB
3 KB 797ms
268ms Script
text/javascript 222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://aladdin.genieesspv.jp/yie/ld/jsk?zoneid=1239601&cb=2801071432&charset=UTF-8&loc=https%3A%2F%2Fwww.twidouga.net%2Fko%2Franking_tweek2.php&sw=1200&sh=1600&topframe=1
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.130 Karasawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: d19f7be2f5b093ea9302e84fc017e285aae87c5496aebf68cb7735cc1837bcd0

Request headers

Referer: https://www.twidouga.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 20 Mar 2022 11:24:34 GMT
content-encoding: gzip
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
700 B 94ms
13ms Script
text/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by: Host: js.gsspcln.jp
URL: https://js.gsspcln.jp/t/239/601/a1239601.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Mar 2022 11:24:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Cache-Control: public, max-age=3600, s-maxage=10800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 445

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 13ms
13ms Script
application/javascript 2a02:26f0:6c00::210:bb90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c28cc2edb12eba8097fa6c3af9b6fde903c004b5323e0384ef9ea3fe3007ff0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ej6tzr9Q13Pq_CME5x7dhAYcGvJzyFf.
Content-Encoding: gzip
Last-Modified: Thu, 03 Mar 2022 06:47:38 GMT
ETag: "ce3ab9458b20a5f0b4b74dbdbcba832d"
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
Date: Sun, 20 Mar 2022 11:24:33 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2341

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 28 B
202 B 282ms
248ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01FYKH4R9XMGYN26VX4PDGQNJ8
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 71091b69fd4123d7a15b11bd04c1e3bc4b16f6259ad34635d87432ef39cb0cf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.twidouga.net
date: Sun, 20 Mar 2022 11:24:34 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28
content-type: application/json

GET
H2 200 ad1810105-1645466047.jpg
i.jads.co/ads/user156477/ Frame AA15 32 KB
32 KB 53ms
11ms Image
image/jpeg 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jads.co/ads/user156477/ad1810105-1645466047.jpg
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=906135
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 1779b74c852c6e9283d7cfc31f4ff56908667c49faa601cbca2872861f9dba85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:34 GMT
last-modified: Mon, 21 Feb 2022 17:54:07 GMT
etag: "1645466047"
x-hw: 1647775474.dop130.fr8.t,1647775474.cds247.fr8.hn,1647775474.cds145.fr8.c
content-type: image/jpeg
cache-control: max-age=29226634
accept-ranges: bytes
content-length: 32988

GET
H/1.1 200
OK 5496d364-aa38-44ef-a23d-88514ef26641 Show response
r.trwl1.com/s1/ Frame 67D8 749 B
1 KB 50ms
15ms Document
text/html 185.98.53.17
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.trwl1.com/s1/5496d364-aa38-44ef-a23d-88514ef26641?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=DE&cv3=161749&cv4=263919&cv5=906869&cv6=
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=906869
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.98.53.17 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 63367b55f7c2f98c3a468897d2f5aea8593a44dde60a9385e1d1b83280b11a69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/

Response headers

Server: nginx/1.20.1
Date: Sun, 20 Mar 2022 11:24:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 749
Connection: close
X-Request-Id: ca752aac-8e4f-498a-a3de-9955abf3c5ce

GET
H2 200 300x250.html Show response
static.javhd.com/h5/files/15533/ Frame 1FC7 3 KB
1 KB 1222ms
14ms Document
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Requested by: Host: r.trwl1.com
URL: https://r.trwl1.com/s1/5496d364-aa38-44ef-a23d-88514ef26641?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=DE&cv3=161749&cv4=263919&cv5=906869&cv6=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7c5aad99d7353d4736be097c43af1b690b022ce52139d755450dc501a2d64a3c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://r.trwl1.com/

Response headers

date: Sun, 20 Mar 2022 11:24:35 GMT
content-type: text/html
last-modified: Mon, 07 Feb 2022 07:41:38 GMT
etag: W/"6200cd32-c86"
expires: Thu, 14 Apr 2022 21:18:17 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1649971097
server: CDN77-Turbo
x-77-nzt: Abk73BAb1jX/WgwGAA
x-77-nzt-ray: S4FZQIzPXlQ
x-cache: HIT
x-age: 396378
x-77-pop: frankfurtDE
x-77-cache: HIT
content-encoding: br

GET
H2 200 inview.20190130.min.js Show response
js.gsspcln.jp/j/ 5 KB
2 KB 271ms
270ms Script
application/javascript 222.230.178.132
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gsspcln.jp/j/inview.20190130.min.js
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.132 Karasawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:34 GMT
content-encoding: gzip
last-modified: Thu, 14 Feb 2019 06:15:01 GMT
server: nginx
etag: W/"5c650765-13cd"
content-type: application/javascript
cache-control: max-age=31536000, private
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Mar 2023 11:24:34 GMT

GET
H2 200 pu-jq.js Show response
js.octopuspop.com/ 17 KB
7 KB 79ms
14ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://js.octopuspop.com/pu-jq.js
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: c921800fd0413d77efe1cad883b5d50d248aaa245358ebb3b0fd089d00a661fa

Request headers

Referer: https://www.twidouga.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 20 Mar 2022 11:24:34 GMT
content-encoding: br
cdn-edgestorageid: 883
x-amz-request-id: TPBM29F2ZDYA3WN6
cdn-cachedat: 03/10/2022 13:34:30
cdn-pullzone: 96923
x-amz-id-2: 9cLRadrMYjrouj0WBOT86x5HTP3xfOEmDHY+TJ/wfxu+ijPWa9jkGy4gmt7xciFUdkQA9ah7NMg=
server: BunnyCDN-AMS1-879
last-modified: Fri, 25 Feb 2022 08:16:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ecd23b8d1c4e5b5ea32d91d26fb75dca"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 992570b6-4484-4f25-abcf-0615ee0f47cb
cache-control: public, max-age=2592000
cdn-requestid: aadb76f0764cc2dd221ccc93e7ca6657
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gl2
aladdin.genieesspv.jp/yie/ld/ 43 B
245 B 250ms
250ms Image
image/gif 222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aladdin.genieesspv.jp/yie/ld/gl2?zid=1239601&asid=8607405&idx=0&cb=30c2a57256&l=rQVUW3IS8OGjblRpwbvmGvAo1Sk9b75Teuq8LQagSHyI6PX63NYLgnRYegbFaS6Mc5EeaRsZb_tgliRa_fbBwM9p5aPbV28rvvojQJbCGAiBOMdjKcD8ZpcJPpzpyeVvMlz57cKG-kafw_pVPsM7gJSiADXby3KFrAet5_SwDPtNzt_DDRn-Zqw0eLW8ij9zwZH-OMnqplOj_EVcKHoHLgmvvYmfnXwwA00xBVHONxTDN6DvTLo1jdaFfIyh3y9O5PekPk_kmtn2SdX6s0vpwQ51ymn0meYDl5WKrU_syq3DL6Z6qscWW4FmMdc1SjUFu3nBMyunPG4N9gSq8IPmc-f_IzZMbk0ipCC6TEMTwqsmCqx4qlhYs6bCmDo7xPpvcL2HRquhF7TIXiDLqB3p_K6qYyAf5C8zFFSwxC25E2YXnBDfYST844WntIxtk9XBttN8mYhSXvcW7kTzDewlZUnfvPgQ8lEsp3vec16VcCwYnnSXsxilgaLg18mGs0ZwrGdHlSNh-eIRqLAkhAhuRdZ4-nFmALLr1RpiDZ96iaRoVHcFZgnE9r7qQ213_PGYCdut554SWOeUv0tmzXRJ3jQKJdRRACsTr-r3300BQ5ZEhozRVJuYZYwS3d316yec26y41u0TTB0
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.130 Karasawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Mar 2022 11:24:34 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

gcs
rt.gsspat.jp/yie/ld/
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=1
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp
https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adPHOfb_GwjlBT4q-NeiNF2pG4hDQQfD31-SlYiTjvGY72bungnLmrA0i5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=

43 B
249 B

788ms
260ms

Image
image/gif

222.230.178.21
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adPHOfb_GwjlBT4q-NeiNF2pG4hDQQfD31-SlYiTjvGY72bungnLmrA0i5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Server: 222.230.178.21 Karasawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:36 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 20 Mar 2022 11:24:35 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
location: //rt.gsspat.jp/yie/ld/gcs?v=WAs0ex4iHFQFHErSnn_adPHOfb_GwjlBT4q-NeiNF2pG4hDQQfD31-SlYiTjvGY72bungnLmrA0i5VvCEmp4TeqTWX96GQvan6Tsc9WO6s0=
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=ISO-8859-1
content-length: 1
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

push_sync
bypass.ad-stir.com/
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=motionbeat2&format=gif&vid=1
https://bypass.ad-stir.com/push_sync?xid=12345

35 B
182 B

942ms
231ms

Image
image/gif

52.69.206.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bypass.ad-stir.com/push_sync?xid=12345
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: HTTP/1.1
Server: 52.69.206.159 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-69-206-159.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 20 Mar 2022 11:24:36 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

location: https://bypass.ad-stir.com/push_sync?xid=12345
date: Sun, 20 Mar 2022 11:24:35 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-type: application/octet-stream
p3p: CUR ADM OUR NOR STA NID

