urlscan.io logo urlscan.io
SecurityTrails logo

nuschool.eu Open in urlscan Pro
195.230.22.7  Public Scan

Go To Rescan Add Verdict Report
URL: https://nuschool.eu/reader/
Submission: On December 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 10 countries across 24 domains to perform 81 HTTP transactions. The main IP is 195.230.22.7, located in Bulgaria and belongs to Verdina Verdina Ltd., BZ. The main domain is nuschool.eu.
TLS certificate: Issued by R10 on November 5th 2024. Valid for: 3 months.
This is the only time nuschool.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 195.230.22.7 201133 (Verdina V...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
5 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
12 185.180.220.208 49981 (WorldStre...)
4 12 51.83.220.94 16276 (OVH OVH SAS)
4 142.250.185.132 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 51.89.9.252 16276 (OVH OVH SAS)
4 2a00:1450:400... 15169 (GOOGLE)
1 172.67.70.233 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 142.250.186.35 15169 (GOOGLE)
2 216.58.206.46 15169 (GOOGLE)
2 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 185.180.223.91 49981 (WorldStre...)
1 193.200.65.5 6681 (giveme-cl...)
1 31.220.27.155 39572 (ADVANCEDH...)
1 136.243.84.74 24940 (HETZNER-A...)
1 188.42.63.49 7979 (SERVERS-COM)
1 146.59.69.183 16276 (OVH OVH SAS)
1 116.202.167.155 24940 (HETZNER-A...)
2 2 148.113.153.93 16276 (OVH OVH SAS)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2 2a00:1288:80:... 203220 (YAHOO-DEB...)
5 2400:52e0:1e0... 60068 (CDN77 Dat...)
81 29
5    195.230.22.7 (Bulgaria)

ASN201133 (Verdina Verdina Ltd., BZ)
PTR: blue.warez-host.com
nuschool.eu
3    2606:4700:20::681a:f0a (United States)

ASN13335 (CLOUDFLARENET, US)
lib.wtg-ads.com
5    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
12    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WorldStream WorldStream B.V., NL)
PTR: customer.worldstream.nl
ad.vidverto.io
12    51.83.220.94 (Poland)

ASN16276 (OVH OVH SAS, FR)
PTR: app-ngx-pl-03.radius.technology
a4p.adpartner.pro
bidder.smartytouch.co
4    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    172.67.70.233 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
2    216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f14.1e100.net
fundingchoicesmessages.google.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    185.180.223.91 (Naaldwijk, Netherlands)

ASN49981 (WorldStream WorldStream B.V., NL)
PTR: 185-180-223-91.hosted-by-worldstream.net
cdn.vidverto.io
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL)
PTR: t.trafmag.com
t.trafmag.com
1    31.220.27.155 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
s.uuidksinc.net
1    136.243.84.74 (Cologne, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.74.84.243.136.clients.your-server.de
go.rcvlink.com
1    188.42.63.49 (Luxembourg)

ASN7979 (SERVERS-COM, US)
dsp-trk.eskimi.com
1    146.59.69.183 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ngx-pl-01.greencuttlefish.com
server.smartytech.io
1    116.202.167.155 (Nuremberg, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.155.167.202.116.clients.your-server.de
inv-nets.admixer.net
2    148.113.153.93 (Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: pigeon-1.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)
cms.analytics.yahoo.com
ups.analytics.yahoo.com
5    2400:52e0:1e00::1081:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
img.smartytouch.co
Apex Domain
Subdomains		 Transfer
18 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 48813
cdn.vidverto.io — Cisco Umbrella Rank: 70445
259 KB
11 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 7889
23 KB
11 google.com
cse.google.com — Cisco Umbrella Rank: 3364
www.google.com — Cisco Umbrella Rank: 3
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
clients1.google.com — Cisco Umbrella Rank: 510
291 KB
6 smartytouch.co
bidder.smartytouch.co — Cisco Umbrella Rank: 58478
img.smartytouch.co — Cisco Umbrella Rank: 948556
108 KB
5 gstatic.com
fonts.gstatic.com
109 KB
5 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 506
fonts.googleapis.com — Cisco Umbrella Rank: 29
151 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
212 KB
5 nuschool.eu
nuschool.eu
33 KB
3 wtg-ads.com
lib.wtg-ads.com — Cisco Umbrella Rank: 88009
55 KB
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2194
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
512 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 40516
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2657
908 B
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
147 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
313 B
1 smartytech.io
server.smartytech.io — Cisco Umbrella Rank: 54685
338 B
1 eskimi.com
dsp-trk.eskimi.com — Cisco Umbrella Rank: 50075
500 B
1 rcvlink.com
go.rcvlink.com — Cisco Umbrella Rank: 25352
110 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 12224
241 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 15823
349 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
17 KB
1 geojs.io
get.geojs.io — Cisco Umbrella Rank: 17012
1 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
81 24
Domain Requested by
12 ad.vidverto.io nuschool.eu
ad.vidverto.io
11 a4p.adpartner.pro 4 redirects nuschool.eu
a4p.adpartner.pro
6 cdn.vidverto.io nuschool.eu
5 img.smartytouch.co nuschool.eu
5 fonts.gstatic.com nuschool.eu
ad.vidverto.io
5 pagead2.googlesyndication.com nuschool.eu
pagead2.googlesyndication.com
imasdk.googleapis.com
5 nuschool.eu 1 redirects nuschool.eu
4 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 www.google.com cse.google.com
www.google.com
3 lib.wtg-ads.com nuschool.eu
lib.wtg-ads.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 securepubads.g.doubleclick.net imasdk.googleapis.com
2 region1.google-analytics.com www.googletagmanager.com
2 cse.google.com nuschool.eu
www.google.com
1 ups.analytics.yahoo.com nuschool.eu
1 cms.analytics.yahoo.com 1 redirects
1 inv-nets.admixer.net nuschool.eu
1 bidder.smartytouch.co nuschool.eu
1 server.smartytech.io nuschool.eu
1 dsp-trk.eskimi.com nuschool.eu
1 go.rcvlink.com nuschool.eu
1 s.uuidksinc.net nuschool.eu
1 t.trafmag.com nuschool.eu
1 s0.2mdn.net imasdk.googleapis.com
1 fonts.googleapis.com
1 get.geojs.io ad.vidverto.io
1 onetag-sys.com ad.vidverto.io
1 clients1.google.com nuschool.eu
1 www.googletagmanager.com nuschool.eu
81 31

This site contains links to these domains. Also see Links.

