ilstream.info Open in urlscan Pro
172.67.136.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clck.ru/XdRfV
Effective URL:
https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Submission: On September 18 via manual (September 18th 2021, 8:58:45 am UTC) from RU — Scanned from DE

Summary HTTP 81 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 19 domains to perform 81 HTTP transactions. The main IP is 172.67.136.13, located in United States and belongs to CLOUDFLARENET, US. The main domain is ilstream.info.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 20th 2020. Valid for: a year.

This is the only time ilstream.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	213.180.204.221 213.180.204.221	13238 (YANDEX) (YANDEX)
1 1	87.250.251.232 87.250.251.232	13238 (YANDEX) (YANDEX)
6	172.67.136.13 172.67.136.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.69.41 104.21.69.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
1	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	104.18.17.65 104.18.17.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.74.214 142.250.74.214	15169 (GOOGLE) (GOOGLE)
2	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
2	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.156.202.211 185.156.202.211	56388 (AMBER-AS ...) (AMBER-AS ---CLIENTS---)
16	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
2	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
1	31.13.92.10 31.13.92.10	32934 (FACEBOOK) (FACEBOOK)
1	64.58.116.142 64.58.116.142	7979 (SERVERS-COM) (SERVERS-COM)
1	172.217.18.100 172.217.18.100	15169 (GOOGLE) (GOOGLE)
1	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
2	173.194.150.251 173.194.150.251	15169 (GOOGLE) (GOOGLE)
2	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
7	74.125.162.106 74.125.162.106	15169 (GOOGLE) (GOOGLE)
81	20

1 213.180.204.221 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: clck.ru

clck.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.250.251.232 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: sba.search.yandex.net

sba.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.136.13 (United States)

ASN13335 (CLOUDFLARENET, US)

ilstream.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.69.41 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.siteswithcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.18.17.65 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.214 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.156.202.211 (Belize)

ASN56388 (AMBER-AS ---CLIENTS---, BZ)

m.uttclimber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.92.10 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-01-frt3.facebook.com

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.116.142 (United States)

ASN7979 (SERVERS-COM, US)

c.siteswithcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f100.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.150.251 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s04-in-f11.1e100.net

r5---sn-2gb7sn7z.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.125.162.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s60-in-f10.1e100.net

r5---sn-4g5ednd7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	adskeeper.com jsc.adskeeper.com c.adskeeper.com servicer.adskeeper.com s-img.adskeeper.com cm.adskeeper.com	298 KB
14	youtube-nocookie.com www.youtube-nocookie.com	732 KB
9	googlevideo.com r5---sn-2gb7sn7z.googlevideo.com r5---sn-4g5ednd7.googlevideo.com	791 KB
8	ytimg.com i.ytimg.com	100 KB
6	ilstream.info ilstream.info	38 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	43 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com stackpath.bootstrapcdn.com	116 KB
2	youtube.com www.youtube.com	45 KB
2	uttclimber.com m.uttclimber.com	55 KB
2	mgid.com c.mgid.com	1 KB
2	facebook.net connect.facebook.net	69 KB
2	siteswithcontent.com cdn.siteswithcontent.com c.siteswithcontent.com	2 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	google.com www.google.com	13 KB
1	facebook.com web.facebook.com
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	yandex.net 1 redirects sba.yandex.net	318 B
1	clck.ru 1 redirects clck.ru	392 B
81	19

	Domain	Requested by
14	www.youtube-nocookie.com	www.youtube.com www.youtube-nocookie.com
9	s-img.adskeeper.com	jsc.adskeeper.com
8	i.ytimg.com	ilstream.info
7	r5---sn-4g5ednd7.googlevideo.com	www.youtube-nocookie.com
6	ilstream.info	ilstream.info
4	c.adskeeper.com	jsc.adskeeper.com
4	jsc.adskeeper.com	ilstream.info jsc.adskeeper.com
2	cm.adskeeper.com	jsc.adskeeper.com
2	www.gstatic.com	www.youtube-nocookie.com www.gstatic.com
2	r5---sn-2gb7sn7z.googlevideo.com	www.youtube-nocookie.com
2	servicer.adskeeper.com	jsc.adskeeper.com
2	fonts.gstatic.com	www.youtube-nocookie.com
2	www.youtube.com	ilstream.info www.youtube.com
2	m.uttclimber.com	ilstream.info
2	c.mgid.com	cdn.siteswithcontent.com ilstream.info
2	connect.facebook.net	ilstream.info connect.facebook.net
2	stackpath.bootstrapcdn.com	ilstream.info stackpath.bootstrapcdn.com
2	maxcdn.bootstrapcdn.com	ilstream.info
1	yt3.ggpht.com
1	www.google.com	www.youtube-nocookie.com
1	c.siteswithcontent.com
1	web.facebook.com	connect.facebook.net
1	cdnjs.cloudflare.com	ilstream.info
1	ajax.googleapis.com	ilstream.info
1	cdn.siteswithcontent.com	ilstream.info
1	sba.yandex.net	1 redirects
1	clck.ru	1 redirects
81	27

This site contains links to these domains. Also see Links.

Domain
www.adskeeper.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-20` - `2021-12-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
uttclimber.com R3	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
siteswithcontent.com R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-17` - `2021-10-26`	2 months	crt.sh

This page contains 6 frames:

Primary Page: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Frame ID: 90400CE51C6425BD23CAA571BFC18BFA
Requests: 46 HTTP requests in this frame

Frame: https://m.uttclimber.com/
Frame ID: E32F3B49DF9BB132FA3B525FE5730B5F
Requests: 1 HTTP requests in this frame

Frame: https://m.uttclimber.com/
Frame ID: 072FC44010B20F6A6B15FB2BC50F1AF9
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
Frame ID: 21495E1962D7D27860FB298E62192FE7
Requests: 32 HTTP requests in this frame

Frame: https://web.facebook.com/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df180506652c065c%26domain%3Dilstream.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Filstream.info%252Ff2fed012d60335c%26relation%3Dparent.parent&color_scheme=light&container_width=956&height=100&href=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&locale=de_DE&numposts=20&order_by=reverse_time&sdk=joey&version=v3.2&width=
Frame ID: FF6D260D29A7EBA56101A24D00E2DEBC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1631955518816509857602
Frame ID: DC1F0FDD1321E758D984F70538EFCBB2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Павел Ширшов о движении «Ветераны боевых действий за справедливость»

Page URL History Show full URLs

https://clck.ru/XdRfV HTTP 302
https://sba.yandex.net/redirect?url=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpy... HTTP 302
https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

100 %
HTTPS

0 %
IPv6

19
Domains

27
Subdomains

20
IPs

5
Countries

2340 kB
Transfer

5233 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.adskeeper.com/ghits/8164859/i/57511976/2/src/2701347968/pp/1/1?h=3TRihAQUYGcliyRM9OPdc0xHfMzkhBxWgi1QvfILbjPxZEgX1TC2E36Ig_DM_5u9&rid=9d5123e8-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8193534/i/57511976/2/src/2701347968/pp/2/1?h=3TRihAQUYGcliyRM9OPdc0JeqUmksj2LCpo6Mq4-SeXomeK_b_MepJVds2TaOKWv&rid=9d5123e8-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164865/i/57511976/2/src/2701347968/pp/3/1?h=3TRihAQUYGcliyRM9OPdc1_CoCNXT2fz9-CTTG3Kbcoj8JjwV5eZsbNFbErS5oXL&rid=9d5123e8-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8193506/i/57511976/2/src/2701347968/pp/4/1?h=3TRihAQUYGcliyRM9OPdc8K5Sv4t95F7mnfNr8QASJnCDKxfvtQyzFXvdSTAVHTn&rid=9d5123e8-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164918/i/57511976/2/src/2701347968/pp/5/1?h=3TRihAQUYGcliyRM9OPdc82B7zbsbv--JQq4OwXKk3Jkv2KH1qoyyQ1rPKPMwCSV&rid=9d5123e8-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164912/i/57511976/2/src/2701347968/pp/6/1?h=3TRihAQUYGcliyRM9OPdcyIf_cKFORIM5TEgV3ry05_G_x8xIzETwP-DRqjVm16p&rid=9d5123e8-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164898/i/57511978/2/src/2701347968/pp/1/1?h=1-SWLREXuNBRbg3Js10b-TYfvHqV_Lu5JV3ItanYp4pNxq3dJ9jUw9UfWR1QHaMa&rid=9d51c12a-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1&muid=l8iCj3VjiGW1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8193506/i/57511978/2/src/2701347968/pp/2/1?h=1-SWLREXuNBRbg3Js10b-cK5Sv4t95F7mnfNr8QASJlU79ZTwcVk5x-drSA_wGtS&rid=9d51c12a-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1&muid=l8iCj3VjiGW1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clck.ru/XdRfV HTTP 302
https://sba.yandex.net/redirect?url=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&client=clck&sign=56a603908953e95ed280a3fa779e1c3d HTTP 302
https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request eoqKuoGvjpynb3o.html Show response
ilstream.info/white/pavel-ir-ov/
Redirect Chain

https://clck.ru/XdRfV
https://sba.yandex.net/redirect?url=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&client=clck&sign=56a603908953e95ed280a3fa779e1c3d
https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