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 35ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: js.octopuspop.com
URL: https://js.octopuspop.com/pu-jq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:34 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e4a"
vary: Accept-Encoding
x-hw: 1647775474.dop158.fr8.t,1647775474.cds243.fr8.hn,1647775474.cds130.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 ls.html Show response
js.octopuspop.com/view/ Frame 215B 1 KB
1 KB 15ms
15ms Document
text/html 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://js.octopuspop.com/view/ls.html
Requested by: Host: js.octopuspop.com
URL: https://js.octopuspop.com/pu-jq.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 926a6b056e2327668477b0e0879783844a326955121cc69d9ba5f4ede4d4fd6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/

Response headers

date: Sun, 20 Mar 2022 11:24:34 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-AMS1-879
cdn-pullzone: 96923
cdn-uid: 992570b6-4484-4f25-abcf-0615ee0f47cb
cdn-requestcountrycode: DE
cache-control: public, max-age=2592000
etag: W/"edfc2e8968bce09f9e7feef6ced5f59a"
last-modified: Tue, 15 Sep 2020 07:54:15 GMT
x-amz-id-2: A+xGm/LFJhqd/oItnQY2Yz+xcq/wyw0sYg/UAnIFQG3f6ESdl6wY5YkYDSLhBrf0jVi1IyE4ueU=
x-amz-request-id: E0JHYEBWYEDA576R
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/14/2022 16:02:57
cdn-edgestorageid: 883
cdn-status: 200
cdn-requestid: 149caf7ad67d4dd44ac59fc6bda22433
cdn-cache: HIT
content-encoding: br

OPTIONS
H/1.1 204
No Content /
ap.octopuspop.com/deliver/ Frame 0
0 951ms
231ms Preflight 13.114.113.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.octopuspop.com/deliver/?_spot=41983&_uid=&_iphone_type=&_ver=1647775475059
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.114.113.27 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-113-27.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://www.twidouga.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Cookie, Content-Type, Origin, User-Agent, Cache-Control, Keep-Alive, X-Requested-With, Accept, Accept-Encoding, Accept-Language, Connection, Content-Length, Host, Referer, Pragma
Access-Control-Allow-Method: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://www.twidouga.net
Date: Sun, 20 Mar 2022 11:24:35 GMT
Server: nginx
Connection: keep-alive

POST
H/1.1 200
OK / Show response
ap.octopuspop.com/deliver/ 393 B
1 KB 1011ms
282ms XHR
application/json 13.114.113.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.octopuspop.com/deliver/?_spot=41983&_uid=&_iphone_type=&_ver=1647775475059
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.114.113.27 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-113-27.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8e7675bd0f733d0529a04747f1fce304f781b0cb90ce197a59d83529d9313ae6

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.twidouga.net/
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 20 Mar 2022 11:24:36 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Origin: https://www.twidouga.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Headers: Authorization, Cookie, Content-Type, Origin, User-Agent, Cache-Control, Keep-Alive, X-Requested-With, Accept, Accept-Encoding, Accept-Language, Connection, Content-Length, Host, Referer, Pragma
Content-Length: 245
Access-Control-Allow-Method: GET, POST, OPTIONS

GET
H2 200 style.css
static.javhd.com/h5/files/css/ Frame 1FC7 2 KB
805 B 14ms
13ms Stylesheet
text/css 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.javhd.com/h5/files/css/style.css
Requested by: Host: static.javhd.com
URL: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b6e3b8d6bade01b42e0099764550064fb9759495fc66621568952fb5da7c39f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 20 Mar 2022 11:24:35 GMT
content-encoding: br
x-77-nzt-ray: swqSlLlQPQg
x-77-cache: HIT
x-cache: HIT
x-age: 25049982
x-77-nzt: Abk73BBDQ+n/fjt+AQ
x-accel-expires: @1654261493
last-modified: Wed, 25 May 2016 08:29:12 GMT
server: CDN77-Turbo
etag: W/"57456258-7bd"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 03 Jun 2022 13:04:53 GMT

GET
H2 200 1008-overlay-preview.png
static.javhd.com/h5/files/overlay/ Frame 1FC7 2 KB
2 KB 14ms
14ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.javhd.com/h5/files/overlay/1008-overlay-preview.png
Requested by: Host: static.javhd.com
URL: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dbdc556177a5b6acc00668e4ab8a956f2941d1c6467ad1cef90baa89b45c598d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 20 Mar 2022 11:24:35 GMT
x-77-nzt-ray: HRnpzZ03e3w
x-77-cache: HIT
x-cache: HIT
x-age: 25049981
content-length: 1688
x-77-nzt: Abk73BDB/ub/fTt+AQ
x-accel-expires: @1654261494
last-modified: Wed, 28 Nov 2018 13:40:15 GMT
server: CDN77-Turbo
etag: "5bfe9abf-698"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 13:04:54 GMT

GET
H2 200 1008-overlay.gif
static.javhd.com/h5/files/overlay/ Frame 1FC7 4 KB
4 KB 14ms
14ms Image
image/gif 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.javhd.com/h5/files/overlay/1008-overlay.gif
Requested by: Host: static.javhd.com
URL: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 647a347b3284577e87852b63003ebf9f5b0f7ba09ad6694c4a5564d65ef4f7f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 20 Mar 2022 11:24:35 GMT
x-77-nzt-ray: GZjsfuS+3io
x-77-cache: HIT
x-cache: HIT
x-age: 25049981
content-length: 4146
x-77-nzt: Abk73BBnXKb/fTt+AQ
x-accel-expires: @1654261494
last-modified: Wed, 28 Nov 2018 13:42:51 GMT
server: CDN77-Turbo
etag: "5bfe9b5b-1032"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 13:04:54 GMT

GET
H2 200 29-button.png
static.javhd.com/h5/files/button/ Frame 1FC7 733 B
1 KB 14ms
14ms Image
image/png 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.javhd.com/h5/files/button/29-button.png
Requested by: Host: static.javhd.com
URL: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 20 Mar 2022 11:24:35 GMT
x-77-nzt-ray: ATXAqyGT51Q
x-77-cache: HIT
x-cache: HIT
x-age: 25049981
content-length: 733
x-77-nzt: Abk73BBkLvz/fTt+AQ
x-accel-expires: @1654261494
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
server: CDN77-Turbo
etag: "56799952-2dd"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jun 2022 13:04:54 GMT

GET
H2 206 2317-18818-300x250.medium.mp4
static.javhd.com/h5/files/video/ Frame 1FC7 32 KB
0 19ms
18ms Media
video/mp4 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.javhd.com/h5/files/video/2317-18818-300x250.medium.mp4
Requested by: Host: static.javhd.com
URL: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Referer: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

x-77-pop: frankfurtDE
date: Sun, 20 Mar 2022 11:24:35 GMT
x-77-nzt-ray: K5PVdZYb5+M
x-77-cache: HIT
Content-Range: bytes 0-636817/636818
x-cache: HIT
x-age: 3408
Content-Length: 636818
x-77-nzt: Abk73BBXOwP/UA0AAA
x-accel-expires: @1647858467
last-modified: Mon, 07 Feb 2022 07:41:37 GMT
server: CDN77-Turbo
etag: "6200cd31-9b792"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 08 Feb 2022 10:11:09 GMT

GET
H2 206 2317-18818-300x250.medium.mp4
static.javhd.com/h5/files/video/ Frame 1FC7 14 KB
14 KB 25ms
24ms Media
video/mp4 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.javhd.com/h5/files/video/2317-18818-300x250.medium.mp4
Requested by: Host: static.javhd.com
URL: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7ddf79cb4a49f3fd48d50000dc62d5d5714e5e70abb67bdef3d4f13318c0dfc3

Request headers

Referer: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=622592-

Response headers

x-77-pop: frankfurtDE
date: Sun, 20 Mar 2022 11:24:35 GMT
x-77-nzt-ray: FlZPky4GudE
x-77-cache: HIT
Content-Range: bytes 622592-636817/636818
x-cache: HIT
x-age: 3408
Content-Length: 14226
x-77-nzt: Abk73BBcq37/UA0AAA
x-accel-expires: @1647858467
last-modified: Mon, 07 Feb 2022 07:41:37 GMT
server: CDN77-Turbo
etag: "6200cd31-9b792"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 08 Feb 2022 10:11:09 GMT

GET
H2 206 2317-18818-300x250.medium.mp4
static.javhd.com/h5/files/video/ Frame 1FC7 576 KB
0 14ms
13ms Media
video/mp4 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.javhd.com/h5/files/video/2317-18818-300x250.medium.mp4
Requested by: Host: static.javhd.com
URL: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Referer: https://static.javhd.com/h5/files/15533/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fc0129e89-2ca3-4457-a7bb-01a82b7caa86%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DDE%26cv3%3D161749%26cv4%3D263919%26cv5%3D906869%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzY3NDgsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIzNjA2fQ
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=32768-