Domain
vidverto.io
lite-story.com
profnews.net
24pixelnews.com
creativecommons.org
www.gnu.org
Subject Issuer Validity Valid
mail.nuschool.eu
R10		 2024-11-05 -
2025-02-03		 3 months crt.sh
wtg-ads.com
WE1		 2024-11-19 -
2025-02-17		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
ad.vidverto.io
R10		 2024-12-20 -
2025-03-20		 3 months crt.sh
adpartner.pro
E6		 2024-10-31 -
2025-01-29		 3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
geojs.io
WE1		 2024-11-02 -
2025-01-31		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
cdn.vidverto.io
R11		 2024-10-20 -
2025-01-18		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2024-06-11 -
2025-06-11		 a year crt.sh
uuidksinc.net
R10		 2024-11-03 -
2025-02-01		 3 months crt.sh
*.rcvlink.com
Thawte TLS RSA CA G1		 2024-09-25 -
2025-10-02		 a year crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
img.smartytouch.co
R10		 2024-11-26 -
2025-02-24		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://nuschool.eu/reader/
Frame ID: CF6240E8A3D0659402FB08FC9060A71E
Requests: 73 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543&session_pageview=1&session_id=2ad1478e-845a-4b4f-a863-e34f17745168&site_visited=1&location=https%3A%2F%2Fnuschool.eu%2Freader%2F&referer=
Frame ID: 1D81D48176BFEEF310310D727F4308F3
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=11047&unit_id=11047&shown=&session_pageview=1&session_id=2ad1478e-845a-4b4f-a863-e34f17745168&site_visited=1&apuid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543&width=250&screen_width=1600&reload_count=0&banner_num=1734758453849439535&is_in_viewport=0&ref=&location=https%3A%2F%2Fnuschool.eu%2Freader%2F
Frame ID: BDE1B77656E89C8171520E3E427D87D9
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=11048&unit_id=11048&shown=&session_pageview=1&session_id=2ad1478e-845a-4b4f-a863-e34f17745168&site_visited=1&apuid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543&width=1250&screen_width=1600&reload_count=0&banner_num=1734758453849488075&is_in_viewport=0&ref=&location=https%3A%2F%2Fnuschool.eu%2Freader%2F
Frame ID: 6B91896FC785AC936E08A8F5A9B12B98
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 190FFEC983FE1E65DC926A3FC5951193
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.679.0_en.html?gdpr=1
Frame ID: 77BD94F8B1BE24A0ECF49ED52AABC8D3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E07584F97984BF0F518D2F90ED2970B0
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22bfe8b61f-25d6-4f4d-ae1d-39daaf006543%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A3267479%2C%22cost%22%3A0.000120056%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22e5db9167-219e-4b23-81ee-259982b32a16%22%7D%2C%7B%22ad_id%22%3A1531799%2C%22cost%22%3A0.00011675%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%228420427f-26a6-4aac-900f-2dd16248d62e%22%7D%2C%7B%22ad_id%22%3A3291596%2C%22cost%22%3A0.0000567574%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ac41c166-2fd5-4880-bb72-fd72f489a690%22%7D%2C%7B%22ad_id%22%3A2713922%2C%22cost%22%3A0.0000557143%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22089d9852-2cad-4e96-8eb0-a53a13a2388e%22%7D%5D%2C%22unit_id%22%3A11048%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnuschool.eu%252Freader%252F%22%7D
Frame ID: 717E8F6B69C821D16C82DF0BD251A4A7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.679.0_de.html?gdpr=1
Frame ID: 6566A6BC440F364E3E4222583ADFB9E0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FCF938501688A6E367454BFD63CD4027
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22bfe8b61f-25d6-4f4d-ae1d-39daaf006543%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A3267479%2C%22cost%22%3A0.000135817%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2265e8b3f9-9c5d-4063-a58e-c44e5c849b21%22%7D%2C%7B%22ad_id%22%3A1531799%2C%22cost%22%3A0.000132077%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2263f19774-440a-4bc7-b0c3-391bb63e56d5%22%7D%2C%7B%22ad_id%22%3A3291596%2C%22cost%22%3A0.0000642086%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%226c667023-0348-4cf7-9bfd-a49ec0404f65%22%7D%2C%7B%22ad_id%22%3A2713922%2C%22cost%22%3A0.0000630285%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b03a1104-12fb-480d-b540-109e4bdccdc6%22%7D%5D%2C%22unit_id%22%3A11047%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnuschool.eu%252Freader%252F%22%7D
Frame ID: CD6604E69333808E93D0B1B376A2728E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.679.0_en.html?gdpr=1
Frame ID: 8F430B15C77E817D1E86B315B11CB498
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B2C42F6D2D58848D7DC8935195B7069E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Хрестоматія - Нова українська школа

Page URL History Show full URLs

  1. https://nuschool.eu/reader HTTP 301
    https://nuschool.eu/reader/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

81
Requests

93 %
HTTPS

37 %
IPv6

24
Domains

31
Subdomains

29
IPs

10
Countries

1367 kB
Transfer

7448 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nuschool.eu/reader HTTP 301
    https://nuschool.eu/reader/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid={user_id} HTTP 302
  • https://server.smartytech.io/icm.gif?uid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
Request Chain 54
  • https://a4p.adpartner.pro/ssp/match?redirect=https://bidder.smartytouch.co/icm?uid={user_id} HTTP 302
  • https://bidder.smartytouch.co/icm?uid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
Request Chain 55
  • https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id} HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
Request Chain 56
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=283&mapped=bfe8b61f-25d6-4f4d-ae1d-39daaf006543&gdpr=0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=67a8d32b13f22684081b3d7b87d2aa2b&gdpr=0 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nuschool.eu/reader/
Redirect Chain
  • https://nuschool.eu/reader
  • https://nuschool.eu/reader/
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.230.22.7 , Bulgaria, ASN201133 (Verdina Verdina Ltd., BZ),
Reverse DNS
blue.warez-host.com
Software
LiteSpeed /
Resource Hash
9e1e1ddd859a7860665bf7a687833e53557d33d86bca76f6af3342cc6304086d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 21 Dec 2024 05:20:52 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
795
content-type
text/html
date
Sat, 21 Dec 2024 05:20:52 GMT
location
https://nuschool.eu/reader/
server
LiteSpeed
style.min.css
nuschool.eu/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nuschool.eu/css/style.min.css
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
195.230.22.7 , Bulgaria, ASN201133 (Verdina Verdina Ltd., BZ),
Reverse DNS
blue.warez-host.com
Software
LiteSpeed /
Resource Hash
f6fece1b5690d0ab184d4953d782f84b27f3fa5bbb3020cb575f5145770fe91f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/reader/

Response headers

cache-control
max-age=3600
content-encoding
br
expires
Sat, 28 Dec 2024 05:20:52 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1170
date
Sat, 21 Dec 2024 05:20:52 GMT
content-type
text/css
last-modified
Tue, 13 Feb 2024 17:25:28 GMT
vary
Accept-Encoding
server
LiteSpeed
lazy_sticky.js
lib.wtg-ads.com/publisher/nuschool.eu/ 		132 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.wtg-ads.com/publisher/nuschool.eu/lazy_sticky.js
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ee910c7f1cef91455e785a5c6155576a29beef02e6a35996d3e1c98920941d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

access-control-max-age
1728000
content-encoding
br
cf-cache-status
HIT
etag
W/"65856d9f-211be"
age
994126
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FpLkbRIk4BsB2hdMeONrf8JB7ehxvSBLmD7pGlRZ1g9cdIgR87H2J2bAxyIi6cWKq89oJl8riBgOjB4%2B%2B5uCw45%2BWXU5vfb%2BEnPv%2FUrmY2fyNVo0t775Dn1F7N%2Fws8XjmYnKK4MphH8A3J%2BcXw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
expires
Mon, 09 Dec 2024 20:12:07 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=16469&min_rtt=8022&rtt_var=9466&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4013&recv_bytes=2278&delivery_rate=320880&cwnd=254&unsent_bytes=0&cid=4bd9da5ff5c98e3f&ts=40&x=0"
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 22 Dec 2023 11:06:07 GMT
vary
Accept-Encoding
x-visitor-country
DE
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=10800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f556cee98fcd2e3-FRA
access-control-allow-origin
*
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2062463022593482
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
821334f705e21f9325dd5c15f3d2a3c6d8723e66f15de5ad453ae2c3d746d05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nuschool.eu
Referer
https://nuschool.eu/

Response headers

content-encoding
br
etag
12235565592979842892
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:20:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53432
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M6HD13GBES
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93d47d2486d982a0b9ede137439593640ec65dd0d9ce55bb09933e18e9d0b846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 21 Dec 2024 05:20:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109870
x-xss-protection
0
server
Google Tag Manager
cse.js
cse.google.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
c531422389daf0457a4a12e12bdaeb228a3401328b14eeca62bdf7bdd3a24d85
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-hY25vr4QQ4hltKf183l_7g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-hY25vr4QQ4hltKf183l_7g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
content-encoding
br
accept-ch
Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy
unload=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3218
date
Sat, 21 Dec 2024 05:20:53 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
gws
x-frame-options
SAMEORIGIN
lib.single.min.js
lib.wtg-ads.com/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.wtg-ads.com/lib.single.min.js
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/publisher/nuschool.eu/lazy_sticky.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47e0378dbabb7c5ee1a9a3674d205eec23b71ea5e8abd9becee46d65f6a47fa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