53 KB
14 KB

1606ms
1563ms

Document
text/html

172.67.136.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.136.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b2418c5e4eebcd34159d3d0889006d974e189b63a78ca9657d2684c24c5c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: ilstream.info
:scheme: https
:path: /white/pavel-ir-ov/eoqKuoGvjpynb3o.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400, no-transform
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 18 Sep 2021 08:58:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnw75E9qqGc0pmAn%2FZo3qUF%2BT4onnw1XT2p62%2FNMak9Qzm43s0j9naY7cS4Um7nLaP6j0O3t2cA8dH2rX1TkOPWh7m%2BNShI%2BcQCRifq2sqvI8%2BAHguw9jonu6vYgfJ%2Fp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 69095f984a2406ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Content-Length: 327
Content-Type: text/html; charset=utf-8
Date: Sat, 18 Sep 2021 08:58:36 GMT
Location: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Strict-Transport-Security: max-age=3600; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 59ms
28ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752, 617, 617
age: 140131
cdn-cachedat: 2021-07-24 16:36:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0853b573fe3567d00cd081108a852528
cf-ray: 69095fa25b59c4db-DUS
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 48ms
17ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 140131
cdn-cachedat: 2021-04-23 07:08:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6374e5f70ac9193cd59257eeaf29be31
cf-ray: 69095fa25fc4c4b8-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 s.css
ilstream.info/css/ 27 KB
6 KB 30ms
29ms Stylesheet
text/css 172.67.136.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ilstream.info/css/s.css

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.136.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ad01e3bb6314005136e71b9414ac0da20dc2db3a8713b09b2339374b9fb278d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /css/s.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ilstream.info
referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 715321
cf-polished: origSize=28531
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 21 Sep 2019 09:44:57 GMT
server: cloudflare
etag: W/"5d85f119-6f73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvY50S3ErkjMVRn4yGDPF6UOm3%2BogcVq5Rpg2XjmmiNUk0y3hYhMCi5rVMRKVTVAspUvlx4r8PvlJfi8Ra123Q4B28hacE%2Bq16z92YzW0nkllMaW%2F2%2FOiMYFcMCKQw%2FC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 69095fa22fa906ed-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 subscribe.js Show response
cdn.siteswithcontent.com/js/push/ 4 KB
2 KB 59ms
22ms Script
application/javascript 104.21.69.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.siteswithcontent.com/js/push/subscribe.js
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.69.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62761d0cd40a9eeecb3d39dd4f289e55f1edf39e056b76431843fb640963ddcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id: tp-up-gc12
date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4306
x-cached-since: 2021-07-16T09:29:17+00:00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: K0G1K87WGEMB2WAV
x-amz-id-2: t8LlvSQMeMILeKT6Br1CQ+z81YWLf/DxcrqwKE65FsHNq/cg1v5zJb3DCrhNY56OP+FHP4KGw6o=
last-modified: Mon, 04 May 2020 12:18:12 GMT
server: cloudflare
etag: W/"189f6ddd0a08dd184bfe6cd4082874bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHrGmZKCtl1PGISsgEDFJEwy47KY0yFufLv2hVZJs8leowwnLnVRcLO0594MqGFMCbQlEauK%2FGCUJm0E4I%2FAEn6DfEbx518k%2Bnuq7w2cD0CQsZ7gJ2ieLNXVL0ja1mCMX4HBvj7nnM2yfvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
cf-ray: 69095fa2b8e73b13-CDG

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 83ms
26ms Script
text/javascript 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 14:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 17 Sep 2022 14:07:12 GMT

GET
H3 200 ui.js Show response
ilstream.info/js/ 32 KB
11 KB 28ms
27ms Script
application/javascript 172.67.136.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ilstream.info/js/ui.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7099a2273add53eb39c829e4f35d6847aa949fc597badfdef4cf00602cc01f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /js/ui.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ilstream.info
referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 715403
cf-polished: origSize=33025
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 14 Aug 2019 08:32:48 GMT
server: cloudflare
etag: W/"5d53c730-8101"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2F24xZSkLUVRkCoA7SCnWZJ%2BH9X52v1S9iQJDTNWibSjwtHBu3FzWg4tPWSeOP7cF7QnD7IY4JCXC0xGGQuid762SnwngENruq4XOj1MmVqtIFOvpzQJycNVH0a3lOKO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 69095fa2986065e2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 52ms
16ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9206210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1120
cf-request-id: 0a74fe7984000021578c0ea000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FiVP6aruFaZb3DjwbCGSE0xbljsU2v1Xr6BQwQ2kPtm2862MSm1a9RpVjTScVB16kCVIF%2Fe72YhaclIKQYMxBhd%2Ft34gh3EBVwddm46VmZ5QxIO8fODWhaVhlPyVSlU9O1wxBU4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69095fa2cd8021c3-DUS
expires: Thu, 08 Sep 2022 08:58:37 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 49ms
35ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 140131
cdn-cachedat: 2021-04-23 06:58:04
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b2911342e21e82c41ee639f05a9b95ac
cf-ray: 69095fa2ae84faee-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3 200 f.js Show response
ilstream.info/js/ 10 KB
4 KB 45ms
43ms Script
application/javascript 172.67.136.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ilstream.info/js/f.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

058a7472842e1ca6c12d9b7de2b4635142fbbac7207d20dd0492726f6adb2a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /js/f.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ilstream.info
referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1284397
cf-polished: origSize=13019
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 20 Sep 2019 12:55:22 GMT
server: cloudflare
etag: W/"5d84cc3a-32db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJXAeOQ03JHmtByzhlhm26BAjYUN%2B%2FwnXtE1wpeocqLpgBC3EzAMOvyoNczDV4%2BojYFhjdbU4vRNM9zH0HNBa7SZSprOcoWXP0y9xEA2NC2K5%2F7FBNwsw1q45jCXryQ%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 69095fa2986b65e2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 vss.js Show response
ilstream.info/js/ 6 KB
3 KB 45ms
43ms Script
application/javascript 172.67.136.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ilstream.info/js/vss.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1045f21eee60c3c0d34e2d24263b806fa7f0c0ebe90e9ac9280bfc9fe4e1d059

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /js/vss.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ilstream.info
referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 700301
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 31 Aug 2019 19:20:15 GMT
server: cloudflare
etag: W/"5d6ac86f-1651"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvKgJSzOWDUCBIHLjivFaq2ehQ5uuwq8HELZm9icaq1qrsu3a0AXy9nCcU%2BBK1zqS%2BlMpGWTVonYoYk5QiCBLZ8HcI5RZJRzr%2F7gvyC3%2FT8VsdoFMR%2B1E%2B9i5EsbH%2BJk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 69095fa2986c65e2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rufun.info.1178743.js Show response
jsc.adskeeper.com/r/u/ 2 KB
1 KB 49ms
18ms Script
text/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.js
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e691825311d319d1006d0a8bc28127d3f2fb8d1fd24348a3fff0c9432afc4fc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2527
cf-ray: 69095fa2ced621bd-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 742
x-amz-id-2: f3LPicgc2QXXfUIGGj7Tj9gPEux09fBsV8XhMgExt8s2QKbXtDgG5b48odT6WX6aTQWpX2Sgp7o=
last-modified: Wed, 08 Sep 2021 05:45:30 GMT
server: cloudflare
etag: "f4121002af057fb260bcd882bbcaeda1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 22KCJY1NJ0XWBMQ3
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 18 Sep 2021 12:58:37 GMT