Response headers

x-77-pop: frankfurtDE
date: Sun, 20 Mar 2022 11:24:35 GMT
x-77-nzt-ray: 8M3GYXY86Uo
x-77-cache: HIT
Content-Range: bytes 32768-636817/636818
x-cache: HIT
x-age: 3408
Content-Length: 604050
x-77-nzt: Abk73BCUJ3b/UA0AAA
x-accel-expires: @1647858467
last-modified: Mon, 07 Feb 2022 07:41:37 GMT
server: CDN77-Turbo
etag: "6200cd31-9b792"
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 08 Feb 2022 10:11:09 GMT

GET
H2 200 rtct_adp_lib.20200515.min.js Show response
js.gsspcln.jp/j/ 16 KB
6 KB 271ms
270ms Script
application/javascript 222.230.178.132
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gsspcln.jp/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1239601
Requested by: Host: www.twidouga.net
URL: https://www.twidouga.net/ko/ranking_tweek2.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.132 Karasawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: 7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:36 GMT
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 07:57:55 GMT
server: nginx
etag: W/"61d6a103-411a"
content-type: application/javascript
cache-control: max-age=31536000, private
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Mar 2023 11:24:36 GMT

GET
H2 200 cic
aladdin.genieesspv.jp/yie/ld/ 43 B
239 B 252ms
251ms Image
image/gif 222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aladdin.genieesspv.jp/yie/ld/cic?cik=sRI3jucjB77l-O0TLDdfILJJvDD5WoQ72_48bABvgh5fo2MugLWUSMRju42dXIqd0JhktvXP7RTz63QzPXKDo1zD1Uw&noas=8607405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.130 Karasawa, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Mar 2022 11:24:36 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

ls Show response
stream.bantgoau.com/yt/ Frame D050
Redirect Chain

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJ0eXBlIjoicG9wIiwiaWR6b25lIjpudWxsLCJhZF90YWdzIjoiIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiI...
https://rtbbnr.com/banner/in/show/?mid=197363218&pid=0&site=11878&sc=DE&usage_type=DCH&subid=513663018&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=&crtid=d41d8cd98f00b204e9800998ecf8...
https://tcimp.zog.link/in/banners?katds_ep=Gh6BbgK5QWkaA9SO2Hn5KTFGCh5kb3SNQizI7T4YEWmDV5pP1MzKdAt0k7-H69rRaJc3wuz-EllEYLgs1HrYmGFjWSoKCQLN0UP9CYbeIri1pUr2Kthbfuzg5iPYEwMPx_BzstEk5llWSVpQN7ZDcblWOT...
https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.048000&katds_labels=&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14&ts=1647775476
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%2...

8 KB
4 KB

104ms
58ms

Document
text/html

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.3318&oid=1600413&sp=0.048000&spp=1000&se=impression&vi=9ihCdzcvlec&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1647775476&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a18a01b6fe6a3f21ee4be3470c26872335957bafa5110f1190e26f4f80940e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/

Response headers

date: Sun, 20 Mar 2022 11:24:37 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BB0rFMfL%2Fgx9HiLAwgIntX5DVch4bNgKDf3dOcO8s1ah3c22RKZ3eL%2B2ZgyLuEGjm37zkiLa2V%2F%2FmZ0O3nyRGiw8EKhjQQkyb7sMcufkWfjjzqSfxhPcPlJ6XJ3WdNBeToTfvCVb7NGTg4I%2FzcAPt7t3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6eee151b4a7b59bf-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx/1.17.2
date: Sun, 20 Mar 2022 11:24:36 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.3318&oid=1600413&sp=0.048000&spp=1000&se=impression&vi=9ihCdzcvlec&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1647775476&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 banner.css
js.octopuspop.com/css/ 2 KB
1 KB 15ms
15ms Stylesheet
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://js.octopuspop.com/css/banner.css
Requested by: Host: js.octopuspop.com
URL: https://js.octopuspop.com/pu-jq.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: bff793701e9f2531613716f16f18e148a3c271f53347b26e92bbed137ac7de99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:37 GMT
content-encoding: br
cdn-edgestorageid: 879
x-amz-request-id: C09WS2R7HZARYV36
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/10/2022 13:34:33
cdn-pullzone: 96923
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: kItaO79ze6aKaHQHr+Wuk92yMw3bR+8y9RW0xPV/gM+cn9lQGxJ62fdfPP1mJ5Smxzb1D1rUJfI=
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Tue, 15 Sep 2020 07:57:56 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"b3791490c67b05779233bd5711485e56"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
cdn-uid: 992570b6-4484-4f25-abcf-0615ee0f47cb
cache-control: public, max-age=2592000
cdn-requestid: 726484616cc69175068ce6b42ea83b44
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 104694.jpg
static.octopus.tokyo/35445/ 67 KB
68 KB 64ms
19ms Image
image/jpeg 2606:4700::6812:1b68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.octopus.tokyo/35445/104694.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1b68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7c5ad2aafe85f1d8c3b2a8b0e59aa343b7fcbac180797f8fb0cacd9e9d16f20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:37 GMT
cf-cache-status: HIT
age: 208629
cf-ray: 6eee151bb9f801e3-ZRH
last-modified: Fri, 25 Feb 2022 09:52:19 GMT
content-length: 68862
x-amz-id-2: 1zfHdlZtYMziAWr7uggqDDcmcTsfIlXS8aAaEMPSQlbdWPHFwf5+Y1aksx6dK8P9uSriF25mVY4=
cf-bgj: h2pri
server: cloudflare
etag: "b63aec83ef1657a9f44b0ee63b3e8ec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: M09NFBKEYKT082QM
cache-control: public, max-age=2678400
x-amz-version-id: BrxAecBAVM5Wumu7qxM9EAlJQg6Vd.AG
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 20 Apr 2022 11:24:37 GMT

GET
H/1.1 200
OK /
ap.octopuspop.com/view/ 43 B
891 B 247ms
247ms Image
image/gif 13.114.113.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.octopuspop.com/view/?_spot=41983&_ad=35445&_article=104694&_beacon=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.114.113.27 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-113-27.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.twidouga.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Mar 2022 11:24:37 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Cookie, Content-Type, Origin, User-Agent, Cache-Control, Keep-Alive, X-Requested-With, Accept, Accept-Encoding, Accept-Language, Connection, Content-Length, Host, Referer, Pragma
Content-Length: 43
Access-Control-Allow-Method: GET, POST, OPTIONS

GET
H2 200 ff159683dbce452dbc41714cc48a496d4bb58468-b.js Show response
stream.bantgoau.com/files/ytls/ Frame D050 2 MB
655 KB 40ms
40ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.3318&oid=1600413&sp=0.048000&spp=1000&se=impression&vi=9ihCdzcvlec&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1647775476&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.3318&oid=1600413&sp=0.048000&spp=1000&se=impression&vi=9ihCdzcvlec&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1647775476&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Feb 2022 13:23:05 GMT
server: cloudflare
age: 1508
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpsGmSZ%2B%2BU%2F9o8xJXCdjTWRvlX6%2FfD1AfqQzkTXbHojZwLVcMennHzjALJfvh65OyxBvtylHmgKSQBpd%2FLgRSjiFiSCtc7EgIYVdV01UAXD9Ctc5AbqFd9Nk4sB83E3GQio4pX7Csog2zMaox2TcLw6D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6eee151bbbb059bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
lh3.googleusercontent.com/ Frame D050 39 KB
39 KB 30ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.3318&oid=1600413&sp=0.048000&spp=1000&se=impression&vi=9ihCdzcvlec&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1647775476&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 09:22:41 GMT
x-content-type-options: nosniff
age: 7316
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39552
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 21 Mar 2022 05:22:33 GMT

GET
H2 200 / Show response
vs.bantgoau.com/sts/ Frame D050 2 B
229 B 54ms
15ms XHR
application/json 2a02:128:7:4860::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.3318&oid=1600413&sp=0.048000&spp=1000&se=impression&vi=9ihCdzcvlec&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1647775476&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14&type=impression&g_referer=https://www.twidouga.net
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4860::2 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Mar 2022 11:24:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
content-type: application/json