access-control-max-age
1728000
content-encoding
br
cf-cache-status
HIT
etag
W/"625514fa-92f5"
age
1914804
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKBmguI6NB1H89KWSVRlL2KN6GchqXXhoRbOQ2rQP4ygihSOMnCT5d2ZL2TmtsXk9sYZynwbl%2B1zz0mcibxwtuS84IpjE2SYcQHckW%2FEZY7b6B8ndw4fGASso72mLDTI5tTEXayKK2Du%2Bm1LgA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
expires
Fri, 29 Nov 2024 04:27:29 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=26177&min_rtt=8022&rtt_var=5201&sent=44&recv=29&lost=0&retrans=0&sent_bytes=42338&recv_bytes=2340&delivery_rate=1792674&cwnd=256&unsent_bytes=0&cid=4bd9da5ff5c98e3f&ts=87&x=0"
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 12 Apr 2022 05:58:18 GMT
vary
Accept-Encoding
x-visitor-country
DE
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=10800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f556ceee950d2e3-FRA
access-control-allow-origin
*
server
cloudflare
standard.publisher.config.min.js
lib.wtg-ads.com/publisher/nuschool.eu/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.wtg-ads.com/publisher/nuschool.eu/standard.publisher.config.min.js
Requested by
Host: lib.wtg-ads.com
URL: https://lib.wtg-ads.com/lib.single.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1ff20955e909485b3ada605b3c7965a364f3eb99c04fb5930020a22527c1fb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

access-control-max-age
1728000
content-encoding
br
cf-cache-status
HIT
etag
W/"65856a9d-75a6"
age
110112
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rdm%2F1jwkor%2FCwRj108eyoAH2tixcrnsXT2HFBDsHxeqYWNoKiKywRVYBFtIr2bub2CVeNC5fp9pJVOKwKrYmg%2B9DbWHUnQzVz4iO5azQPTWk5KfsWkeHXSiJcAscwVNkFsqbrRQNrx4cFu8NxA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
expires
Fri, 20 Dec 2024 01:45:41 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=20204&min_rtt=8022&rtt_var=5186&sent=57&recv=36&lost=0&retrans=0&sent_bytes=53185&recv_bytes=2428&delivery_rate=1792674&cwnd=256&unsent_bytes=0&cid=4bd9da5ff5c98e3f&ts=119&x=0"
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 22 Dec 2023 10:53:17 GMT
vary
Accept-Encoding
x-visitor-country
DE
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=10800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f556cef1983d2e3-FRA
access-control-allow-origin
*
server
cloudflare
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 		435 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=nuschool.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2062463022593482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ceeafaec5b661006b327b144f97ee753bc301c0e2e62a53323d9d97ac7776bdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
br
etag
7112691729393595577
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:20:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147951
x-xss-protection
0
server
cafe
Roboto.woff2
nuschool.eu/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nuschool.eu/fonts/Roboto.woff2
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/css/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
195.230.22.7 , Bulgaria, ASN201133 (Verdina Verdina Ltd., BZ),
Reverse DNS
blue.warez-host.com
Software
LiteSpeed /
Resource Hash
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nuschool.eu
Referer
https://nuschool.eu/css/style.min.css

Response headers

cache-control
max-age=3600
expires
Sat, 28 Dec 2024 05:20:52 GMT
accept-ranges
bytes
content-length
28036
date
Sat, 21 Dec 2024 05:20:52 GMT
content-type
font/woff2
last-modified
Tue, 13 Feb 2024 17:25:29 GMT
server
LiteSpeed
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bedc6cc225844195373911c5d0a2d7175248a110fac9949875e428d3dc6aa4d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
max-age=3600, public, max-age=3600
content-encoding
gzip
etag
W/"67584c49-6512"
expires
Sat, 21 Dec 2024 06:20:53 GMT
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript
last-modified
Tue, 10 Dec 2024 14:12:25 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
jsunit
a4p.adpartner.pro/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=11048&ref=&0.49889575276932163
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
app-ngx-pl-03.radius.technology
Software
nginx /
Resource Hash
313cfc8b8318a24c16e977b8121631f3a20e37ffeead3c64e764c2d3b24a0dc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
no-store no-transform
content-encoding
br
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript; charset=utf-8
server
nginx
jsunit
a4p.adpartner.pro/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=11047&ref=&0.8760010648672913
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
app-ngx-pl-03.radius.technology
Software
nginx /
Resource Hash
852ef58d53ee4e0c5fc9f2523a9bb19c560e8b95ea0daaa048fecfe33103ef9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
no-store no-transform
content-encoding
br
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript; charset=utf-8
server
nginx
cse_element__uk.js
www.google.com/cse/static/element/8fa85d58e016b414/ 		290 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__uk.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
sffe /
Resource Hash
972696ea09a3ff62cb3eab62a5ef39be38a86ad35bdf9572a3a197aaee234702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:20:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Wed, 12 Jun 2024 21:33:21 GMT
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
96468
x-xss-protection
0
server
sffe
default+uk.css
www.google.com/cse/static/element/8fa85d58e016b414/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/8fa85d58e016b414/default+uk.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
sffe /
Resource Hash
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:20:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 12 Jun 2024 21:33:21 GMT
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
9068
x-xss-protection
0
server
sffe
espresso.css
www.google.com/cse/static/style/look/v4/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/espresso.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=010607684231973573011:mknhdkp5vrc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
sffe /
Resource Hash
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
age
830
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:57:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:07:03 GMT
last-modified
Mon, 25 May 2020 08:30:00 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
1538
x-xss-protection
0
server
sffe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M6HD13GBES&gtm=45je4cc1v9173111191za200&_p=1734758453733&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=28914772.1734758454&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734758453&sct=1&seg=0&dl=https%3A%2F%2Fnuschool.eu%2Freader%2F&dt=%D0%A5%D1%80%D0%B5%D1%81%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D1%96%D1%8F%20-%20%D0%9D%D0%BE%D0%B2%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D1%88%D0%BA%D0%BE%D0%BB%D0%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=631
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M6HD13GBES
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nuschool.eu
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
text/plain
server
Golfe2
ca-pub-2062463022593482
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2062463022593482?href=https%3A%2F%2Fnuschool.eu%2Freader&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2062463022593482&plah=nuschool.eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1096d047b6e301e5a526bd46612c041e040fdf8f6e97965ec9b28c3913befec6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IwZt2wx6A0jhFqZqCAz7bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw0pBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC_FwbF0wczebQMfUmUeYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMjQyN9AwM4wsMAG4_RPk"
content-security-policy
script-src 'report-sample' 'nonce-IwZt2wx6A0jhFqZqCAz7bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
impress
ad.vidverto.io/delivery/ 		58 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=nuschool.eu&pzoneid=10740&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=nuschool.eu&top_url=https%3A%2F%2Fnuschool.eu%2Freader%2F&domain=nuschool.eu&url=https%3A%2F%2Fnuschool.eu%2Freader%2F&referrer=&async=1&uid=4620663688&gdpr=0&gdpr_consent=&uuid=5df15268-8df9-45ea-9d50-1d2507d06cd7
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4c04bef5bbf9e244f3cb249302fa961c31fa50d340f5c46a716c99bd14545982

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
x-user-uuid
5df15268-8df9-45ea-9d50-1d2507d06cd7
access-control-allow-origin
https://nuschool.eu
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
tt
a4p.adpartner.pro/ Frame 1D81 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543&session_pageview=1&session_id=2ad1478e-845a-4b4f-a863-e34f17745168&site_visited=1&location=https%3A%2F%2Fnuschool.eu%2Freader%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=11047&ref=&0.8760010648672913
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
app-ngx-pl-03.radius.technology
Software
nginx /
Resource Hash

Request headers

Referer
https://nuschool.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store no-transform
date
Sat, 21 Dec 2024 05:20:54 GMT
server
nginx
ls
a4p.adpartner.pro/jsunit/ Frame BDE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=11047&unit_id=11047&shown=&session_pageview=1&session_id=2ad1478e-845a-4b4f-a863-e34f17745168&site_visited=1&apuid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543&width=250&screen_width=1600&reload_count=0&banner_num=1734758453849439535&is_in_viewport=0&ref=&location=https%3A%2F%2Fnuschool.eu%2Freader%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=11047&ref=&0.8760010648672913
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
app-ngx-pl-03.radius.technology
Software
nginx /
Resource Hash