GET
H3 200 o.gif
ilstream.info/img/ 43 B
723 B 26ms
24ms Image
image/gif 172.67.136.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ilstream.info/img/o.gif

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /img/o.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ilstream.info
referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1281761
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
last-modified: Wed, 14 Aug 2019 08:32:47 GMT
server: cloudflare
etag: "5d53c72f-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jXv%2FEgkU2cA61TXLR1bUGZ6uB%2FY8uE0qjHsk9uxTE5pfMdX9Gcnao2mVie8ekP9ahz%2FM0ZOgn6Zzwgk8Mc7BFUoFmRRE1JQF%2FHEovX5aWKX7NOchrZaOppUU2H42yGA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 69095fa2986d65e2-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rufun.info.1178745.js Show response
jsc.adskeeper.com/r/u/ 2 KB
938 B 63ms
32ms Script
text/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.js
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa72f2b960b4d2d368349c238463a5dcc3e804f813b7fae82b94ae3706eec5cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3024
cf-ray: 69095fa2ced721bd-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 742
x-amz-id-2: ndJ0sUGUPXniayIBLOLUHcpjw54D6yyDySSKYLFJyIYIlEfejTFEOYBN9EczYmPg5C1bFr7roTs=
last-modified: Wed, 08 Sep 2021 05:46:32 GMT
server: cloudflare
etag: "4d06e7afe5faea3604bfe8a033b53569"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: PHB58T63S12KB7G6
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 18 Sep 2021 12:58:37 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/wV-IIvpIZQI/ 12 KB
12 KB 95ms
44ms Image
image/jpeg 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wV-IIvpIZQI/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

sffe /

Resource Hash

9297a9e5062582ffcfcb6ae8228667eaf6941f004b0377768b94b020fbd5ebb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:43:40 GMT
x-content-type-options: nosniff
age: 897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12642
x-xss-protection: 0
server: sffe
etag: "1618050386"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:43:40 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/6fV2U8wgVLU/ 9 KB
9 KB 101ms
51ms Image
image/jpeg 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/6fV2U8wgVLU/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

sffe /

Resource Hash

e82f2631c70f95ca2d3bf77c4bc297be6ef137c222bd83edd0bd9b4952cf5ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:20:55 GMT
x-content-type-options: nosniff
age: 2262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9221
x-xss-protection: 0
server: sffe
etag: "1549448927"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:20:55 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/eeNv4wf2D1U/ 14 KB
14 KB 116ms
65ms Image
image/jpeg 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/eeNv4wf2D1U/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

sffe /

Resource Hash

343d53e60402fb4432a259f78aee852534a90ae127b7b612e4cd8fb1d52d0ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
x-content-type-options: nosniff
server: sffe
etag: "1631202395"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14252
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:58:37 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/7woJ49F3Wwc/ 6 KB
6 KB 106ms
56ms Image
image/jpeg 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7woJ49F3Wwc/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

sffe /

Resource Hash

133dfded3aba7e8cebe852664df5cf630d9259e77dd2eec51ba33131a564d57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:20 GMT
x-content-type-options: nosniff
age: 17
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6432
x-xss-protection: 0
server: sffe
etag: "1631479316"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:58:20 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/V2l-O-c-djc/ 10 KB
11 KB 89ms
39ms Image
image/jpeg 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/V2l-O-c-djc/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

sffe /

Resource Hash

51d43d1349cafc6ed17e7fcfc2fe1f6e73f38d57fb9f0dbc583b1e59d323cd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:50:57 GMT
x-content-type-options: nosniff
age: 460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10746
x-xss-protection: 0
server: sffe
etag: "1631049282"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:50:57 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/G7CISRNr0_E/ 14 KB
15 KB 32ms
23ms Image
image/jpeg 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/G7CISRNr0_E/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

sffe /

Resource Hash

e9c1e914263f776fe89ccda355977ca8b49012ff3a240dd9bbdfec17939d6a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 07:15:38 GMT
x-content-type-options: nosniff
age: 6179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14818
x-xss-protection: 0
server: sffe
etag: "1630941964"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 09:15:38 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/bvoF_lFC_gg/ 19 KB
19 KB 59ms
58ms Image
image/jpeg 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/bvoF_lFC_gg/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.214 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

sffe /

Resource Hash

1558e057ee9754034519161f171d87a1351d1874bf39abf4d702b734ea7d0b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:56:52 GMT
x-content-type-options: nosniff
age: 105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19658
x-xss-protection: 0
server: sffe
etag: "1618050125"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:56:52 GMT

GET
H3 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 34ms
21ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 140131
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 617c76fc31465420d2241147290b90af
accept-ranges: bytes
cf-ray: 69095fa2be91faee-DUS
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sdk.js Show response
connect.facebook.net/de_DE/ 3 KB
2 KB 22ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

eb0c369f8b2315b43d6f5c753d8ac7b1c384a1487896321aad3ebac069516d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: hDqQHgAcij4tjZTONvVBJg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: E2Morom2BksZ0OUpwH0TVo9CdsEbZfV8edG1T9ahV4Mk5WAr2lAjgJT/fAm86DOcmvJJVsxqpv626nNORrHoNA==
x-fb-trip-id: 686109401
x-fb-content-md5: 2f48e765903cac65d48bac8630fea69f
x-frame-options: DENY
date: Sat, 18 Sep 2021 08:58:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "899821adbdffe8854e8671e6b608edaf"
timing-allow-origin: *
expires: Sat, 18 Sep 2021 09:12:47 GMT

GET
H2 200 js-cookie-muidn Show response
c.mgid.com/ 65 B
812 B 166ms
143ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/js-cookie-muidn
Requested by: Host: cdn.siteswithcontent.com
URL: https://cdn.siteswithcontent.com/js/push/subscribe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e257e3c1052627bc49ec9134da0ee93d63126e8a3f7f3a8473787fbc8e56f3a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 73563327-5140-485f-b101-21e40bc073be
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095fa358fbc4a4-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

POST
H2 200 / Show response
m.uttclimber.com/ Frame E32F 97 KB
55 KB 111ms
50ms XHR
text/plain 185.156.202.211
AMBER-AS ---CLIEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.uttclimber.com/
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.156.202.211 , Belize, ASN56388 (AMBER-AS ---CLIENTS---, BZ),
Reverse DNS
Software: openresty /
Resource Hash: febc3dd8146a053a5aea5574aaf1e9203717cf10e2145e8805c56fb2f59da333

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
x-cache-date: Sat, 18 Sep 2021 08:58:19 GMT
x-cache: HIT
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent

GET
H3 200 rufun.info.1178743.es6.js Show response
jsc.adskeeper.com/r/u/ 225 KB
65 KB 31ms
16ms Script
text/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc5826348d69567babd3982a7f4e222e0f351e04697f7db76db98c1eb799cdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2527
cf-ray: 69095fa3ba39216f-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 65897
x-amz-id-2: DMgXpxmxjez5fCPHRkFhBnJN+sQetnKcZcspp7b/bdmguWkXYxOwonLEW87gta9zjstfZagiHmU=
last-modified: Wed, 08 Sep 2021 05:45:30 GMT
server: cloudflare
etag: "8cbe4dbc10446e462bc537c203248f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: XY5JVKYN4640H1SC
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 18 Sep 2021 12:58:38 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
2 KB 95ms
40ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: ilstream.info
URL: https://ilstream.info/js/vss.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

15f82c1390578d6d20727a3bb7191dc62d07b221005c34f191eddae4cfe0e21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Sat, 18 Sep 2021 08:58:38 GMT

GET
H3 200 rufun.info.1178745.es6.js Show response
jsc.adskeeper.com/r/u/ 225 KB
65 KB 21ms
21ms Script
text/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56b03a276b2da8a5e427be32efc4e3f91143080c21ca7823b96e1e42cff01e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2527
cf-ray: 69095fa3ba42216f-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 65882
x-amz-id-2: GGoVg0prNAuYddxt2t3gxIVJjSCgy2CLpeYE7Bd9CkmuXPiZtTJRLKS25Wkpa0GdI37fX85/IYk=
last-modified: Wed, 08 Sep 2021 05:46:32 GMT
server: cloudflare
etag: "37f1ac2b0e559cfa6ead3d78b9b720d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 9QWM72R8YVD1P9XX
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 18 Sep 2021 12:58:38 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/de_DE/ 228 KB
67 KB 15ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js?hash=e373c3a7b6964c75cd260960a3900947