GET
H3 200 ff159683dbce452dbc41714cc48a496d4bb58468-v.js Show response
stream.bantgoau.com/files/ytls/ Frame 8BD1 151 KB
57 KB 46ms
46ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.3318&oid=1600413&sp=0.048000&spp=1000&se=impression&vi=9ihCdzcvlec&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1647775476&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Feb 2022 13:22:57 GMT
server: cloudflare
age: 1212
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oTikAbGycmDQx0kxOxYHMQieN0ptxznM4zjxezzdRgPCtAfI6PHfxHEFhNXhLdGG%2BCi1ehPp29NG9VFaCwat%2B325rOQNWLOjKV3lWkQYf58a5VtYrT4BJfNULC2D1qT7euSW3tHEVkvkGDrD2AfrqvA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6eee1520080c83a0-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 opt_mini.png
js.octopuspop.com/image/ 1 KB
2 KB 19ms
18ms Image
image/png 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js.octopuspop.com/image/opt_mini.png
Requested by: Host: js.octopuspop.com
URL: https://js.octopuspop.com/css/banner.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 49dbe5def4f22a2260cb0533b488e2ba02cc540385d150dea60118e110b076b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.octopuspop.com/css/banner.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:37 GMT
cdn-edgestorageid: 883
x-amz-request-id: C09TZ1SXJ87P92ZX
cdn-cachedat: 03/10/2022 13:34:34
cdn-pullzone: 96923
content-length: 1451
x-amz-id-2: u67KUDrQdVNTNgzT5r1Jh/bxiLC7kv+mpmXVltA7gikibvx4HR/JnruxCQeS2cY3v2AQ6jh1W8M=
server: BunnyCDN-AMS1-879
last-modified: Tue, 15 Sep 2020 07:54:15 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "5ac5394b6ca5010b9ebcce9846ddd037"
content-type: image/png
cdn-cache: HIT
cdn-uid: 992570b6-4484-4f25-abcf-0615ee0f47cb
cache-control: public, max-age=2592000
cdn-requestid: 64be05e74b87f46ba3e707a7f4c8f969
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 url Show response
www.google.com/ Frame DEEA 603 B
1 KB 59ms
36ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/9ihCdzcvlec%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Requested by

Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

238b6969605c829cdac0493e5fb04b426e4d95eb24ddfac4457b237bec787ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/

Response headers

location: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
bfcache-opt-in: unload
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Sun, 20 Mar 2022 11:24:38 GMT
server: gws
content-length: 603
x-xss-protection: 0
expires: Sun, 20 Mar 2022 11:24:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 9ihCdzcvlec Show response
www.youtube.com/embed/ Frame DEEA 61 KB
27 KB 82ms
59ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Requested by

Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/9ihCdzcvlec%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18498ab7f85ab89d58d1de20cd27690cb571258b0b9b1847afad408da4805800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Mar 2022 11:24:38 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-player.css
www.youtube.com/s/player/577098c0/ Frame DEEA 338 KB
46 KB 25ms
10ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47168
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:25:07 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/577098c0/www-embed-player.vflset/ Frame DEEA 280 KB
86 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cf91facad0c607b6df34456a7e72d02a93126bf216d85ebc02c7ac2ba917627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88175
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:25:07 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/ Frame DEEA 2 MB
524 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6117cce9a5c9be508a185bf3a3d87b342defac6f4847e589290d6cc26095582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 536820
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:25:53 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/577098c0/fetch-polyfill.vflset/ Frame DEEA 9 KB
3 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:25:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DEEA 15 KB
16 KB 31ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 432393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame DEEA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

30ms
15ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3247e326269073d422dc779f486a029ee3adb4542909f87a5e88b07065fab54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 20 Mar 2022 11:24:38 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DEEA 29 B
587 B 30ms
7ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:23:13 GMT
x-content-type-options: nosniff
age: 85
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Mar 2022 11:38:13 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 44ms
15ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 20 Mar 2022 11:24:38 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DEEA 45 KB
22 KB 38ms
22ms XHR
application/json+protobuf 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c5a18c4c14f163bf678ba5e85a476fed1d81c8b2aebfa3e6271c14ea68326e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 20 Mar 2022 11:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22622
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame DEEA 43 KB
18 KB 85ms
85ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ff1783512f35ef0d322291dc252e665ab6d16e4b06a6f1f392d7d989602f5dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220316.01.00
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Goog-Visitor-Id: CgtvRnNoUWlJUktaZyj2ndyRBg%3D%3D
Content-Type: application/json

Response headers

date: Sun, 20 Mar 2022 11:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18572
x-xss-protection: 0
expires: Sun, 20 Mar 2022 11:24:38 GMT

GET
H3 200 MKcwde2W9EpBjeUz-X8Qp_8IcWz9bCTkaBfeh4Am-J4.js Show response
www.google.com/js/th/ Frame DEEA 36 KB
14 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/MKcwde2W9EpBjeUz-X8Qp_8IcWz9bCTkaBfeh4Am-J4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a73075ed96f44a418de533f97f10a7ff08716cfd6c24e46817de878026f89e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 234939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13897
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 12:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 18:08:59 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/ Frame DEEA 27 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6088be74a556ff4b78944a782ec9ca019491945dc9b64d38a6122fea50acf335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8122
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:26:01 GMT

GET
DATA 200
OK truncated
/ Frame DEEA 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sHKeOOhJ2FASECoKCvmZGF_eMcOXfoy2xiHW7qjsWSTXh73obsTdWjgyJYG5FfUafpdIDACNVg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame DEEA 6 KB
6 KB 30ms
8ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/sHKeOOhJ2FASECoKCvmZGF_eMcOXfoy2xiHW7qjsWSTXh73obsTdWjgyJYG5FfUafpdIDACNVg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

46e89f81e6b87f3fb1aeb437a1152de28a3efc09bc3cd0263d9613639192b5f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 10:18:56 GMT
x-content-type-options: nosniff
age: 3942
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6080
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 21 Mar 2022 02:18:53 GMT

GET
DATA 200
OK truncated
/ Frame DEEA 181 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame DEEA 0
19 B 15ms
15ms Ping
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&afmt=140&cpn=VFqZCcMCZ0OhuDVH&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24168749%2C24169726%2C24180015%2C24180220%2C24182568&cl=435176501&live=live&seq=1&docid=9ihCdzcvlec&ei=9g43YtavMMyD8gPBoKDAAw&event=streamingstats&plid=AAXapKAVs4rm1KVq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&cbr=Chrome&cbrver=99.0.4844.51&c=WEB_EMBEDDED_PLAYER&cver=1.20220316.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.007:B,0.103:S,0.108:S,0.108:S&cmt=0.007:0.000,0.103:0.000,0.108:0.000&afs=0.108:140::i&vfs=0.108:243:243::r&view=0.108:1:1&bwe=0.108:130000&bat=0.108:1:1&vis=0.108:0&bh=0.108:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 20 Mar 2022 11:24:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/ Frame DEEA 119 KB
37 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d69c9b4e079942d62c4588b87d1193c0fadd8b6018ca1760eccbe0255cc953eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37891
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:25:53 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/ Frame DEEA 26 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7411de17d9439212c91771dd317712b2e778226671afa62a04ee0f181d719ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:27:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7250
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:27:15 GMT

GET
H3 200 heartbeat.js Show response
www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/ Frame DEEA 26 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/heartbeat.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a657854aa9e2c4ee2586eec5a97695610f82034975093f96822d0c4a81dbd4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 240704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9163
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:32:54 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame DEEA 29 KB
5 KB 261ms
260ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ff1f2a2341ed0d3d086a681407b413d93a00470c6530bd3b41fae80c4653699e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20220316.01.00
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
X-Goog-Visitor-Id: CgtvRnNoUWlJUktaZyj2ndyRBg%3D%3D
Content-Type: application/json

Response headers

date: Sun, 20 Mar 2022 11:24:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5053
x-xss-protection: 0
expires: Sun, 20 Mar 2022 11:24:39 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame DEEA 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?mnwWMg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DEEA 4 KB
3 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Mar 2022 11:24:39 GMT

GET
H/1.1 200
OK videoplayback Show response
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 146 KB
147 KB 469ms
330ms XHR
video/webm 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647797078&ei=9g43YtavMMyD8gPBoKDAAw&ip=2001%3Aac8%3A20%3A303%3A%3A203e&id=9ihCdzcvlec.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=oj&mm=44%2C29&mn=sn-4g5edndz%2Csn-4g5e6nsz&ms=lva%2Crdu&mv=m&mvi=1&pl=54&initcwndbps=581250&spc=4ocVC1PDsNZOLxh9-RDie-FY6k8z&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=ZetoIjWvlF1yG_-U0q_uSTAG&gir=yes&mt=1647775468&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=vs1TiYtqxzPPKA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhAPASneZFfljlj1VbfDejdNaUoWn8QKVXGnTVljJXN0BxAiEAnrawDvxgQqWi6Q7rrCLdZ0P3tN3WngxBVAOpjxXBe8U%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKaLR-ogBEhbicHOU2TX5v7eMKIXOOQEo1kfS_SLfMCHAiBltTqJh4IG-zooNWOti_eIurVYwPhCdqSWxZilKnUh2g%3D%3D&alr=yes&cpn=VFqZCcMCZ0OhuDVH&cver=1.20220316.01.00&headm=3&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8efbc8b98ca7393333685c64bc528fde06e0e3cd0bf977c04856d7d57f45fe42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Sequence-Num: 814
Date: Sun, 20 Mar 2022 11:24:39 GMT
X-Content-Type-Options: nosniff
X-Segment-Lmt: 1647773849322136
X-Bandwidth-Est: 3085305
X-Bandwidth-App-Limited: false
Cross-Origin-Resource-Policy: cross-origin
X-Bandwidth-Est2: 1007506
Connection: keep-alive
X-Walltime-Ms: 1647775479468
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 149051
X-Bandwidth-Est3: 1817304
Pragma: no-cache
X-Bandwidth-Est-Comp: 1007506
Last-Modified: Sun, 20 Mar 2022 10:57:29 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
X-Head-Time-Sec: 1633
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Head-Seqnum: 817
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Head-Time-Millis: 1633333
X-Bandwidth-Est-App-Limited: false
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 41 KB
43 KB 443ms
304ms XHR
audio/mp4 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647797078&ei=9g43YtavMMyD8gPBoKDAAw&ip=2001%3Aac8%3A20%3A303%3A%3A203e&id=9ihCdzcvlec.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=oj&mm=44%2C29&mn=sn-4g5edndz%2Csn-4g5e6nsz&ms=lva%2Crdu&mv=m&mvi=1&pl=54&initcwndbps=581250&spc=4ocVC1PDsNZOLxh9-RDie-FY6k8z&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ZetoIjWvlF1yG_-U0q_uSTAG&gir=yes&mt=1647775468&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=vs1TiYtqxzPPKA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAMGq1wVQCDtqlhOd02tPVJRTu7QBLuRWhqVAMVTkcdWTAiAUYzFMAsdy_rhx0jrL9nMm3GKtIXcxDyFwcDfKY5KQcg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKaLR-ogBEhbicHOU2TX5v7eMKIXOOQEo1kfS_SLfMCHAiBltTqJh4IG-zooNWOti_eIurVYwPhCdqSWxZilKnUh2g%3D%3D&alr=yes&cpn=VFqZCcMCZ0OhuDVH&cver=1.20220316.01.00&headm=3&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3e35d1d76096df66db736a677890a77b6c9e532f3488d8f377b49e378f73a154