Request headers

Referer
https://nuschool.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 21 Dec 2024 05:20:54 GMT
server
nginx
ls
a4p.adpartner.pro/jsunit/ Frame 6B91 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=11048&unit_id=11048&shown=&session_pageview=1&session_id=2ad1478e-845a-4b4f-a863-e34f17745168&site_visited=1&apuid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543&width=1250&screen_width=1600&reload_count=0&banner_num=1734758453849488075&is_in_viewport=0&ref=&location=https%3A%2F%2Fnuschool.eu%2Freader%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=11048&ref=&0.49889575276932163
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
app-ngx-pl-03.radius.technology
Software
nginx /
Resource Hash

Request headers

Referer
https://nuschool.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 21 Dec 2024 05:20:54 GMT
server
nginx
async-ads.js
cse.google.com/adsense/search/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/cse_element__uk.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
599d6ae1d19bf8a57937d4b5d8f86958b903ddfd5c51b10a8ccab82423091ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
etag
"980021774488486668"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:20:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/8fa85d58e016b414/default+uk.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.google.com/cse/static/element/8fa85d58e016b414/default+uk.css

Response headers

age
53340
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 14:31:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 14:31:53 GMT
last-modified
Mon, 25 May 2020 08:30:00 GMT
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
content-length
1018
x-xss-protection
0
server
sffe
generate_204
clients1.google.com/ 		0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 21 Dec 2024 05:20:54 GMT
cross-origin-resource-policy
cross-origin
/
onetag-sys.com/usync/ Frame 190F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nuschool.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
vidvertoplayer_test.js
ad.vidverto.io/vidverto/player/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer_test.js
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c3662f85134bcc90f554f3ebcbece0418b7a2ecb6b47c12f926e7fe71a88200f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
max-age=3600, public, max-age=3600
content-encoding
gzip
etag
W/"667ae2a3-15285"
expires
Sat, 21 Dec 2024 06:20:53 GMT
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript
last-modified
Tue, 25 Jun 2024 15:30:43 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		424 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18672b5810471e074cd401d06e7cb28d4e9ed527f30d1f044a7edf5c33d3e85c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:20:54 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148092
date
Sat, 21 Dec 2024 05:20:54 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
max-age=3600, public, max-age=3600
content-encoding
gzip
etag
W/"5ee0f3c3-1389"
expires
Sat, 21 Dec 2024 06:20:53 GMT
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		61 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js?correlator=c64c179eea3d81f1e89f538fcaf51f53
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7a3625ca28eed364415c0e5d8ec730d208ee638cc873942bf58761946cf6c524

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
max-age=3600, public, max-age=3600
content-encoding
gzip
etag
W/"668525c8-f45b"
expires
Sat, 21 Dec 2024 06:20:53 GMT
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript
last-modified
Wed, 03 Jul 2024 10:19:52 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
ima.min.js
ad.vidverto.io/js/ima2/2/ 		93 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=c64c179eea3d81f1e89f538fcaf51f53
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3322e70105d98644daded0005e1ca3ccb2977a29d09178c377b21c7ca5dec070

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
max-age=3600, public, max-age=3600
content-encoding
gzip
etag
W/"675af3df-17468"
expires
Sat, 21 Dec 2024 06:20:53 GMT
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
application/javascript
last-modified
Thu, 12 Dec 2024 14:31:59 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
geo.js
get.geojs.io/v1/ip/ 		325 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/geo.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c3373bd859f38f132514dea9b7330c22728ae2ec996be68c6011c2109cb6b42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

x-request-id
2a114375a4145146b1d14fbdbfc29df3-ASH
content-encoding
br
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpJDJTwtDJZYAv9cDHGyqgtFvkNFFbC%2BXkHqDSr2DCO0b8N866MrbmW%2BfbQHKbVARd%2B1SWwiRkauMI8yEjzTSSk%2BSFHxdcieB7uXj66%2BzMaj3OmCZNC8idsjvezBkA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22518&min_rtt=20834&rtt_var=5254&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4297&recv_bytes=4359&delivery_rate=529&cwnd=12000&unsent_bytes=0&cid=2e1d9b8aa47ae7c8&ts=134&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
priority
u=3,i=?0
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8f556cf19b8d30f6-FRA
access-control-allow-origin
*
geojs-backend
ash-01
server
cloudflare
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
date
Sat, 21 Dec 2024 05:20:53 GMT
etag
W/"5fac1711-a0a"
content-type
text/css
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
max-age=604800, public, max-age=604800
etag
"5ee0f3c3-384"
expires
Sat, 28 Dec 2024 05:20:53 GMT
accept-ranges
bytes
content-length
900
date
Sat, 21 Dec 2024 05:20:53 GMT
content-type
image/png
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
AGSKWxV4QUcjQn7RYN2YVmJAEvRUI4ZdHK-fSCaThpXwgnKeAgs8WjnzRGLqgfIj8yZyBrqTZ7prPAbcjvs5k36l5R6G4zIHwge4D5HxNTzcLsHKYCt7kcWeABjwEmz-hO98MvuRXiKK
fundingchoicesmessages.google.com/f/ 		434 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV4QUcjQn7RYN2YVmJAEvRUI4ZdHK-fSCaThpXwgnKeAgs8WjnzRGLqgfIj8yZyBrqTZ7prPAbcjvs5k36l5R6G4zIHwge4D5HxNTzcLsHKYCt7kcWeABjwEmz-hO98MvuRXiKK?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM0NzU4NDU0LDM1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL251c2Nob29sLmV1L3JlYWRlci8iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJkZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODgyNDddLG51bGwsMTRdIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMzkPlmXMdz6RLQ_dRl3-hkVXABtIw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
531125f7058b018883f61f1c868065125000210f167bcaca4c3df6a9b46e3d15
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PKwJUqzAgOVnka3KrSqHrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC3FzbFswczebwIEPDUZKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoZGhkZ6BobxBQYAOq1E6A"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PKwJUqzAgOVnka3KrSqHrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		114 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyINW46jW7ouPN67RhawIvMEnwG5g/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:20:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 21 Dec 2024 05:20:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nuschool.eu
Referer
https://nuschool.eu/

Response headers

age
348070
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 04:39:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 04:39:44 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nuschool.eu
Referer
https://nuschool.eu/

Response headers

age
61822
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Dec 2025 12:10:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 12:10:32 GMT
last-modified
Mon, 16 Oct 2017 17:32:49 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9832
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nuschool.eu
Referer
https://nuschool.eu/