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

f4280d9998706a70f7fdd274c2d98aa0de09d1db42405fe0a503f002830231b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BQwVzMR2QZnkwR3MwdIVEQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68471
x-fb-rlafr: 0
x-fb-debug: sbRKh805aA9nTNcxYbqaCtpMdd9ZIODiBe2PYD3CRjTEsx3NTBFUgtABCto153w10Hh7fgxBwxx2msD9UUFuig==
x-fb-content-md5: fc547d70721d186b47eb9ae671d6dfff
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 18 Sep 2021 08:58:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5a302c8a1d5d9d85674e480fc1add49d"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Sep 2022 08:50:52 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/ 135 KB
44 KB 62ms
20ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

16de1d7645521d4b2909a9590e266c6a19dd4992b357f984d05b8e0683245bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 07:39:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 18 Sep 2022 07:39:34 GMT

POST
H2 200 / Show response
m.uttclimber.com/ Frame 072F 93 B
439 B 40ms
40ms XHR
text/plain 185.156.202.211
AMBER-AS ---CLIEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.uttclimber.com/
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.156.202.211 , Belize, ASN56388 (AMBER-AS ---CLIENTS---, BZ),
Reverse DNS
Software: openresty /
Resource Hash: 4a5881cc7cc99d476466bc41629b90c688be6252a827152518afabf509e635c5

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 93

GET
H2 200 AWTYMwXkF9E Show response
www.youtube-nocookie.com/embed/ Frame 2149 55 KB
24 KB 69ms
68ms Document
text/html 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

7cc76250194d5068de6c6b00ac1c397663ad4b117d2c28835ef635618309f104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube-nocookie.com
:scheme: https
:path: /embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ilstream.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Sep 2021 08:58:38 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AZM8iraF8kvpPgkkYf7NfrxN7y50wX-O9sdgO44AY1Q0Xw3I5lf8_mKJYJs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraF8kvpPgkkYf7NfrxN7y50wX-O9sdgO44AY1Q0Xw3I5lf8_mKJYJs"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraF8kvpPgkkYf7NfrxN7y50wX-O9sdgO44AY1Q0Xw3I5lf8_mKJYJs"
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+502; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
c.adskeeper.com/pv/ 0
307 B 58ms
57ms Script
text/plain 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.com/pv/?pv=5&src_id=ilstream.info&cbuster=1631955518304856943270&uniqId=064d9&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&lu=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&sessionId=6145aa3e-16adb&pageView=1&pvid=17bf8210360996f20b7&site=733294&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095fa57bd121bd-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 www-player-webp.css
www.youtube-nocookie.com/s/player/d7a19ed1/ Frame 2149 329 KB
45 KB 22ms
21ms Stylesheet
text/css 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/www-player-webp.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46352
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Sep 2022 09:25:06 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/www-embed-player.vflset/ Frame 2149 201 KB
66 KB 28ms
28ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67291
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:13:47 GMT

GET
H3 200 base.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 2149 2 MB
505 KB 31ms
31ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516948
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:13:47 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/fetch-polyfill.vflset/ Frame 2149 8 KB
3 KB 26ms
25ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:13:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2149 15 KB
15 KB 71ms
21ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 392425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 19:58:13 GMT

GET
H3 200 js-cookie-muidn Show response
c.mgid.com/ Frame 072F 65 B
500 B 69ms
56ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/js-cookie-muidn
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e257e3c1052627bc49ec9134da0ee93d63126e8a3f7f3a8473787fbc8e56f3a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8b0c5f50-ef1d-4530-a9ce-c3e9a1254350
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095fa5db00faee-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 comments.php
web.facebook.com/v3.2/plugins/ Frame FF6D 0
0 142ms
104ms Document
text/html 31.13.92.10
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df180506652c065c%26domain%3Dilstream.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Filstream.info%252Ff2fed012d60335c%26relation%3Dparent.parent&color_scheme=light&container_width=956&height=100&href=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&locale=de_DE&numposts=20&order_by=reverse_time&sdk=joey&version=v3.2&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=e373c3a7b6964c75cd260960a3900947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.10 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-shv-01-frt3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: web.facebook.com
:scheme: https
:path: /v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df180506652c065c%26domain%3Dilstream.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Filstream.info%252Ff2fed012d60335c%26relation%3Dparent.parent&color_scheme=light&container_width=956&height=100&href=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&locale=de_DE&numposts=20&order_by=reverse_time&sdk=joey&version=v3.2&width=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ilstream.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: ZBpQ4TZgS08e1MKmyFk3o7BVruDeEVjNwVffTa+Jj9OMcqVHsHgGSa27pdjkXIGW9gO0utuqkFjM7BI+6bWQpg==
content-length: 0
date: Sat, 18 Sep 2021 08:58:38 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 push-event-counter
c.siteswithcontent.com/ 43 B
481 B 383ms
126ms Image
image/gif 64.58.116.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.siteswithcontent.com/push-event-counter?permission=default&domain=ilstream.info
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.58.116.142 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:38 GMT
x-mg-request-uuid: b9154554-a011-41a8-8874-f9cf3ea8e3aa
access-control-allow-methods: POST, OPTIONS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://ilstream.info
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: *
server: nginx

GET
H2 200 3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js Show response
www.google.com/js/th/ Frame 2149 34 KB
13 KB 57ms
17ms Script
text/javascript 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f100.1e100.net

Software

sffe /

Resource Hash

de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 14:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13157
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 14:42:24 GMT

GET
H3 200 embed.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 2149 24 KB
7 KB 21ms
21ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7340
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:13:49 GMT

POST
H3 200 player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 2149 63 KB
19 KB 137ms
136ms XHR
application/json 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

b6f6681c2f44d2b11e6ea575a740aabf600c9a339e51abd8e7dfc3ef40390012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210915.1.2
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id: CgthYnFSVEtsTk8yVSi-1JaKBg%3D%3D
Content-Type: application/json

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19895
x-xss-protection: 0
expires: Sat, 18 Sep 2021 08:58:38 GMT

GET
DATA 200
OK truncated
/ Frame 2149 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLT1dy4XFSlRgseA9TgCwAcnGLN8hWI8XVeQQtilIA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2149 2 KB
3 KB 79ms
24ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT1dy4XFSlRgseA9TgCwAcnGLN8hWI8XVeQQtilIA=s68-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

676ef4edd50a39df0808976793adc82efb41cfb7e36ed71347d1b1b1190fc704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 07:15:23 GMT
x-content-type-options: nosniff
age: 6195
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
server: fife
etag: "v115"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Sep 2021 07:03:53 GMT

GET
DATA 200
OK truncated
/ Frame 2149 356 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c64b0de0962926c3545e374f17fe916a24fa3ab6dab9a6c758838b75641e568

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2149 10 KB
10 KB 57ms
27ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:14:50 GMT
x-content-type-options: nosniff
age: 409428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 15:14:50 GMT

GET
H3 204 generate_204
www.youtube-nocookie.com/ Frame 2149 0
9 B 20ms
20ms Image
text/plain 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?-5tjLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 1 Show response
servicer.adskeeper.com/1178743/ 5 KB
2 KB 57ms
57ms Script
application/x-javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1178743/1?pv=5&src_id=ilstream.info&cbuster=163195551866599179730&uniqId=064d9&niet=4g&nisd=false&jsv=es6&w=956&h=525&cols=3&ref=&cxurl=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&lu=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&sessionId=6145aa3e-16adb&pageView=1&pvid=17bf8210360996f20b7&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a714234a3a6994eac63f657b6df454677510bfdf43fdbd27d00348c9742d10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095fa7b86621bd-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1 Show response
servicer.adskeeper.com/1178745/ 2 KB
1021 B 57ms
57ms Script
application/x-javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1178745/1?w=493&h=730&cols=1&pv=5&src_id=ilstream.info&cbuster=1631955518666963176664&uniqId=10497&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&lu=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&sessionId=6145aa3e-16adb&pageView=0&pvid=17bf8210360996f20b7&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a08eda740bb26915a10a25cd953958a3c5bcf3f60497df598618e2b90bd087