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-Sequence-Num: 814
Date: Sun, 20 Mar 2022 11:24:39 GMT
X-Content-Type-Options: nosniff
X-Segment-Lmt: 1647773849322127
X-Bandwidth-Est: 3064434
X-Bandwidth-App-Limited: false
Cross-Origin-Resource-Policy: cross-origin
X-Bandwidth-Est2: 1001824
Connection: keep-alive
X-Walltime-Ms: 1647775479432
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 42352
X-Bandwidth-Est3: 1218493
Pragma: no-cache
X-Bandwidth-Est-Comp: 1001824
Last-Modified: Sun, 20 Mar 2022 10:57:29 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/mp4
Access-Control-Allow-Origin: https://www.youtube.com
X-Head-Time-Sec: 1633
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Head-Seqnum: 817
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Head-Time-Millis: 1633333
X-Bandwidth-Est-App-Limited: false
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DEEA 98 B
142 B 19ms
19ms XHR
application/json+protobuf 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28b5fd315e50b9b7e8f51fba8604988b215480a34904697f594015950bf7d181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 20 Mar 2022 11:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
16ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Origin: https://www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.youtube.com
vary: origin referer x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 20 Mar 2022 11:24:39 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/99/ Frame DEEA 53 KB
15 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/99/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 06:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15479
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 16:05:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 21 Mar 2022 06:40:56 GMT

GET
H3 200 videoplayback Show response
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 151 KB
151 KB 18ms
8ms XHR
video/webm 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

debc8888fe279a13e621077ad4cc78d3a8d48bef76414afafaf1d80337c51dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-sequence-num: 815
date: Sun, 20 Mar 2022 11:24:39 GMT
x-content-type-options: nosniff
x-segment-lmt: 1647773849322154
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 814952
x-walltime-ms: 1647775479557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154557
x-bandwidth-est3: 1817304
x-bandwidth-est-comp: 814952
client-protocol: quic
last-modified: Sun, 20 Mar 2022 10:57:29 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 1633
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
x-head-seqnum: 817
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 1633333
x-bandwidth-est-app-limited: false
expires: Sun, 20 Mar 2022 11:24:39 GMT

GET
H3 200 videoplayback Show response
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 144 KB
144 KB 40ms
33ms XHR
video/webm 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

99b8eb0f1e06eb14188cf438ce41531bb22012b46e8741e40a4b03f1c25f485d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-sequence-num: 816
date: Sun, 20 Mar 2022 11:24:39 GMT
x-content-type-options: nosniff
x-segment-lmt: 1647773849322168
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 814952
x-walltime-ms: 1647775479557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147844
x-bandwidth-est3: 1817304
x-bandwidth-est-comp: 814952
client-protocol: quic
last-modified: Sun, 20 Mar 2022 10:57:29 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 1633
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
x-head-seqnum: 817
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 1633333
x-bandwidth-est-app-limited: false
expires: Sun, 20 Mar 2022 11:24:39 GMT

GET
H3 200 videoplayback Show response
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 41 KB
41 KB 30ms
23ms XHR
audio/mp4 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647797078&ei=9g43YtavMMyD8gPBoKDAAw&ip=2001%3Aac8%3A20%3A303%3A%3A203e&id=9ihCdzcvlec.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=oj&mm=44%2C29&mn=sn-4g5edndz%2Csn-4g5e6nsz&ms=lva%2Crdu&mv=m&mvi=1&pl=54&initcwndbps=581250&spc=4ocVC1PDsNZOLxh9-RDie-FY6k8z&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ZetoIjWvlF1yG_-U0q_uSTAG&gir=yes&mt=1647775468&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=vs1TiYtqxzPPKA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAMGq1wVQCDtqlhOd02tPVJRTu7QBLuRWhqVAMVTkcdWTAiAUYzFMAsdy_rhx0jrL9nMm3GKtIXcxDyFwcDfKY5KQcg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKaLR-ogBEhbicHOU2TX5v7eMKIXOOQEo1kfS_SLfMCHAiBltTqJh4IG-zooNWOti_eIurVYwPhCdqSWxZilKnUh2g%3D%3D&alr=yes&cpn=VFqZCcMCZ0OhuDVH&cver=1.20220316.01.00&sq=815&rn=5&rbuf=1897&pot=GpsBCm4REfajs98yltaULbdm2MsHwICGfsX1tpGr4fjKzCTB_Yx-rzXA5m-mTYPm2xD1_-vZM86aAj1RcjxnhpiOHSswHmN-6gT2ZSkpb1Rj95u4SV6gMx-TRPN2Zww4f-F4hovmPN8Ejy3R5E46VvMvoBIpATwYQQ4gnhYo9r1rqz0dbVOlPcxBo1nMGyvPO4G4dVRnVF0rnX58A8w=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ed98dd4032f4f73935e97b88d42f3cedb72af7b2107614bbf7170b42a6a30933

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-sequence-num: 815
date: Sun, 20 Mar 2022 11:24:39 GMT
x-content-type-options: nosniff
x-segment-lmt: 1647773849322141
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 814952
x-walltime-ms: 1647775479557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42349
x-bandwidth-est3: 1218493
x-bandwidth-est-comp: 814952
client-protocol: quic
last-modified: Sun, 20 Mar 2022 10:57:29 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 1633
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
x-head-seqnum: 817
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 1633333
x-bandwidth-est-app-limited: false
expires: Sun, 20 Mar 2022 11:24:39 GMT

GET
H3 200 videoplayback Show response
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 41 KB
41 KB 19ms
13ms XHR
audio/mp4 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647797078&ei=9g43YtavMMyD8gPBoKDAAw&ip=2001%3Aac8%3A20%3A303%3A%3A203e&id=9ihCdzcvlec.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=oj&mm=44%2C29&mn=sn-4g5edndz%2Csn-4g5e6nsz&ms=lva%2Crdu&mv=m&mvi=1&pl=54&initcwndbps=581250&spc=4ocVC1PDsNZOLxh9-RDie-FY6k8z&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ZetoIjWvlF1yG_-U0q_uSTAG&gir=yes&mt=1647775468&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=vs1TiYtqxzPPKA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAMGq1wVQCDtqlhOd02tPVJRTu7QBLuRWhqVAMVTkcdWTAiAUYzFMAsdy_rhx0jrL9nMm3GKtIXcxDyFwcDfKY5KQcg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKaLR-ogBEhbicHOU2TX5v7eMKIXOOQEo1kfS_SLfMCHAiBltTqJh4IG-zooNWOti_eIurVYwPhCdqSWxZilKnUh2g%3D%3D&alr=yes&cpn=VFqZCcMCZ0OhuDVH&cver=1.20220316.01.00&sq=816&rn=6&rbuf=3897&pot=GpsBCm4REfajs98yltaULbdm2MsHwICGfsX1tpGr4fjKzCTB_Yx-rzXA5m-mTYPm2xD1_-vZM86aAj1RcjxnhpiOHSswHmN-6gT2ZSkpb1Rj95u4SV6gMx-TRPN2Zww4f-F4hovmPN8Ejy3R5E46VvMvoBIpATwYQQ4gnhYo9r1rqz0dbVOlPcxBo1nMGyvPO4G4dVRnVF0rnX58A8w=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9625950c70abffafa946536a6a8f553a549e3b3630455b862b1ebbda47cee883