Response headers

age
331597
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:14:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:14:17 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxX3BeeRuoxKfkyEEHUsD6mGb4yRl-Zow4gTqliKPHptKPqDvfSn1Ik5T5aH30sVcqPfWeAv_MGDh5W3zFjw16fYXLJ8qhxt0mp4UyaxsnUjt6XVvR-7ukvsgw7q_dAq73YyfHnS
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX3BeeRuoxKfkyEEHUsD6mGb4yRl-Zow4gTqliKPHptKPqDvfSn1Ik5T5aH30sVcqPfWeAv_MGDh5W3zFjw16fYXLJ8qhxt0mp4UyaxsnUjt6XVvR-7ukvsgw7q_dAq73YyfHnS
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMzkPlmXMdz6RLQ_dRl3-hkVXABtIw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-amaH9_rCjz9kfQsf9Dl4RA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://nuschool.eu/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj24KZu9kEFuxY2M2o5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMANdYKmQ"
content-security-policy
script-src 'report-sample' 'nonce-amaH9_rCjz9kfQsf9Dl4RA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://nuschool.eu
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX3BeeRuoxKfkyEEHUsD6mGb4yRl-Zow4gTqliKPHptKPqDvfSn1Ik5T5aH30sVcqPfWeAv_MGDh5W3zFjw16fYXLJ8qhxt0mp4UyaxsnUjt6XVvR-7ukvsgw7q_dAq73YyfHnS
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX3BeeRuoxKfkyEEHUsD6mGb4yRl-Zow4gTqliKPHptKPqDvfSn1Ik5T5aH30sVcqPfWeAv_MGDh5W3zFjw16fYXLJ8qhxt0mp4UyaxsnUjt6XVvR-7ukvsgw7q_dAq73YyfHnS
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMzkPlmXMdz6RLQ_dRl3-hkVXABtIw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iw628bFee3pbjsfJI58bTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://nuschool.eu/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoCxB_qL7P-AGKGr1dYOYBYiIdj24KZu9kEHrxa2s2o5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMjQyN9AzM4gsMAPjQKtg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iw628bFee3pbjsfJI58bTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://nuschool.eu
content-length
0
x-xss-protection
0
server
ESF
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		417 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fnuschool.eu%2Freader%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c71749e09db490f6f98af9c717e225ccd7c29d7bf622a42727646e2e701664e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:20:54 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
122
date
Sat, 21 Dec 2024 05:20:54 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1705819415
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer_test.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
max-age=3600, public, max-age=3600
content-encoding
gzip
etag
W/"653fe9e1-1bee3"
expires
Sat, 21 Dec 2024 06:20:54 GMT
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
application/javascript
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1705819415
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer_test.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
date
Sat, 21 Dec 2024 05:20:54 GMT
etag
W/"603c1a08-f52f"
content-type
text/css
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
bridge3.679.0_en.html
imasdk.googleapis.com/js/core/ Frame 77BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.679.0_en.html?gdpr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nuschool.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
170531
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
257815
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Dec 2024 05:58:43 GMT
expires
Fri, 19 Dec 2025 05:58:43 GMT
last-modified
Wed, 11 Dec 2024 19:09:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:20:54 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
16746
date
Sat, 21 Dec 2024 05:20:54 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E075 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
1652
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:53:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 04:53:22 GMT
last-modified
Tue, 19 Nov 2024 15:43:57 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges
bytes
content-length
15725
x-xss-protection
0
server
sffe
video
ad.vidverto.io/delivery/rtb/ 		0
0
480_650.mp4
cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/ 		43 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/480_650.mp4
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
185-180-223-91.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://nuschool.eu/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

ETag
"6254023c-a36930"
Connection
keep-alive
Content-Range
bytes 0-10709295/10709296
Access-Control-Allow-Origin
*
Content-Length
10709296
Date
Sat, 21 Dec 2024 05:20:54 GMT
Content-Type
video/mp4
Last-Modified
Mon, 11 Apr 2022 10:26:04 GMT
Server
nginx/1.14.0 (Ubuntu)
1px-matching-adpartner.gif
t.trafmag.com/images/ 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (giveme-cloud GIVEME CLOUD SP Z O O, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
Date
Sat, 21 Dec 2024 05:20:54 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive
uid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
s.uuidksinc.net/match/798/ 		74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/798/uid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.155 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-length
74
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
image/png
server
nginx/1.23.2
bfe8b61f-25d6-4f4d-ae1d-39daaf006543
go.rcvlink.com/mtch/31/ 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/mtch/31/bfe8b61f-25d6-4f4d-ae1d-39daaf006543
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 Cologne, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

hn
b17
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
image/gif
server
nginx
pix
dsp-trk.eskimi.com/ 		43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.42.63.49 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

Content-Length
43
Date
Sat, 21 Dec 2024 05:20:54 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive
icm.gif
server.smartytech.io/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https://server.smartytech.io/icm.gif?uid={user_id}
  • https://server.smartytech.io/icm.gif?uid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server.smartytech.io/icm.gif?uid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Server
146.59.69.183 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ngx-pl-01.greencuttlefish.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
date
Sat, 21 Dec 2024 05:20:54 GMT
pragma
no-cache
content-type
image/gif
last-modified
Sat, 21 Dec 2024 05:20:54 GMT
server
nginx

Redirect headers

cache-control
no-store no-transform
location
https://server.smartytech.io/icm.gif?uid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
content-length
143
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
text/html; charset=utf-8
server
nginx
icm
bidder.smartytouch.co/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https://bidder.smartytouch.co/icm?uid={user_id}
  • https://bidder.smartytouch.co/icm?uid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bidder.smartytouch.co/icm?uid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Server
51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
app-ngx-pl-03.radius.technology
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
pragma
no-cache
expires
Wed, 11 Nov 1998 11:11:11 GMT
content-length
43
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
image/gif
last-modified
Sat, 21 Dec 2024 05:20:54 GMT
server
nginx

Redirect headers

cache-control
no-store no-transform
location
https://bidder.smartytouch.co/icm?uid=bfe8b61f-25d6-4f4d-ae1d-39daaf006543
content-length
140
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
text/html; charset=utf-8
server
nginx
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id}
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Server
116.202.167.155 Nuremberg, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.155.167.202.116.clients.your-server.de
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

keep-alive
timeout=25
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
43
p3p
CP="NID DSP ALL COR"
date
Sat, 21 Dec 2024 05:20:54 GMT
x-xss-protection
0
content-type
image/gif
server
nginx

Redirect headers

cache-control
no-store no-transform
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
content-length
146
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
text/html; charset=utf-8
server
nginx
cms
ups.analytics.yahoo.com/ups/58679/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D283%26mapped%3D%7Buser_id%7D%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=283&mapped=bfe8b61f-25d6-4f4d-ae1d-39daaf006543&gdpr=0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=67a8d32b13f22684081b3d7b87d2aa2b&gdpr=0
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
0
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Sat, 21 Dec 2024 05:20:55 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
cache-control
no-store
location
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
content-length
257
date
Sat, 21 Dec 2024 05:20:55 GMT
content-type
text/html
content-language
en
server
ATS
if
a4p.adpartner.pro/tracker/ Frame 717E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22bfe8b61f-25d6-4f4d-ae1d-39daaf006543%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A3267479%2C%22cost%22%3A0.000120056%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22e5db9167-219e-4b23-81ee-259982b32a16%22%7D%2C%7B%22ad_id%22%3A1531799%2C%22cost%22%3A0.00011675%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%228420427f-26a6-4aac-900f-2dd16248d62e%22%7D%2C%7B%22ad_id%22%3A3291596%2C%22cost%22%3A0.0000567574%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ac41c166-2fd5-4880-bb72-fd72f489a690%22%7D%2C%7B%22ad_id%22%3A2713922%2C%22cost%22%3A0.0000557143%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22089d9852-2cad-4e96-8eb0-a53a13a2388e%22%7D%5D%2C%22unit_id%22%3A11048%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnuschool.eu%252Freader%252F%22%7D
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
app-ngx-pl-03.radius.technology
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 21 Dec 2024 05:20:54 GMT
expires
0
pragma
no-cache
server
nginx
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1705819415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nuschool.eu
Referer
https://ad.vidverto.io/

Response headers

age
222083
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 18 Dec 2025 15:39:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 15:39:31 GMT
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18684
x-xss-protection
0
server
sffe
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1705819415
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nuschool.eu
Referer
https://ad.vidverto.io/

Response headers

age
331859
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 09:09:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 09:09:55 GMT
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18956
x-xss-protection
0
server
sffe
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