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095fa7b87b21bd-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 204 qoe
www.youtube-nocookie.com/api/stats/ Frame 2149 0
17 B 30ms
30ms Ping
text/html 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?event=streamingstats&fmt=133&afmt=251&cpn=S1WldDJqwPimRISn&ei=PqpFYc6fI4Ou1wLp5qWIDw&el=embedded&docid=AWTYMwXkF9E&ns=yt&fexp=23748146%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24080738%2C24082662%2C24096481&cl=397162147&seq=1&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210915.1.2&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.008:B,0.193:B,0.193:B&cmt=0.008:0.000,0.193:0.000&ctmp=cc:t.182;useVodTrack&afs=0.192:251::i&vfs=0.193:133:133::o&view=0.193:956:538&bwe=0.193:130000&bat=0.193:1:1&vis=0.193:0&bh=0.193:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-2gb7sn7z.googlevideo.com/ Frame 2149 1022 B
2 KB 94ms
14ms XHR
text/plain 173.194.150.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-2gb7sn7z.googlevideo.com/videoplayback?expire=1631977118&ei=PqpFYc6fI4Ou1wLp5qWIDw&ip=216.131.111.10&id=o-AINItnwhK3iNJvyHhHtE77Rc2byenQz0vOQiRd7ciNWY&itag=133&aitags=133%2C160%2C242%2C278&source=youtube&requiressl=yes&mh=x_&mm=31%2C26&mn=sn-2gb7sn7z%2Csn-4g5ednd7&ms=au%2Conr&mv=m&mvi=5&pl=24&initcwndbps=83750&vprv=1&mime=video%2Fmp4&ns=DB4KWAyHIJHXMOdzMvsSbvAG&gir=yes&clen=4057659&otfp=1&dur=149.480&lmt=1604777841197684&mt=1631955180&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=O5MxqVwOJceA5g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPo4CfRvQc2fu9Xod1m6DxUjWpIrfpHKWbIB7AridA-eAiBYcCVLxcyYsj6p55UgwIyyoKZvroKXGhT75lVVmZvNhA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFlaL9NKLy-xWbksui5jUk3FacURexQ7VI4_nW07EN50CICeNDyZXVB523bnqrpv5YvVvsOmxNRSWo5sQVrUG9Dya&alr=yes&cpn=S1WldDJqwPimRISn&cver=1.20210915.1.2&range=0-66656&rn=1&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.194.150.251 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s04-in-f11.1e100.net

Software

gvs 1.0 /

Resource Hash

b6b23bbcc4477a8a7e9a2580cb91183afa16ae5cbf3b641199790b7722f5a87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 08:58:38 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1022
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
X-Content-Type-Options: nosniff
Expires: Sat, 18 Sep 2021 08:58:38 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-2gb7sn7z.googlevideo.com/ Frame 2149 984 B
2 KB 94ms
15ms XHR
text/plain 173.194.150.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-2gb7sn7z.googlevideo.com/videoplayback?expire=1631977118&ei=PqpFYc6fI4Ou1wLp5qWIDw&ip=216.131.111.10&id=o-AINItnwhK3iNJvyHhHtE77Rc2byenQz0vOQiRd7ciNWY&itag=251&source=youtube&requiressl=yes&mh=x_&mm=31%2C26&mn=sn-2gb7sn7z%2Csn-4g5ednd7&ms=au%2Conr&mv=m&mvi=5&pl=24&initcwndbps=83750&vprv=1&mime=audio%2Fwebm&ns=DB4KWAyHIJHXMOdzMvsSbvAG&gir=yes&clen=2468925&otfp=1&dur=149.501&lmt=1604777836441783&mt=1631955180&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=O5MxqVwOJceA5g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNMyj-LlknGstvn6RcQBuvtheNqs4z2L4n2ZfC9OWFgkCIQDT51IvGgZKr_OtiFA9m-C4svMAXtp0WjFxD0kOReYCTw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgFlaL9NKLy-xWbksui5jUk3FacURexQ7VI4_nW07EN50CICeNDyZXVB523bnqrpv5YvVvsOmxNRSWo5sQVrUG9Dya&alr=yes&cpn=S1WldDJqwPimRISn&cver=1.20210915.1.2&range=0-66053&rn=2&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.194.150.251 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s04-in-f11.1e100.net

Software

gvs 1.0 /

Resource Hash

d0a1e92387d597f4fdd091107951d277f626463b4330201fb7a15d0a70b7ba90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 08:58:38 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 984
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Sat, 18 Sep 2021 08:58:38 GMT

GET
H3 200 remote.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 2149 95 KB
29 KB 21ms
21ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29920
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:42:11 GMT

GET
H3 200 captions.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 2149 63 KB
24 KB 23ms
23ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

9040a139631211e17470f010dbf75c22df174e015f73164cd7ccce019a132a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 09:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24378
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Sep 2022 09:22:56 GMT

GET
H3 200 endscreen.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 2149 26 KB
7 KB 23ms
22ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

sffe /

Resource Hash

b219c775b483ef8b92a2310b53c5066f2ccc661bf8126194efc49fa2febbe40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7110
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Sep 2022 00:24:31 GMT

POST
H3 200 next Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 2149 15 KB
2 KB 216ms
215ms XHR
application/json 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

ESF /

Resource Hash

44a159ed322d65e1018e1c264c2f6d56a3460a2c78374a6453f2cdcd4d2e0beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210915.1.2
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id: CgthYnFSVEtsTk8yVSi-1JaKBg%3D%3D
Content-Type: application/json

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2448
x-xss-protection: 0
expires: Sat, 18 Sep 2021 08:58:38 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/AWTYMwXkF9E/ Frame 2149 13 KB
13 KB 61ms
27ms Image
image/webp 142.250.74.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/AWTYMwXkF9E/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.214 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f22.1e100.net

Software

sffe /

Resource Hash

fdae48ba51745b7da714401b6acf73fecd4158fb9b9db199254489773bc5413a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 07:25:10 GMT
x-content-type-options: nosniff
age: 5608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12910
x-xss-protection: 0
server: sffe
etag: "1604777999"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 09:25:10 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2149 4 KB
3 KB 95ms
44ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Sat, 18 Sep 2021 08:58:38 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzZkZDExYzI5ZWFhNzViYmU1NTUyNWNkNzYxMTQwNWY5LmpwZWc.webp
s-img.adskeeper.com/g/8164859/492x328/0x0x899x599/ 25 KB
25 KB 412ms
387ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164859/492x328/0x0x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzZkZDExYzI5ZWFhNzViYmU1NTUyNWNkNzYxMTQwNWY5LmpwZWc.webp?v=1631955518-vft9AjkypMerTff8Bf_yrYNpGthF_LTUJpReaGLSv5U
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611ce382d884582d2022cbb24fc016077eeebfb5bbc75b52923256f43727a405

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:39 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:38:24 GMT
x-mg-request-uuid: f3d1a72a-9c0f-4c02-b729-9e7d4f23c85d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095fa87a8f2187-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25188
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp
s-img.adskeeper.com/g/8193534/492x328/0x124x788x525/ 10 KB
10 KB 299ms
274ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8193534/492x328/0x124x788x525/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp?v=1631955518-KykvFs3pnHo9tyx51BUWrUqn84ie1nug2wBYOpcBNR0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30d86cce2f4998c9a06c57a581b7e1133faf0ec8f5c4008fc25daa122bb03a69