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-sequence-num: 816
date: Sun, 20 Mar 2022 11:24:39 GMT
x-content-type-options: nosniff
x-segment-lmt: 1647773849322155
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 814952
x-walltime-ms: 1647775479557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42081
x-bandwidth-est3: 1218493
x-bandwidth-est-comp: 814952
client-protocol: quic
last-modified: Sun, 20 Mar 2022 10:57:29 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 1633
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
x-head-seqnum: 817
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 1633333
x-bandwidth-est-app-limited: false
expires: Sun, 20 Mar 2022 11:24:39 GMT

GET
H3 204 playback
www.youtube.com/api/stats/ Frame DEEA 0
17 B 16ms
15ms Image
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=VFqZCcMCZ0OhuDVH&ver=2&cmt=1627.492&fmt=243&fs=0&rt=0.876&euri=https%3A%2F%2Fwww.google.com%2F&lact=903&live=live&cl=435176501&mos=1&volume=100&cbr=Chrome&cbrver=99.0.4844.51&c=WEB_EMBEDDED_PLAYER&cver=1.20220316.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=EMBEDDED_PLAYER_MODE_DEFAULT&delay=5&hl=de_DE&cr=DE&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24168749%2C24169726%2C24180015%2C24180220%2C24182568&rtn=10&afmt=140&lio=1647773844.788&size=1%3A1&inview=0&muted=1&docid=9ihCdzcvlec&ei=9g43YtavMMyD8gPBoKDAAw&plid=AAXapKAVs4rm1KVq&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdDNHhhQzl6eXEzbVZlVHpQSkRKYkdWYzJXdHZOUU84bWlNc1hGQ1BibkpNQWJQQVBta0tES0lDTnNRdS1HdjJNZXZMeDZxR1otS0p3SmZqekhvem9lMTBFTHAzcVJnTnluYnhOc29qbXVEWGMzb0ZaeThnR2ZWSXBnNXJ0NkM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Mar 2022 11:24:39 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking
www.youtube.com/ Frame DEEA 0
19 B 15ms
15ms Image
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=9ihCdzcvlec&cpn=VFqZCcMCZ0OhuDVH&ei=9g43YtavMMyD8gPBoKDAAw&ptk=youtube_none&pltype=contentugclive

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Mar 2022 11:24:39 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 208 KB
208 KB 18ms
17ms XHR
video/webm 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

55798fcf28552826447c4a9a3399a5a300a8b0d149ccd0265607d5324ba50b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-sequence-num: 817
date: Sun, 20 Mar 2022 11:24:39 GMT
x-content-type-options: nosniff
x-segment-lmt: 1647773849322182
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 3035064
x-walltime-ms: 1647775479730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 3035064
expires: Sun, 20 Mar 2022 11:24:39 GMT
last-modified: Sun, 20 Mar 2022 10:57:29 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 1633
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
x-bandwidth-est3: 1817304
x-head-seqnum: 817
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 1633333
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H3 200 videoplayback
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 111 KB
0 1372ms
1371ms XHR
video/webm 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-sequence-num: 818
date: Sun, 20 Mar 2022 11:24:41 GMT
x-content-type-options: nosniff
x-segment-lmt: 1647773849322195
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 3035064
x-walltime-ms: 1647775481092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 3035064
expires: Sun, 20 Mar 2022 11:24:41 GMT
last-modified: Sun, 20 Mar 2022 10:57:29 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 1635
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
x-bandwidth-est3: 1817304
x-head-seqnum: 818
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 1635333
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H3 200 videoplayback Show response
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 42 KB
42 KB 24ms
23ms XHR
audio/mp4 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647797078&ei=9g43YtavMMyD8gPBoKDAAw&ip=2001%3Aac8%3A20%3A303%3A%3A203e&id=9ihCdzcvlec.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=oj&mm=44%2C29&mn=sn-4g5edndz%2Csn-4g5e6nsz&ms=lva%2Crdu&mv=m&mvi=1&pl=54&initcwndbps=581250&spc=4ocVC1PDsNZOLxh9-RDie-FY6k8z&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ZetoIjWvlF1yG_-U0q_uSTAG&gir=yes&mt=1647775468&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=vs1TiYtqxzPPKA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAMGq1wVQCDtqlhOd02tPVJRTu7QBLuRWhqVAMVTkcdWTAiAUYzFMAsdy_rhx0jrL9nMm3GKtIXcxDyFwcDfKY5KQcg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKaLR-ogBEhbicHOU2TX5v7eMKIXOOQEo1kfS_SLfMCHAiBltTqJh4IG-zooNWOti_eIurVYwPhCdqSWxZilKnUh2g%3D%3D&alr=yes&cpn=VFqZCcMCZ0OhuDVH&cver=1.20220316.01.00&sq=817&rn=9&rbuf=5778&pot=GpsBCm4REfajs98yltaULbdm2MsHwICGfsX1tpGr4fjKzCTB_Yx-rzXA5m-mTYPm2xD1_-vZM86aAj1RcjxnhpiOHSswHmN-6gT2ZSkpb1Rj95u4SV6gMx-TRPN2Zww4f-F4hovmPN8Ejy3R5E46VvMvoBIpATwYQQ4gnhYo9r1rqz0dbVOlPcxBo1nMGyvPO4G4dVRnVF0rnX58A8w=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b51ca16495cd0adcbbf720fc93b7ce210a797215c7da011b9a900f5a3be56d92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-sequence-num: 817
date: Sun, 20 Mar 2022 11:24:39 GMT
x-content-type-options: nosniff
x-segment-lmt: 1647773849322169
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 3035064
x-walltime-ms: 1647775479736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 3035064
expires: Sun, 20 Mar 2022 11:24:39 GMT
last-modified: Sun, 20 Mar 2022 10:57:29 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 1633
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
x-bandwidth-est3: 1218493
x-head-seqnum: 817
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 1633333
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H3 200 videoplayback Show response
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 41 KB
41 KB 1087ms
1087ms XHR
audio/mp4 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647797078&ei=9g43YtavMMyD8gPBoKDAAw&ip=2001%3Aac8%3A20%3A303%3A%3A203e&id=9ihCdzcvlec.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=oj&mm=44%2C29&mn=sn-4g5edndz%2Csn-4g5e6nsz&ms=lva%2Crdu&mv=m&mvi=1&pl=54&initcwndbps=581250&spc=4ocVC1PDsNZOLxh9-RDie-FY6k8z&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ZetoIjWvlF1yG_-U0q_uSTAG&gir=yes&mt=1647775468&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=vs1TiYtqxzPPKA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAMGq1wVQCDtqlhOd02tPVJRTu7QBLuRWhqVAMVTkcdWTAiAUYzFMAsdy_rhx0jrL9nMm3GKtIXcxDyFwcDfKY5KQcg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKaLR-ogBEhbicHOU2TX5v7eMKIXOOQEo1kfS_SLfMCHAiBltTqJh4IG-zooNWOti_eIurVYwPhCdqSWxZilKnUh2g%3D%3D&alr=yes&cpn=VFqZCcMCZ0OhuDVH&cver=1.20220316.01.00&sq=818&rn=10&rbuf=7778&pot=GpsBCm4REfajs98yltaULbdm2MsHwICGfsX1tpGr4fjKzCTB_Yx-rzXA5m-mTYPm2xD1_-vZM86aAj1RcjxnhpiOHSswHmN-6gT2ZSkpb1Rj95u4SV6gMx-TRPN2Zww4f-F4hovmPN8Ejy3R5E46VvMvoBIpATwYQQ4gnhYo9r1rqz0dbVOlPcxBo1nMGyvPO4G4dVRnVF0rnX58A8w=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f77c27bbf31b4628da5e58e821b1bd368144b40c1d443e364ba620e3a9e4c49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-sequence-num: 818
date: Sun, 20 Mar 2022 11:24:40 GMT
x-content-type-options: nosniff
x-segment-lmt: 1647773849322183
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 3035064
x-walltime-ms: 1647775480810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 3035064
expires: Sun, 20 Mar 2022 11:24:40 GMT
last-modified: Sun, 20 Mar 2022 10:57:29 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 1635
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
x-bandwidth-est3: 1218493
x-head-seqnum: 818
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 1635333
x-bandwidth-est-app-limited: false
client-protocol: quic

GET
H2 200 / Show response
vs.bantgoau.com/sts/ Frame 8BD1 2 B
228 B 17ms
17ms XHR
application/json 2a02:128:7:4860::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F9ihCdzcvlec%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60818&p=0.3318&oid=1600413&sp=0.048000&spp=1000&se=impression&vi=9ihCdzcvlec&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1647775476&utm1=tcb&utm2=871096731-1&utm3=195-21720-0&utm4=0-10274290-14&type=view&g_referer=https://www.twidouga.net
Requested by: Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/ff159683dbce452dbc41714cc48a496d4bb58468-v.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4860::2 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://stream.bantgoau.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Mar 2022 11:24:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 2
content-type: application/json

POST
H3 200 heartbeat Show response
www.youtube.com/youtubei/v1/player/ Frame DEEA 3 KB
780 B 27ms
27ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player/heartbeat?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