accept-ranges
bytes
content-length
414
date
Sat, 21 Dec 2024 05:20:54 GMT
etag
"62729019-19e"
content-type
image/svg+xml
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
3267479.webp
img.smartytouch.co/3267/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.smartytouch.co/3267/3267479.webp
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
35fc6911f4c93b754ab7095c8ce04de8cfd8d1a03ebe4818b1c9d1626ff693bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cdn-status
200
accept-ranges
bytes
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"ff5a12c356ab9293e9d34bca1f099c4f"
date
Sat, 21 Dec 2024 05:20:54 GMT
x-rgw-object-type
Normal
content-type
image/webp
last-modified
Wed, 07 Aug 2024 08:45:05 GMT
cdn-cachedat
12/20/2024 11:59:03
cdn-cache
REVALIDATED
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=1200
cdn-requestpullsuccess
True
x-amz-meta-s3cmd-attrs
atime:1721746372/ctime:1676647408/gid:33/gname:www-data/md5:ff5a12c356ab9293e9d34bca1f099c4f/mode:33188/mtime:1676646856/uid:33/uname:www-data
cdn-uid
8b3a498e-cf8b-4526-96a0-fd08877fa36d
cdn-requestid
5db36b82ee014d4098a43cba64129cc5
cdn-pullzone
2470100
cdn-proxyver
1.06
x-amz-request-id
tx000009e4f2591431cbe7c-0067655c07-120323ee6-fra1b
cdn-requesttime
1
access-control-allow-origin
*
content-length
18186
cdn-edgestorageid
1079
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
DE
1531799.webp
img.smartytouch.co/1531/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.smartytouch.co/1531/1531799.webp
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
0267cec3d024fdb79dc4f4eaad158cf0d721177e3d8b975bcb8aa31ab90738ec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cdn-status
200
accept-ranges
bytes
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"0d5ec2da4484e1395e4ec022af8ed696"
date
Sat, 21 Dec 2024 05:20:54 GMT
x-rgw-object-type
Normal
content-type
image/webp
last-modified
Sat, 03 Aug 2024 21:53:40 GMT
cdn-cachedat
12/08/2024 23:45:43
cdn-cache
REVALIDATED
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=1200
cdn-requestpullsuccess
True
x-amz-meta-s3cmd-attrs
atime:1721463333/ctime:1668876484/gid:0/gname:root/md5:0d5ec2da4484e1395e4ec022af8ed696/mode:33188/mtime:1668876484/uid:0/uname:root
cdn-uid
8b3a498e-cf8b-4526-96a0-fd08877fa36d
cdn-requestid
ca18ad7d962dd5baf08fac24da6bf3df
cdn-pullzone
2470100
cdn-proxyver
1.06
x-amz-request-id
tx00000f563aeb6713bb218-0067562fa7-11ce78a3b-fra1b
cdn-requesttime
2
access-control-allow-origin
*
content-length
34028
cdn-edgestorageid
1082
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
DE
3291596.webp
img.smartytouch.co/3291/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.smartytouch.co/3291/3291596.webp
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
fa871df4d3b9f6eb8ec95ff354eea24bbfc58e38cfe53fb150b462b02fc608eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cdn-status
200
accept-ranges
bytes
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"8585a28f46fcb985a67bb568a56ad7c5"
date
Sat, 21 Dec 2024 05:20:54 GMT
x-rgw-object-type
Normal
content-type
image/webp
last-modified
Fri, 09 Aug 2024 00:35:44 GMT
cdn-cachedat
12/11/2024 17:16:48
cdn-cache
REVALIDATED
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=1200
cdn-requestpullsuccess
True
x-amz-meta-s3cmd-attrs
atime:1721749710/ctime:1685617446/gid:33/gname:www-data/md5:8585a28f46fcb985a67bb568a56ad7c5/mode:33188/mtime:1685616937/uid:33/uname:www-data
cdn-uid
8b3a498e-cf8b-4526-96a0-fd08877fa36d
cdn-requestid
32411779cd1209772a910aae83f8cdce
cdn-pullzone
2470100
cdn-proxyver
1.06
x-amz-request-id
tx00000824ab7dde5b1cfb6-006759c900-11d59fd15-fra1b
cdn-requesttime
3
access-control-allow-origin
*
content-length
16932
cdn-edgestorageid
1081
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
DE
2713922.webp
img.smartytouch.co/2713/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.smartytouch.co/2713/2713922.webp
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
6fa874e0cf483d58a971c8f8d6ea32e79497f153251557449c37409ddc7e7455
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cdn-status
200
accept-ranges
bytes
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"575eedea433b15e4b0583dfec139de0b"
date
Sat, 21 Dec 2024 05:20:54 GMT
x-rgw-object-type
Normal
content-type
image/webp
last-modified
Sun, 04 Aug 2024 02:41:33 GMT
cdn-cachedat
12/04/2024 18:52:47
cdn-cache
REVALIDATED
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=1200
cdn-requestpullsuccess
True
x-amz-meta-s3cmd-attrs
atime:1721675591/ctime:1669205458/gid:0/gname:root/md5:575eedea433b15e4b0583dfec139de0b/mode:33188/mtime:1669205458/uid:0/uname:root
cdn-uid
8b3a498e-cf8b-4526-96a0-fd08877fa36d
cdn-requestid
3f1202175fbd11cd3af97dedfcde9f33
cdn-pullzone
2470100
cdn-proxyver
1.06
x-amz-request-id
tx000004238b29127c51b6f-006750a4ff-11b72d528-fra1b
cdn-requesttime
2
access-control-allow-origin
*
content-length
21282
cdn-edgestorageid
1081
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
DE
480_650.mp4
cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/480_650.mp4
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
185-180-223-91.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://nuschool.eu/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

ETag
"6254023c-a36930"
Connection
keep-alive
Content-Range
bytes 0-10709295/10709296
Access-Control-Allow-Origin
*
Content-Length
10709296
Date
Sat, 21 Dec 2024 05:20:54 GMT
Content-Type
video/mp4
Last-Modified
Mon, 11 Apr 2022 10:26:04 GMT
Server
nginx/1.14.0 (Ubuntu)
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		417 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fnuschool.eu%2Freader%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c71749e09db490f6f98af9c717e225ccd7c29d7bf622a42727646e2e701664e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:20:54 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
122
date
Sat, 21 Dec 2024 05:20:54 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
bridge3.679.0_de.html
imasdk.googleapis.com/js/core/ Frame 6566 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.679.0_de.html?gdpr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nuschool.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
253073
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
258021
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 07:03:01 GMT
expires
Thu, 18 Dec 2025 07:03:01 GMT
last-modified
Wed, 11 Dec 2024 19:09:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FCF9 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
1652
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:53:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 04:53:22 GMT
last-modified
Tue, 19 Nov 2024 15:43:57 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges
bytes
content-length
15725
x-xss-protection
0
server
sffe
480_650.mp4
cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/ 		122 KB
123 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/480_650.mp4
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
185-180-223-91.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6506c0dc5562e700c43a7b6b515b845af0a9421e3fe1486bf60af03fa67b7dc8

Request headers

Referer
https://nuschool.eu/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=10584064-

Response headers

ETag
"6254023c-a36930"
Connection
keep-alive
Content-Range
bytes 10584064-10709295/10709296
Access-Control-Allow-Origin
*
Content-Length
125232
Date
Sat, 21 Dec 2024 05:20:54 GMT
Content-Type
video/mp4
Last-Modified
Mon, 11 Apr 2022 10:26:04 GMT
Server
nginx/1.14.0 (Ubuntu)
if
a4p.adpartner.pro/tracker/ Frame CD66 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22bfe8b61f-25d6-4f4d-ae1d-39daaf006543%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A3267479%2C%22cost%22%3A0.000135817%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2265e8b3f9-9c5d-4063-a58e-c44e5c849b21%22%7D%2C%7B%22ad_id%22%3A1531799%2C%22cost%22%3A0.000132077%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2263f19774-440a-4bc7-b0c3-391bb63e56d5%22%7D%2C%7B%22ad_id%22%3A3291596%2C%22cost%22%3A0.0000642086%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%226c667023-0348-4cf7-9bfd-a49ec0404f65%22%7D%2C%7B%22ad_id%22%3A2713922%2C%22cost%22%3A0.0000630285%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22b03a1104-12fb-480d-b540-109e4bdccdc6%22%7D%5D%2C%22unit_id%22%3A11047%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnuschool.eu%252Freader%252F%22%7D
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.220.94 , Poland, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
app-ngx-pl-03.radius.technology
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 21 Dec 2024 05:20:54 GMT
expires
0
pragma
no-cache
server
nginx
3267479_169.webp
img.smartytouch.co/3267/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.smartytouch.co/3267/3267479_169.webp
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
6b02aa745df6a19c983a1f667635abc28bbf7197a2c590913207992f0b3af065
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

cdn-status
200
accept-ranges
bytes
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"126e2912e4bb3383fba561200ee5b429"
date
Sat, 21 Dec 2024 05:20:54 GMT
x-rgw-object-type
Normal
content-type
image/webp
last-modified
Wed, 07 Aug 2024 08:45:56 GMT
cdn-cachedat
12/04/2024 09:43:43
cdn-cache
REVALIDATED
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=1200
cdn-requestpullsuccess
True
x-amz-meta-s3cmd-attrs
atime:1721746397/ctime:1676647408/gid:33/gname:www-data/md5:126e2912e4bb3383fba561200ee5b429/mode:33188/mtime:1676646856/uid:33/uname:www-data
cdn-uid
8b3a498e-cf8b-4526-96a0-fd08877fa36d
cdn-requestid
313bb9d85314dc7891ae94f023d4ee8f
cdn-pullzone
2470100
cdn-proxyver
1.06
x-amz-request-id
tx00000500e7fb30f8adb74-006750244f-11b5792f0-fra1b
cdn-requesttime
1
access-control-allow-origin
*
content-length
15014
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
DE
480_650.mp4
cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/ 		0
0
480_650.mp4
cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/ 		256 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/480_650.mp4
Requested by
Host: nuschool.eu
URL: https://nuschool.eu/reader/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
185-180-223-91.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://nuschool.eu/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=32768-