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:39 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:49:31 GMT
x-mg-request-uuid: c14801eb-7ae4-4535-b011-5db52d56be8a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095fa87a912187-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10486
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.adskeeper.com/g/8164865/492x328/0x0x900x600/ 21 KB
22 KB 48ms
24ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1631955518-N0fHcZTqZeDDHQaaWT1OqysOhcBWbHEIPWWdJkPgZ8c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:45:56 GMT
x-mg-request-uuid: 9f9d8d1a-14b7-4e69-9827-140cadaec4f5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095fa87a922187-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21960
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMTQvMTAxOTI0LzY2MTg4NzY0MDYxZTNlNGMwZDM0YWIxYzQ3YTRjMDBlLnBuZz90PTE1MzY5NDAyMjYyNjc.webp
s-img.adskeeper.com/g/8193506/492x328/0x0x582x388/ 14 KB
14 KB 46ms
22ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8193506/492x328/0x0x582x388/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMTQvMTAxOTI0LzY2MTg4NzY0MDYxZTNlNGMwZDM0YWIxYzQ3YTRjMDBlLnBuZz90PTE1MzY5NDAyMjYyNjc.webp?v=1631955518-1vHwEMa0JXBNoNNlCCILnyDrH8M6xbjbQC7QP2THLgQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d8abefde33d47e14e059ef4173465c9a852847346e075ea45bee91036add797

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:26:31 GMT
x-mg-request-uuid: cb25c411-3de8-44ae-b33a-7d532f369cb2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095fa87a932187-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14260
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzdkNWY2ZjU1ZmExZjUyYTE1MmJkYzA3ODkxNzMyM2QwLmpwZWc.webp
s-img.adskeeper.com/g/8164918/492x328/0x135x609x406/ 29 KB
29 KB 404ms
380ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164918/492x328/0x135x609x406/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzdkNWY2ZjU1ZmExZjUyYTE1MmJkYzA3ODkxNzMyM2QwLmpwZWc.webp?v=1631955518-ERMBEEI7c9lHfFvU6A1nVYTjJFvJGrk6xnCJoNNXe3g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fa984fbc4a36551cd174b2eab20b1a6e6968dcf743b51ee9892ad5c6d4fd790

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:39 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:50:06 GMT
x-mg-request-uuid: cef7e994-b36e-4c7f-a8e3-6820fd46cd5d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095fa87a972187-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29560
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.adskeeper.com/g/8164912/492x328/0x0x1081x720/ 12 KB
13 KB 297ms
273ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164912/492x328/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1631955518-m1BOnXi7TIUe332IqXgQlr5vVlUtF-YVp-3IYzQCSOw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d290daa6e15ba87ab2163d78a8d1f73ab6e9dd6d9c3e6c165eec487b0beaae05

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:39 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:42:46 GMT
x-mg-request-uuid: f66af0b3-2ecd-4066-b263-485d43bfaf40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095fa87a982187-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12780
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0LzRiZTMxYWU4Mjg4NzBjOTZmNmRjYWJhZDJlOTQ0YTA1LmpwZWc.webp
s-img.adskeeper.com/g/8164898/492x328/0x64x545x363/ 13 KB
13 KB 288ms
271ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164898/492x328/0x64x545x363/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0LzRiZTMxYWU4Mjg4NzBjOTZmNmRjYWJhZDJlOTQ0YTA1LmpwZWc.webp?v=1631955518-1bhFjQzIW9LQn_-rheQC8-QhJPs_93wM6J4lVeo4KUQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8156d40a763f9291ea782545ba489d73f8e72dced7370cb9ede3188f45d18850

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:39 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 11:07:31 GMT
x-mg-request-uuid: 13b81536-1bd9-4982-b100-4de6bd5ff089
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095fa87a8c2187-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13160
server: cloudflare

GET
H2 200 i.js Show response
cm.adskeeper.com/ 19 B
197 B 121ms
120ms Script
application/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1631955518793559392211
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: a4e9c3f6-28ea-4790-b494-7f76d8c6f7e0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69095fa88a5d21bd-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 videoplayback Show response
r5---sn-4g5ednd7.googlevideo.com/ Frame 2149 65 KB
65 KB 65ms
23ms XHR
video/mp4 74.125.162.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1631977118&ei=PqpFYc6fI4Ou1wLp5qWIDw&ip=216.131.111.10&id=o-AINItnwhK3iNJvyHhHtE77Rc2byenQz0vOQiRd7ciNWY&itag=133&aitags=133%2C160%2C242%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=DB4KWAyHIJHXMOdzMvsSbvAG&gir=yes&clen=4057659&otfp=1&dur=149.480&lmt=1604777841197684&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=O5MxqVwOJceA5g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPo4CfRvQc2fu9Xod1m6DxUjWpIrfpHKWbIB7AridA-eAiBYcCVLxcyYsj6p55UgwIyyoKZvroKXGhT75lVVmZvNhA%3D%3D&alr=yes&cpn=S1WldDJqwPimRISn&cver=1.20210915.1.2&redirect_counter=1&cm2rm=sn-2gbe676&cms_redirect=yes&mh=x_&mm=34&mn=sn-4g5ednd7&ms=ltu&mt=1631955423&mv=m&mvi=5&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgPEe8Wbr3EyOzWuObDsYMB94DXoGNILBa-bfAyScuk40CIQDe7bUaMV5vbrGpAs2THcGJ-VVOErBMoLiET8yA8MMo6w%3D%3D&range=0-66656&rn=3&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s60-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

4ca7b6283bd174a943d3fbf538df9d916e02d73646add68894d2f61b4623892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66657
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:21 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Sat, 18 Sep 2021 08:58:38 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5ednd7.googlevideo.com/ Frame 2149 65 KB
65 KB 71ms
30ms XHR
audio/webm 74.125.162.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1631977118&ei=PqpFYc6fI4Ou1wLp5qWIDw&ip=216.131.111.10&id=o-AINItnwhK3iNJvyHhHtE77Rc2byenQz0vOQiRd7ciNWY&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=DB4KWAyHIJHXMOdzMvsSbvAG&gir=yes&clen=2468925&otfp=1&dur=149.501&lmt=1604777836441783&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=O5MxqVwOJceA5g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNMyj-LlknGstvn6RcQBuvtheNqs4z2L4n2ZfC9OWFgkCIQDT51IvGgZKr_OtiFA9m-C4svMAXtp0WjFxD0kOReYCTw%3D%3D&alr=yes&cpn=S1WldDJqwPimRISn&cver=1.20210915.1.2&redirect_counter=1&cm2rm=sn-2gbe676&cms_redirect=yes&mh=x_&mm=34&mn=sn-4g5ednd7&ms=ltu&mt=1631955423&mv=m&mvi=5&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgI74xrBibrpLnnErLzl0Mi8yGuY0esZS5Frtc-yX4BqgCIAt6YceLhKR7Lp5ALMZRYSzXeIeWflBTpejbceTDUOEB&range=0-66053&rn=4&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s60-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

c535531235b9cb6a3d4e684904a348aa30319f985c3f2a2529c26a2eb4eec6fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66054
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:16 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Sat, 18 Sep 2021 08:58:38 GMT

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame DC1F 19 B
127 B 102ms
102ms Script
application/javascript 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1631955518816509857602
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:38 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 3f1639f4-2471-4898-b9a2-d61aa5ddb5e5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69095fa8aa9421bd-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/92/ Frame 2149 52 KB
15 KB 52ms
24ms Script
text/javascript 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/92/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 17:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55051
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15330
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 15:08:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Sat, 18 Sep 2021 17:41:07 GMT

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.adskeeper.com/g/8164865/492x328/0x0x900x600/ 21 KB
22 KB 32ms
18ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1631955518-N0fHcZTqZeDDHQaaWT1OqysOhcBWbHEIPWWdJkPgZ8c
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:45:56 GMT
x-mg-request-uuid: 9f9d8d1a-14b7-4e69-9827-140cadaec4f5
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095fa8f8ac2169-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21960
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMTQvMTAxOTI0LzY2MTg4NzY0MDYxZTNlNGMwZDM0YWIxYzQ3YTRjMDBlLnBuZz90PTE1MzY5NDAyMjYyNjc.webp
s-img.adskeeper.com/g/8193506/492x328/0x0x582x388/ 14 KB
14 KB 40ms
27ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8193506/492x328/0x0x582x388/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMTQvMTAxOTI0LzY2MTg4NzY0MDYxZTNlNGMwZDM0YWIxYzQ3YTRjMDBlLnBuZz90PTE1MzY5NDAyMjYyNjc.webp?v=1631955518-1vHwEMa0JXBNoNNlCCILnyDrH8M6xbjbQC7QP2THLgQ
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d8abefde33d47e14e059ef4173465c9a852847346e075ea45bee91036add797