9818b1424bc3f0486e91db8dcf5c595729a0cd821f4d96717dd55381e7a21b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-YouTube-Client-Version: 1.20220316.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtvRnNoUWlJUktaZyj2ndyRBg%3D%3D
X-YouTube-Ad-Signals: dt=1647775478710&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1%2C1&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 20 Mar 2022 11:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 756
x-xss-protection: 0
expires: Sun, 20 Mar 2022 11:24:40 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DEEA 28 B
54 B 24ms
24ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/9ihCdzcvlec?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-YouTube-Client-Version: 1.20220316.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtvRnNoUWlJUktaZyj2ndyRBg%3D%3D
X-YouTube-Ad-Signals: dt=1647775478653&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1%2C1&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 20 Mar 2022 11:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 20 Mar 2022 11:24:40 GMT

GET videoplayback
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 0
0

GET
H3 200 videoplayback
rr1---sn-4g5edndz.googlevideo.com/ Frame DEEA 5 KB
0 1567ms
1567ms XHR
audio/mp4 2a00:1450:4001:1a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647797078&ei=9g43YtavMMyD8gPBoKDAAw&ip=2001%3Aac8%3A20%3A303%3A%3A203e&id=9ihCdzcvlec.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=oj&mm=44%2C29&mn=sn-4g5edndz%2Csn-4g5e6nsz&ms=lva%2Crdu&mv=m&mvi=1&pl=54&initcwndbps=581250&spc=4ocVC1PDsNZOLxh9-RDie-FY6k8z&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=ZetoIjWvlF1yG_-U0q_uSTAG&gir=yes&mt=1647775468&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=vs1TiYtqxzPPKA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAMGq1wVQCDtqlhOd02tPVJRTu7QBLuRWhqVAMVTkcdWTAiAUYzFMAsdy_rhx0jrL9nMm3GKtIXcxDyFwcDfKY5KQcg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKaLR-ogBEhbicHOU2TX5v7eMKIXOOQEo1kfS_SLfMCHAiBltTqJh4IG-zooNWOti_eIurVYwPhCdqSWxZilKnUh2g%3D%3D&alr=yes&cpn=VFqZCcMCZ0OhuDVH&cver=1.20220316.01.00&sq=819&rn=12&rbuf=8398&pot=GpsBCm4REfajs98yltaULbdm2MsHwICGfsX1tpGr4fjKzCTB_Yx-rzXA5m-mTYPm2xD1_-vZM86aAj1RcjxnhpiOHSswHmN-6gT2ZSkpb1Rj95u4SV6gMx-TRPN2Zww4f-F4hovmPN8Ejy3R5E46VvMvoBIpATwYQQ4gnhYo9r1rqz0dbVOlPcxBo1nMGyvPO4G4dVRnVF0rnX58A8w=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-sequence-num: 819
date: Sun, 20 Mar 2022 11:24:42 GMT
x-content-type-options: nosniff
x-segment-lmt: 1647773849322197
x-bandwidth-app-limited: false
cross-origin-resource-policy: cross-origin
x-bandwidth-est2: 2709251
x-walltime-ms: 1647775482771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-bandwidth-est-comp: 2709251
expires: Sun, 20 Mar 2022 11:24:42 GMT
last-modified: Sun, 20 Mar 2022 10:57:29 GMT
server: gvs 1.0
vary: Origin
content-type: audio/mp4
access-control-allow-origin: https://www.youtube.com
x-head-time-sec: 1637
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21296
x-bandwidth-est3: 1218493
x-head-seqnum: 819
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
x-head-time-millis: 1637333
x-bandwidth-est-app-limited: false
client-protocol: quic

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=906135

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=906869

Domain: rr1---sn-4g5edndz.googlevideo.com
URL: https://rr1---sn-4g5edndz.googlevideo.com/videoplayback?expire=1647797078&ei=9g43YtavMMyD8gPBoKDAAw&ip=2001%3Aac8%3A20%3A303%3A%3A203e&id=9ihCdzcvlec.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=oj&mm=44%2C29&mn=sn-4g5edndz%2Csn-4g5e6nsz&ms=lva%2Crdu&mv=m&mvi=1&pl=54&initcwndbps=581250&spc=4ocVC1PDsNZOLxh9-RDie-FY6k8z&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=ZetoIjWvlF1yG_-U0q_uSTAG&gir=yes&mt=1647775468&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=vs1TiYtqxzPPKA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhAPASneZFfljlj1VbfDejdNaUoWn8QKVXGnTVljJXN0BxAiEAnrawDvxgQqWi6Q7rrCLdZ0P3tN3WngxBVAOpjxXBe8U%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKaLR-ogBEhbicHOU2TX5v7eMKIXOOQEo1kfS_SLfMCHAiBltTqJh4IG-zooNWOti_eIurVYwPhCdqSWxZilKnUh2g%3D%3D&alr=yes&cpn=VFqZCcMCZ0OhuDVH&cver=1.20220316.01.00&sq=819&rn=11&rbuf=8372&pot=GpsBCm4REfajs98yltaULbdm2MsHwICGfsX1tpGr4fjKzCTB_Yx-rzXA5m-mTYPm2xD1_-vZM86aAj1RcjxnhpiOHSswHmN-6gT2ZSkpb1Rj95u4SV6gMx-TRPN2Zww4f-F4hovmPN8Ejy3R5E46VvMvoBIpATwYQQ4gnhYo9r1rqz0dbVOlPcxBo1nMGyvPO4G4dVRnVF0rnX58A8w=

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.twidouga.net/	1970-01-20 02:26:07	Name: _rce Value: DE
.www.twidouga.net/	1970-01-20 02:26:07	Name: _im_vid Value: 01FYKH4R9XMGYN26VX4PDGQNJ8
.www.twidouga.net/	1970-01-20 03:52:31	Name: _im_uid.3929 Value: h.90314a0e2df484e6
.gssprt.jp/	1970-01-21 03:59:43	Name: gid Value: fbe1ccc629a41e202e2a0f2d4d644375
.gssprt.jp/	1970-01-20 02:26:07	Name: lamp Value: fbe1ccc629a41e202e2a0f2d4d644375
.gsspat.jp/	1970-01-21 03:59:43	Name: gid Value: fbe1ccc629a41e202e2a0f2d4d644375
tcimp.zog.link/	1970-01-20 01:44:21	Name: 750.0 Value: 1
tb.baimgfroggd.site/	1970-01-20 01:44:21	Name: 1816.1600413 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: qwO08h_FzH4
.youtube.com/	1970-01-20 06:02:07	Name: VISITOR_INFO1_LIVE Value: oFshQiIRKZg

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pbs.twimg.com/ext_tw_video_thumb/1433387728054353924/pu/img/_Elvwkmk5SF80El3.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.twidouga.net/ko/lazy.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.twidouga.net/ko/jquery.lazyload.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aladdin.genieesspv.jp/yie/ld/jsk?zoneid=1239601&cb=2801071432&charset=UTF-8&loc=https%3A%2F%2Fwww.twidouga.net%2Fko%2Franking_tweek2.php&sw=1200&sh=1600&topframe=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://aladdin.genieesspv.jp/yie/ld/jsk?zoneid=1239601&cb=2801071432&charset=UTF-8&loc=https%3A%2F%2Fwww.twidouga.net%2Fko%2Franking_tweek2.php&sw=1200&sh=1600&topframe=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.octopuspop.com/pu-jq.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.octopuspop.com/pu-jq.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