Response headers

ETag
"6254023c-a36930"
Content-Range
bytes 32768-10709295/10709296
Access-Control-Allow-Origin
*
Content-Length
10676528
Date
Sat, 21 Dec 2024 05:20:55 GMT
Last-Modified
Mon, 11 Apr 2022 10:26:04 GMT
Content-Type
video/mp4
Server
nginx/1.14.0 (Ubuntu)
bridge3.679.0_en.html
imasdk.googleapis.com/js/core/ Frame 8F43 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.679.0_en.html?gdpr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nuschool.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
170531
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
257815
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Dec 2024 05:58:43 GMT
expires
Fri, 19 Dec 2025 05:58:43 GMT
last-modified
Wed, 11 Dec 2024 19:09:08 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B2C4 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
1652
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 05:53:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 04:53:22 GMT
last-modified
Tue, 19 Nov 2024 15:43:57 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges
bytes
content-length
15725
x-xss-protection
0
server
sffe
favicon.ico
nuschool.eu/ 		373 B
474 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nuschool.eu/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
195.230.22.7 , Bulgaria, ASN201133 (Verdina Verdina Ltd., BZ),
Reverse DNS
blue.warez-host.com
Software
LiteSpeed /
Resource Hash
3c6bf9a519bdf558bb19998d6a3d8165d275da7adcb927bcea8c3a89d0853296

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/reader/

Response headers

cache-control
max-age=3600
expires
Sat, 28 Dec 2024 05:20:54 GMT
accept-ranges
bytes
content-length
373
date
Sat, 21 Dec 2024 05:20:54 GMT
content-type
image/x-icon
last-modified
Tue, 13 Feb 2024 17:25:22 GMT
server
LiteSpeed
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
480_650.mp4
cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
185-180-223-91.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://nuschool.eu/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=294912-

Response headers

ETag
"6254023c-a36930"
Content-Range
bytes 294912-10709295/10709296
Access-Control-Allow-Origin
*
Content-Length
10414384
Date
Sat, 21 Dec 2024 05:20:55 GMT
Last-Modified
Mon, 11 Apr 2022 10:26:04 GMT
Content-Type
video/mp4
Server
nginx/1.14.0 (Ubuntu)
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M6HD13GBES&gtm=45je4cc1v9173111191za200&_p=1734758453733&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=28914772.1734758454&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEE&sid=1734758453&sct=1&seg=0&dl=https%3A%2F%2Fnuschool.eu%2Freader%2F&dt=%D0%A5%D1%80%D0%B5%D1%81%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D1%96%D1%8F%20-%20%D0%9D%D0%BE%D0%B2%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D1%88%D0%BA%D0%BE%D0%BB%D0%B0&_s=2&tfd=6189
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M6HD13GBES
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://nuschool.eu/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nuschool.eu
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 21 Dec 2024 05:20:59 GMT
content-type
text/plain
server
Golfe2
O%2F0a1vh8%2BRDCBwJcdZmHcdsOHo8VUvYQkNQRfENGia0Wzcrf0C8FKQVx%2FRq1E%2BInYNCwAJy3VaVRJPHuZBeprTQBd70trq5sdKeVbUkIs8mPzjN1Nu06q809NBc16vY1rUcR%2FBsECAkbYZxUgwbZFrz5NjNsN2VrZNzzYGW6fRDrUb80%2BzIpWblvZ...
ad.vidverto.io/delivery/v2/content/tracking/progress/2393/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/2393/O%2F0a1vh8%2BRDCBwJcdZmHcdsOHo8VUvYQkNQRfENGia0Wzcrf0C8FKQVx%2FRq1E%2BInYNCwAJy3VaVRJPHuZBeprTQBd70trq5sdKeVbUkIs8mPzjN1Nu06q809NBc16vY1rUcR%2FBsECAkbYZxUgwbZFrz5NjNsN2VrZNzzYGW6fRDrUb80%2BzIpWblvZg0tecoY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nuschool.eu/

Response headers

content-encoding
gzip
date
Sat, 21 Dec 2024 05:20:59 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
480_650.mp4
cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.91 Naaldwijk, Netherlands, ASN49981 (WorldStream WorldStream B.V., NL),
Reverse DNS
185-180-223-91.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://nuschool.eu/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=3541829-

Response headers

ETag
"6254023c-a36930"
Content-Range
bytes 3541829-10709295/10709296
Access-Control-Allow-Origin
*
Content-Length
7167467
Date
Sat, 21 Dec 2024 05:20:55 GMT
Last-Modified
Mon, 11 Apr 2022 10:26:04 GMT
Content-Type
video/mp4
Server
nginx/1.14.0 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.vidverto.io
URL
https://ad.vidverto.io/delivery/rtb/video?data=%2FZo4CnLimtNj%2BX%2FwbnpAqCiZ%2FnDjVmDQWzqt%2FSq%2BJN9KzKez%2BcIKHneG6G4kVrZWD%2BncvBJRlnG93NlaZ%2F%2BEBmApBXbcj5EvDWRWAznC3XUIiFoVJczrv38VpF%2FqzawF2HfFgIr1T2vbl1jhv2z6D%2BMcYKwBWgJuYBbtejHonKNVR9kI3yyEZTNOymU3KY9yh5t9EfvDA%2BitF5b2d88zI%2Bc%2FUIpQi%2F%2FPl28V2Y8fV4cU%2B3zB%2FGPQLJxzBy11UWIs4v0iyZ%2BHKWcUIz1COWEnd90FVskoXty5HzucnPy8XSzBW%2BtsU%2FoUJhSaEIixmbMjOT5vZh9AEZf5kJyHfHpRabLPTuRkwRd3WyxJkiog1plGE%2BxIqo4t8INIiyHX0M4n1Lei%2BsBdRunXgWynzTHMPqLNolSoqSBUm7r8rqGYptOvyO%2BrYiyPK3c1hwLVk5Df%2BF5CLCabJq52VXJL4ndosQWZDrvZfR6RXWlWTrrmZ1PLMxm7JXPjPQAr5WJ39euz7uEUSXQyijVtkzV5x1sjodJSrwHcTiEohjtKbk1YQ7ha8axSDguD9rkpBsXiBtNrzympBvxfV46aRDNElUd0zz5T6i%2FNQd%2FdokrpjwEJtxgk6pztTZ0%2B7QVnVbarOXkrz92ilvWX9o80w6CbzUmgLA%3D%3D
Domain
cdn.vidverto.io
URL
https://cdn.vidverto.io/secured2/pGlrS6iGdh0p1-nYTP9lsQ:1734762053/1109/video/2393/480_650.mp4