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:26:31 GMT
x-mg-request-uuid: cb25c411-3de8-44ae-b33a-7d532f369cb2
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095fa8f8a32169-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14260
server: cloudflare

GET
H3 200 videoplayback Show response
r5---sn-4g5ednd7.googlevideo.com/ Frame 2149 64 KB
64 KB 24ms
23ms XHR
video/mp4 74.125.162.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s60-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

2a244cfcd7d67dd422fba41c17c4252a001190606e1efb773f1051a5043bc289

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:21 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Sat, 18 Sep 2021 08:58:38 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5ednd7.googlevideo.com/ Frame 2149 64 KB
64 KB 23ms
23ms XHR
audio/webm 74.125.162.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1631977118&ei=PqpFYc6fI4Ou1wLp5qWIDw&ip=216.131.111.10&id=o-AINItnwhK3iNJvyHhHtE77Rc2byenQz0vOQiRd7ciNWY&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=DB4KWAyHIJHXMOdzMvsSbvAG&gir=yes&clen=2468925&otfp=1&dur=149.501&lmt=1604777836441783&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=O5MxqVwOJceA5g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNMyj-LlknGstvn6RcQBuvtheNqs4z2L4n2ZfC9OWFgkCIQDT51IvGgZKr_OtiFA9m-C4svMAXtp0WjFxD0kOReYCTw%3D%3D&alr=yes&cpn=S1WldDJqwPimRISn&cver=1.20210915.1.2&redirect_counter=1&cm2rm=sn-2gbe676&cms_redirect=yes&mh=x_&mm=34&mn=sn-4g5ednd7&ms=ltu&mt=1631955423&mv=m&mvi=5&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgI74xrBibrpLnnErLzl0Mi8yGuY0esZS5Frtc-yX4BqgCIAt6YceLhKR7Lp5ALMZRYSzXeIeWflBTpejbceTDUOEB&range=66054-131789&rn=6&rbuf=3857

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s60-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

82902f5fe07b60c443b2b07f173220da1931c1e75d18034f80254a0bd7cb5ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:38 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65736
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:16 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Sat, 18 Sep 2021 08:58:38 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5ednd7.googlevideo.com/ Frame 2149 132 KB
132 KB 24ms
24ms XHR
video/mp4 74.125.162.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s60-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

fa0f0f56ef0b662ea960d16bb45137434feffbbbc2ed9fbe28351379546bc80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:39 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134693
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:21 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Sat, 18 Sep 2021 08:58:39 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5ednd7.googlevideo.com/ Frame 2149 129 KB
129 KB 23ms
23ms XHR
audio/webm 74.125.162.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1631977118&ei=PqpFYc6fI4Ou1wLp5qWIDw&ip=216.131.111.10&id=o-AINItnwhK3iNJvyHhHtE77Rc2byenQz0vOQiRd7ciNWY&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=DB4KWAyHIJHXMOdzMvsSbvAG&gir=yes&clen=2468925&otfp=1&dur=149.501&lmt=1604777836441783&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=O5MxqVwOJceA5g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNMyj-LlknGstvn6RcQBuvtheNqs4z2L4n2ZfC9OWFgkCIQDT51IvGgZKr_OtiFA9m-C4svMAXtp0WjFxD0kOReYCTw%3D%3D&alr=yes&cpn=S1WldDJqwPimRISn&cver=1.20210915.1.2&redirect_counter=1&cm2rm=sn-2gbe676&cms_redirect=yes&mh=x_&mm=34&mn=sn-4g5ednd7&ms=ltu&mt=1631955423&mv=m&mvi=5&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgI74xrBibrpLnnErLzl0Mi8yGuY0esZS5Frtc-yX4BqgCIAt6YceLhKR7Lp5ALMZRYSzXeIeWflBTpejbceTDUOEB&range=131790-263462&rn=8&rbuf=7726

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s60-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

5e5c38899d5895fd96e9bf2a6cf3ca7ec3c5c5c170f0a28887f103d03374f918

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:39 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131673
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:16 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Sat, 18 Sep 2021 08:58:39 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5ednd7.googlevideo.com/ Frame 2149 269 KB
269 KB 24ms
24ms XHR
video/mp4 74.125.162.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s60-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

9ef4cba1cd828a53c7852ffbf7c6bfb2c9bb0f761e43c7e1b36247399831c916

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:58:39 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275427
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:21 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Sat, 18 Sep 2021 08:58:39 GMT

GET
H3 200 c
c.adskeeper.com/ 43 B
442 B 66ms
65ms Image
image/gif 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=488|345|8|1-SWLREXuNBRbg3Js10b-cK5Sv4t95F7mnfNr8QASJlU79ZTwcVk5x-drSA_wGtS&fw=1&extjs=66044&v=488|345|8|1-SWLREXuNBRbg3Js10b-TYfvHqV_Lu5JV3ItanYp4pNxq3dJ9jUw9UfWR1QHaMa&cid=1178745&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=9d51c12a-185e-11ec-9d9d-d0946675f626&tt=Direct&psid=ilstream.info&iv=11&pageImp=1&pvid=17bf8210360996f20b7&muid=l8iCj3VjiGW1&cbuster=1631955520120825394854&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:40 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3e907d65-6866-4379-9f5e-b684fdf5b8b6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095fb0cb2d216f-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 c
c.adskeeper.com/ 43 B
441 B 65ms
65ms Image
image/gif 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=309|243|40|3TRihAQUYGcliyRM9OPdc8K5Sv4t95F7mnfNr8QASJnCDKxfvtQyzFXvdSTAVHTn&fw=1&extjs=66044&v=309|243|8|3TRihAQUYGcliyRM9OPdc1_CoCNXT2fz9-CTTG3Kbcoj8JjwV5eZsbNFbErS5oXL&cid=1178743&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=9d5123e8-185e-11ec-9d9d-d0946675f626&tt=Direct&psid=ilstream.info&iv=11&pageImp=0&pvid=17bf8210360996f20b7&muid=l8iCj3VjiGW1&cbuster=1631955520122727260223&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:40 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 73cadc02-88bd-49f1-a044-fc416f695500
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095fb0cb3a216f-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 c
c.adskeeper.com/ 43 B
442 B 62ms
62ms Image
image/gif 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?pv=3&v=309|243|8|3TRihAQUYGcliyRM9OPdcyIf_cKFORIM5TEgV3ry05_G_x8xIzETwP-DRqjVm16p&extjs=66044&v=309|243|8|3TRihAQUYGcliyRM9OPdc0JeqUmksj2LCpo6Mq4-SeXomeK_b_MepJVds2TaOKWv&v=309|243|8|3TRihAQUYGcliyRM9OPdc82B7zbsbv--JQq4OwXKk3Jkv2KH1qoyyQ1rPKPMwCSV&v=309|243|40|3TRihAQUYGcliyRM9OPdc0xHfMzkhBxWgi1QvfILbjPxZEgX1TC2E36Ig_DM_5u9&cid=1178743&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=9d5123e8-185e-11ec-9d9d-d0946675f626&tt=Direct&psid=ilstream.info&iv=11&pageImp=0&pvid=17bf8210360996f20b7&muid=l8iCj3VjiGW1&cbuster=163195552021987269843&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:58:40 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c4bbff48-d489-45b4-b979-4eed68242477
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095fb16d06216f-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

POST
H3 200 log_event Show response
www.youtube-nocookie.com/youtubei/v1/ Frame 2149 28 B
54 B 37ms
36ms XHR
application/json 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
X-YouTube-Client-Version: 1.20210915.1.2
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgthYnFSVEtsTk8yVSi-1JaKBg%3D%3D
X-YouTube-Ad-Signals: dt=1631955518366&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C956%2C538&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 18 Sep 2021 08:58:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sat, 18 Sep 2021 08:58:40 GMT