54ad995902.92291944cd.com
ajax.googleapis.com
aladdin.genieesspv.jp
ap.octopuspop.com
audiencedata.im-apps.net
bypass.ad-stir.com
cloudflare.com
code.jquery.com
cs.gssprt.jp
dmp.im-apps.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.jads.co
jnn-pa.googleapis.com
js.cabnnr.com
js.gsspcln.jp
js.juicyads.com
js.octopuspop.com
js.wpadmngr.com
js.wpushsdk.com
kiynew.com
lh3.googleusercontent.com
na.nawpush.com
pbs.twimg.com
poweredby.jads.co
r.trwl1.com
rr1---sn-4g5edndz.googlevideo.com
rt.gsspat.jp
rtbbnr.com
static.doubleclick.net
static.javhd.com
static.octopus.tokyo
stream.bantgoau.com
tb.baimgfroggd.site
tcimp.zog.link
vs.bantgoau.com
www.google.com
www.gstatic.com
www.twidouga.net
www.youtube.com
yfetyg.com
yqmxfz.com
yt3.ggpht.com
poweredby.jads.co
rr1---sn-4g5edndz.googlevideo.com
13.114.113.27
133.186.12.16
185.94.236.245
185.98.53.17
2001:4de0:ac18::1:a:2a
222.230.178.130
222.230.178.132
222.230.178.21
2600:1901:0:e207::
2600:9000:2156:1600:c:dd71:23c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:10::6816:2255
2606:4700::6810:85e5
2606:4700::6812:1b68
2a00:1450:4001:1a::6
2a00:1450:4001:803::2006
2a00:1450:4001:803::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2001
2a01:4f8:252:564d::2
2a02:128:7:4860::2
2a02:128:7:5241::2
2a02:128:7:5917::2
2a02:26f0:6c00::210:bb90
2a02:6ea0:c700::10
2a02:b4a:1:7::9165:1
2a02:b4a:1:7::9274:1
2a06:98c1:3121::7
45.133.44.24
45.133.44.25
52.69.206.159
69.16.175.42
84.17.46.53
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
066ef327c5f9febc223724678b1f79ac37d900b4d3325cb448508a10bbffe98b
107ebc6c82dd48f7d074295301954a000ad7aa7860198a67b5ec05745248661d
1779b74c852c6e9283d7cfc31f4ff56908667c49faa601cbca2872861f9dba85
183dad97a5a4d0deb9ef8de05f399a1f6c93b2ccbfa9370d603dfbcd57355e8a
18498ab7f85ab89d58d1de20cd27690cb571258b0b9b1847afad408da4805800
1a18a01b6fe6a3f21ee4be3470c26872335957bafa5110f1190e26f4f80940e2
1ee453d906f72a453020fe595995032d10f537ffd711ef742ed12d1034e0812d
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad
238b6969605c829cdac0493e5fb04b426e4d95eb24ddfac4457b237bec787ab1
2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817
28b5fd315e50b9b7e8f51fba8604988b215480a34904697f594015950bf7d181
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
2ea6707211a08d985100fce389c6108765b64329ceea7012db687793956c15c6
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
3014146f70c95aba2802185ac6e7550f529877c862a8cd26de2fe8a6da4052cf
30a2dd1dfac59cb0b73dc6b8330f69269143d1f21e3d2af414141df216612a09
30a73075ed96f44a418de533f97f10a7ff08716cfd6c24e46817de878026f89e
3e1e064b6b182afbe948c1f2ffeac927a1044c8d90fe87c29da1737e6788857e
3e2092ae75275f8cc6d68353a6640528ad7655662c1b3c2e95b86982bed71505
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e35d1d76096df66db736a677890a77b6c9e532f3488d8f377b49e378f73a154
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fe0169d7f20adb2f1e63bcf4151971b62f34dbd9bce4f4f002df133bc2b03d
46e89f81e6b87f3fb1aeb437a1152de28a3efc09bc3cd0263d9613639192b5f0
48c148df2b4d8e867c942dfc3a8f4e70836bcc48e0cd493bdb7eae075fa1c669
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49dbe5def4f22a2260cb0533b488e2ba02cc540385d150dea60118e110b076b9
49e19be7025bdeccd3204cf8bdfdf1b82898bfb19d240a041be4dbd776825bc5
4c5a18c4c14f163bf678ba5e85a476fed1d81c8b2aebfa3e6271c14ea68326e2
4cf91facad0c607b6df34456a7e72d02a93126bf216d85ebc02c7ac2ba917627
52117d17da6124b3040ea4e88aed7fd43ed326e7ce1c1fc33d378fbfc95932b9
55798fcf28552826447c4a9a3399a5a300a8b0d149ccd0265607d5324ba50b38
590287681b71bd6862fe6ac84f1f31659ad1ce48cacdcd2b5f160e503d3d107a
59b252c03fc8a7a43ee656c7db0d8873541f7ccfc229e927efe5128aa6959a1e
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
6088be74a556ff4b78944a782ec9ca019491945dc9b64d38a6122fea50acf335
63367b55f7c2f98c3a468897d2f5aea8593a44dde60a9385e1d1b83280b11a69
647a347b3284577e87852b63003ebf9f5b0f7ba09ad6694c4a5564d65ef4f7f2
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423
705d44f6494f03613d36e21497fc77bde7b5c29e38bb059c47694d90572d5ad0
71091b69fd4123d7a15b11bd04c1e3bc4b16f6259ad34635d87432ef39cb0cf3
7411de17d9439212c91771dd317712b2e778226671afa62a04ee0f181d719ec9
7499db1c527a2ad807c971a3f630ceef7db8ed7337e36ae7142e54a5c33258c5
7c5aad99d7353d4736be097c43af1b690b022ce52139d755450dc501a2d64a3c
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad
7ddf79cb4a49f3fd48d50000dc62d5d5714e5e70abb67bdef3d4f13318c0dfc3
7eee9b40c75a5fef31769f1a3f62e96a3deaf717b7f1d30e48e93145e4513f1f
89b7ddebcf0923f8d0f922132de5b17c4327566d9e11e49dada6486a2812fe64
8e7675bd0f733d0529a04747f1fce304f781b0cb90ce197a59d83529d9313ae6
8efbc8b98ca7393333685c64bc528fde06e0e3cd0bf977c04856d7d57f45fe42
926a6b056e2327668477b0e0879783844a326955121cc69d9ba5f4ede4d4fd6f
9625950c70abffafa946536a6a8f553a549e3b3630455b862b1ebbda47cee883
9818b1424bc3f0486e91db8dcf5c595729a0cd821f4d96717dd55381e7a21b59
9978fe4778a52319f20a2dc4744a173ae6c32ef2d905af9f96cc325162e99a43
99b8eb0f1e06eb14188cf438ce41531bb22012b46e8741e40a4b03f1c25f485d
9a657854aa9e2c4ee2586eec5a97695610f82034975093f96822d0c4a81dbd4e
9a7766ef0fc17b54cadce55a16e9a6208091af302475edc15f1f2ce24e149bd3
9e1dc966d9191c34f0e53d1bbb55e7277c662720f32366a6ed95f4c62477fdc4
9f79258d031b43ce1702c4660872e4405f17dc69fba8b37ce01b8a8ea91fc8bf
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51ca16495cd0adcbbf720fc93b7ce210a797215c7da011b9a900f5a3be56d92
b6e3b8d6bade01b42e0099764550064fb9759495fc66621568952fb5da7c39f1
ba4fe3c9e72e26dc11c9dcc1a873ef5fa9c42680f4e433bb140e802950bd30d9
baf4dab284dad79446a8c087f83481f4dfbdd0350c226ae344ffa530a81ece5d
bfda1a9ca320d6c942a26de1a7a3039f87cb8d39083412fdaea6112c49ae4e21
bff793701e9f2531613716f16f18e148a3c271f53347b26e92bbed137ac7de99
c0b69556717f563da4c13d37dc8e383a4ba218b7e93c66c922f188c071e5ea54
c28cc2edb12eba8097fa6c3af9b6fde903c004b5323e0384ef9ea3fe3007ff0b
c81116be53710da502b39b0c977bae3077f3ec4bc77ced99bd0126bec332ecc7
c921800fd0413d77efe1cad883b5d50d248aaa245358ebb3b0fd089d00a661fa
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d19f7be2f5b093ea9302e84fc017e285aae87c5496aebf68cb7735cc1837bcd0
d4c509915d89f7bfa3b07ad089740b090efa18a8a860dd604826131a770abc56
d69c9b4e079942d62c4588b87d1193c0fadd8b6018ca1760eccbe0255cc953eb
d76fa7d42e84662cd82b1e9ab8f8c078c33f44865866bd52d685dea366fc1a9a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbdc556177a5b6acc00668e4ab8a956f2941d1c6467ad1cef90baa89b45c598d
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e
debc8888fe279a13e621077ad4cc78d3a8d48bef76414afafaf1d80337c51dfc
e24ee213782f6ed0de472f2a8b9374799b9a79643d466133d7a10a81383aa039
e3247e326269073d422dc779f486a029ee3adb4542909f87a5e88b07065fab54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6117cce9a5c9be508a185bf3a3d87b342defac6f4847e589290d6cc26095582
e7c5ad2aafe85f1d8c3b2a8b0e59aa343b7fcbac180797f8fb0cacd9e9d16f20
e88c1f3f41d07370613bc9a97f32dc8c92f3c5ba123c91b5a547df0e3c2420d0
ed98dd4032f4f73935e97b88d42f3cedb72af7b2107614bbf7170b42a6a30933
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f02f14d6675ede42f9332cad2494dec4c23cf549baf7ef7baec603b4735560e9
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738
f75568d334c6a3ef9c8f47a2927445cbf6d1c40344a236922abaa2dc3b3c5e22
f77c27bbf31b4628da5e58e821b1bd368144b40c1d443e364ba620e3a9e4c49d
fc25db678d231bbcc957b309ae879f9e2ed948ca8d615b4cfb26fdd7270df773
ff1783512f35ef0d322291dc252e665ab6d16e4b06a6f1f392d7d989602f5dde
ff1f2a2341ed0d3d086a681407b413d93a00470c6530bd3b41fae80c4653699e

www.twidouga.net Open in urlscan Pro 2606:4700:10::6816:2255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

121 Requests

93 %HTTPS

69 %IPv6

36 Domains

43 Subdomains

36 IPs

5 Countries

3441 kBTransfer

8002 kBSize

10 Cookies

29 Outgoing links

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.twidouga.net Open in urlscan Pro
2606:4700:10::6816:2255 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

93 %
HTTPS

69 %
IPv6

36
Domains

43
Subdomains

36
IPs

5
Countries

3441 kB
Transfer

8002 kB
Size

10
Cookies

121 HTTP transactions
2 data transactions