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ilstream.info/	1970-01-20 21:19:15	Name: watched Value: %5B%22AWTYMwXkF9E%22%5D
ilstream.info/	1970-01-20 21:19:15	Name: wn Value: AWTYMwXkF9E
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l8iCDf1wlIW1
.mgid.com/	1970-01-19 21:19:17	Name: __cf_bm Value: 28F29nu_W5aQV3CHSyCMZlszJafpagYedrlqWPmARvM-1631955518-0-AQckGQ82IdgHIBm7ATIfRN2bUDQBlbccUfThYvpD2xupcoWGqS5zL3/zHLDo1q4K56PapO7wSi7f+fiSn9Maijc=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Nhg25OQYbZI
.youtube.com/	1970-01-20 01:38:27	Name: VISITOR_INFO1_LIVE Value: Z_zXB722a24
ilstream.info/	1970-01-31 11:05:55	Name: muidn Value: l8iCDf1wlIW1
ilstream.info/	1970-01-25 07:39:25	Name: szm_log_id68 Value: UCtyOTRyanJgNWhgaGU0aGllZDNjNGhjci2U
.adskeeper.com/	1970-01-25 20:31:23	Name: muidn Value: l8iCj3VjiGW1
servicer.adskeeper.com/	1970-01-19 21:19:16	Name: __mglb Value: b77c90ace61932b85ead847cc0fcb78b
ilstream.info/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%7D%2C%22C1178743%22%3A%7B%22page%22%3A1%2C%22time%22%3A1631955518761%7D%2C%22C1178745%22%3A%7B%22page%22%3A1%2C%22time%22%3A1631955518764%7D%7D
c.siteswithcontent.com/	1970-01-25 20:31:23	Name: muidn Value: l8iCQ0sJFaW1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://web.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.adskeeper.com
c.mgid.com
c.siteswithcontent.com
cdn.siteswithcontent.com
cdnjs.cloudflare.com
clck.ru
cm.adskeeper.com
connect.facebook.net
fonts.gstatic.com
i.ytimg.com
ilstream.info
jsc.adskeeper.com
m.uttclimber.com
maxcdn.bootstrapcdn.com
r5---sn-2gb7sn7z.googlevideo.com
r5---sn-4g5ednd7.googlevideo.com
s-img.adskeeper.com
sba.yandex.net
servicer.adskeeper.com
stackpath.bootstrapcdn.com
web.facebook.com
www.google.com
www.gstatic.com
www.youtube-nocookie.com
www.youtube.com
yt3.ggpht.com
104.16.18.94
104.18.11.207
104.18.17.65
104.19.134.78
104.21.69.41
142.250.181.225
142.250.185.106
142.250.185.195
142.250.186.110
142.250.74.195
142.250.74.214
172.217.18.100
172.67.136.13
173.194.150.251
185.156.202.211
213.180.204.221
31.13.92.10
31.13.92.14
64.58.116.142
74.125.162.106
87.250.251.232
00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8
058a7472842e1ca6c12d9b7de2b4635142fbbac7207d20dd0492726f6adb2a8b
09b2418c5e4eebcd34159d3d0889006d974e189b63a78ca9657d2684c24c5c56
1045f21eee60c3c0d34e2d24263b806fa7f0c0ebe90e9ac9280bfc9fe4e1d059
133dfded3aba7e8cebe852664df5cf630d9259e77dd2eec51ba33131a564d57c
1558e057ee9754034519161f171d87a1351d1874bf39abf4d702b734ea7d0b79
15f82c1390578d6d20727a3bb7191dc62d07b221005c34f191eddae4cfe0e21b
16de1d7645521d4b2909a9590e266c6a19dd4992b357f984d05b8e0683245bae
2a244cfcd7d67dd422fba41c17c4252a001190606e1efb773f1051a5043bc289
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d8abefde33d47e14e059ef4173465c9a852847346e075ea45bee91036add797
30d86cce2f4998c9a06c57a581b7e1133faf0ec8f5c4008fc25daa122bb03a69
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
343d53e60402fb4432a259f78aee852534a90ae127b7b612e4cd8fb1d52d0ef0
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085
3ad01e3bb6314005136e71b9414ac0da20dc2db3a8713b09b2339374b9fb278d
3bc5826348d69567babd3982a7f4e222e0f351e04697f7db76db98c1eb799cdf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae
43a714234a3a6994eac63f657b6df454677510bfdf43fdbd27d00348c9742d10
44a159ed322d65e1018e1c264c2f6d56a3460a2c78374a6453f2cdcd4d2e0beb
4a5881cc7cc99d476466bc41629b90c688be6252a827152518afabf509e635c5
4c64b0de0962926c3545e374f17fe916a24fa3ab6dab9a6c758838b75641e568
4ca7b6283bd174a943d3fbf538df9d916e02d73646add68894d2f61b4623892d
51d43d1349cafc6ed17e7fcfc2fe1f6e73f38d57fb9f0dbc583b1e59d323cd80
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
56b03a276b2da8a5e427be32efc4e3f91143080c21ca7823b96e1e42cff01e41
5e5c38899d5895fd96e9bf2a6cf3ca7ec3c5c5c170f0a28887f103d03374f918
611ce382d884582d2022cbb24fc016077eeebfb5bbc75b52923256f43727a405
62761d0cd40a9eeecb3d39dd4f289e55f1edf39e056b76431843fb640963ddcd
676ef4edd50a39df0808976793adc82efb41cfb7e36ed71347d1b1b1190fc704
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7099a2273add53eb39c829e4f35d6847aa949fc597badfdef4cf00602cc01f2c
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cc76250194d5068de6c6b00ac1c397663ad4b117d2c28835ef635618309f104
7fa984fbc4a36551cd174b2eab20b1a6e6968dcf743b51ee9892ad5c6d4fd790
8156d40a763f9291ea782545ba489d73f8e72dced7370cb9ede3188f45d18850
82902f5fe07b60c443b2b07f173220da1931c1e75d18034f80254a0bd7cb5ad4
82a08eda740bb26915a10a25cd953958a3c5bcf3f60497df598618e2b90bd087
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
9040a139631211e17470f010dbf75c22df174e015f73164cd7ccce019a132a1b
9297a9e5062582ffcfcb6ae8228667eaf6941f004b0377768b94b020fbd5ebb3
9ef4cba1cd828a53c7852ffbf7c6bfb2c9bb0f761e43c7e1b36247399831c916
a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa72f2b960b4d2d368349c238463a5dcc3e804f813b7fae82b94ae3706eec5cf
ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b219c775b483ef8b92a2310b53c5066f2ccc661bf8126194efc49fa2febbe40d
b6b23bbcc4477a8a7e9a2580cb91183afa16ae5cbf3b641199790b7722f5a87b
b6f6681c2f44d2b11e6ea575a740aabf600c9a339e51abd8e7dfc3ef40390012
c535531235b9cb6a3d4e684904a348aa30319f985c3f2a2529c26a2eb4eec6fb
d0a1e92387d597f4fdd091107951d277f626463b4330201fb7a15d0a70b7ba90
d290daa6e15ba87ab2163d78a8d1f73ab6e9dd6d9c3e6c165eec487b0beaae05
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e257e3c1052627bc49ec9134da0ee93d63126e8a3f7f3a8473787fbc8e56f3a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e691825311d319d1006d0a8bc28127d3f2fb8d1fd24348a3fff0c9432afc4fc2
e82f2631c70f95ca2d3bf77c4bc297be6ef137c222bd83edd0bd9b4952cf5ecb
e9c1e914263f776fe89ccda355977ca8b49012ff3a240dd9bbdfec17939d6a9b
eb0c369f8b2315b43d6f5c753d8ac7b1c384a1487896321aad3ebac069516d5a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c
f4280d9998706a70f7fdd274c2d98aa0de09d1db42405fe0a503f002830231b5
fa0f0f56ef0b662ea960d16bb45137434feffbbbc2ed9fbe28351379546bc80d
fdae48ba51745b7da714401b6acf73fecd4158fb9b9db199254489773bc5413a
febc3dd8146a053a5aea5574aaf1e9203717cf10e2145e8805c56fb2f59da333

ilstream.info Open in urlscan Pro 172.67.136.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

100 %HTTPS

0 %IPv6

19 Domains

27 Subdomains

20 IPs

5 Countries

2340 kBTransfer

5233 kBSize

12 Cookies

8 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ilstream.info Open in urlscan Pro
172.67.136.13 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

100 %
HTTPS

0 %
IPv6

19
Domains

27
Subdomains

20
IPs

5
Countries

2340 kB
Transfer

5233 kB
Size

12
Cookies

81 HTTP transactions
2 data transactions