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| __core-js_shared__ object| adsVignette object| googletag number| w2gLoaded object| lazyAds function| generateHash function| w2gTcf2 function| setRunAdsEvent object| w2g object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| stylingFix object| stylingFixContents object| conf object| reloadAds object| pbjs object| wtgAllConfigAdunitsReload object| aries object| head object| script function| gtag object| dataLayer object| google_tag_manager object| __gcse function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate boolean| vidverto object| regeneratorRuntime object| aries_registry object| MainFuncInterface object| loadedBanners object| div object| x function| getApuID object| APC object| functionCallbacks boolean| apuidExists function| waitForApuID object| RtbVastBanner object| CustomVast1734758453849439500 object| shownAds11047 object| initRtb1734758453849439535 object| result string| key string| apuid boolean| initVisitTime object| logVisitTime number| sessionPageview object| sessionData object| CustomVast1734758453849488100 object| shownAds11048 object| initRtb1734758453849488075 object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId string| mox_uuid function| geoip function| inView object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| M2I2MTllMmY5YzkzOWFjbG9hZGVyX2pz string| M2I2MTllMmY5YzkzOWFjY2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| VidvertoPlayer function| VASTClient number| googleNDT_ number| googleAltLoader function| IMA object| _aries object| _google_rum_ns_ number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| vidvertoPromiseCache object| closure_lm_192434 object| inViewWindow object| banner11048_1734758453849488075 object| banner1734758453849488075 function| VidvertoPlayerVideoPlaylistUI object| closure_lm_698069 object| closure_lm_571309 object| banner11047_1734758453849439535 object| banner1734758453849439535

22 Cookies

Domain/Path Name / Value
.nuschool.eu/ Name: _ga
Value: GA1.1.28914772.1734758454
nuschool.eu/ Name: lapuid
Value: bfe8b61f-25d6-4f4d-ae1d-39daaf006543
nuschool.eu/ Name: session_id
Value: 2ad1478e-845a-4b4f-a863-e34f17745168
nuschool.eu/ Name: session_pageview
Value: 1734758454.1
nuschool.eu/ Name: site_visited
Value: 1734844854.1
ad.vidverto.io/ Name: _mwayss_zone_imp[10740][count]
Value: 1
ad.vidverto.io/ Name: _mwayss_zone_imp[10740][frequencyPeriodEnd]
Value: 1734844853
ad.vidverto.io/ Name: _mwayss_zone_imp[10740][lastShow]
Value: 1734758453
a4p.adpartner.pro/ Name: nuschool.eu_ref
Value:
a4p.adpartner.pro/ Name: apuid
Value: bfe8b61f-25d6-4f4d-ae1d-39daaf006543
a4p.adpartner.pro/ Name: apudmg
Value: 1
.eskimi.com/ Name: __eConsent
Value: 1
.trafmag.com/ Name: vid
Value: 2709649997515430
.uuidksinc.net/ Name: jcsuuid
Value: ae7ISdJ2yvoZBnwt5U2Y
.nuschool.eu/ Name: _ga_M6HD13GBES
Value: GS1.1.1734758453.1.0.1734758454.0.0.0
.admixer.net/ Name: am-uid
Value: 27171c091b2f4feaa1dbea42cd06a1e5
server.smartytech.io/ Name: uid
Value: bfe8b61f-25d6-4f4d-ae1d-39daaf006543
.onaudience.com/ Name: cookie
Value: 31cb2cacd4cf50da
.onaudience.com/ Name: done_redirects161
Value: 1
.exelator.com/ Name: EE
Value: "67a8d32b13f22684081b3d7b87d2aa2b"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHMPNEixdgoydA4zcjIzMLEwMIwyTjFPMnCPMUoMdEoaXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6IhfXxUUpaQyLSopPBZ%252F8fBUAimQq6g%253D%253D"
.onaudience.com/ Name: done_redirects252
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
ad.vidverto.io
bidder.smartytouch.co
cdn.vidverto.io
clients1.google.com
cms.analytics.yahoo.com
cse.google.com
dsp-trk.eskimi.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
get.geojs.io
go.rcvlink.com
imasdk.googleapis.com
img.smartytouch.co
inv-nets.admixer.net
lib.wtg-ads.com
loada.exelator.com
nuschool.eu
onetag-sys.com
pagead2.googlesyndication.com
pixel.onaudience.com
region1.google-analytics.com
s.uuidksinc.net
s0.2mdn.net
securepubads.g.doubleclick.net
server.smartytech.io
t.trafmag.com
ups.analytics.yahoo.com
www.google.com
www.googletagmanager.com
ad.vidverto.io
cdn.vidverto.io
116.202.167.155
136.243.84.74
142.250.185.132
142.250.185.98
142.250.186.130
142.250.186.35
146.59.69.183
148.113.153.93
172.67.70.233
185.180.220.208
185.180.223.91
188.42.63.49
193.200.65.5
195.230.22.7
2001:4860:4802:32::36
216.58.206.46
2400:52e0:1e00::1081:1
2606:4700:20::681a:f0a
2a00:1288:80:807::2
2a00:1450:4001:803::2008
2a00:1450:4001:806::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:831::200a
31.220.27.155
51.83.220.94
51.89.9.252
54.78.254.47
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
0267cec3d024fdb79dc4f4eaad158cf0d721177e3d8b975bcb8aa31ab90738ec
1096d047b6e301e5a526bd46612c041e040fdf8f6e97965ec9b28c3913befec6
18672b5810471e074cd401d06e7cb28d4e9ed527f30d1f044a7edf5c33d3e85c
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1c3373bd859f38f132514dea9b7330c22728ae2ec996be68c6011c2109cb6b42
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
313cfc8b8318a24c16e977b8121631f3a20e37ffeead3c64e764c2d3b24a0dc2
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3322e70105d98644daded0005e1ca3ccb2977a29d09178c377b21c7ca5dec070
35fc6911f4c93b754ab7095c8ce04de8cfd8d1a03ebe4818b1c9d1626ff693bd
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c6bf9a519bdf558bb19998d6a3d8165d275da7adcb927bcea8c3a89d0853296
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4c04bef5bbf9e244f3cb249302fa961c31fa50d340f5c46a716c99bd14545982
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
531125f7058b018883f61f1c868065125000210f167bcaca4c3df6a9b46e3d15
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
57d4944ce0cbe8e3daba4cb5fcd014b2bf5d4e1d06a2bc6c24bab30eabf3109e
599d6ae1d19bf8a57937d4b5d8f86958b903ddfd5c51b10a8ccab82423091ac1
5a1ff20955e909485b3ada605b3c7965a364f3eb99c04fb5930020a22527c1fb
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
6506c0dc5562e700c43a7b6b515b845af0a9421e3fe1486bf60af03fa67b7dc8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b02aa745df6a19c983a1f667635abc28bbf7197a2c590913207992f0b3af065
6fa874e0cf483d58a971c8f8d6ea32e79497f153251557449c37409ddc7e7455
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
79079035ef85018e365005353caff57c4797c437cb07f6460e77bf6477cd3805
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7a3625ca28eed364415c0e5d8ec730d208ee638cc873942bf58761946cf6c524
821334f705e21f9325dd5c15f3d2a3c6d8723e66f15de5ad453ae2c3d746d05e
852ef58d53ee4e0c5fc9f2523a9bb19c560e8b95ea0daaa048fecfe33103ef9b
892fdb2e5c44c5f901e7afb124ce07e4522e72ac445492eb8e4570e11aa56457
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
93d47d2486d982a0b9ede137439593640ec65dd0d9ce55bb09933e18e9d0b846
972696ea09a3ff62cb3eab62a5ef39be38a86ad35bdf9572a3a197aaee234702
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9e1e1ddd859a7860665bf7a687833e53557d33d86bca76f6af3342cc6304086d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b4ee910c7f1cef91455e785a5c6155576a29beef02e6a35996d3e1c98920941d
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
bedc6cc225844195373911c5d0a2d7175248a110fac9949875e428d3dc6aa4d5
c3662f85134bcc90f554f3ebcbece0418b7a2ecb6b47c12f926e7fe71a88200f
c531422389daf0457a4a12e12bdaeb228a3401328b14eeca62bdf7bdd3a24d85
c71749e09db490f6f98af9c717e225ccd7c29d7bf622a42727646e2e701664e9
ceeafaec5b661006b327b144f97ee753bc301c0e2e62a53323d9d97ac7776bdb
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f47e0378dbabb7c5ee1a9a3674d205eec23b71ea5e8abd9becee46d65f6a47fa
f6fece1b5690d0ab184d4953d782f84b27f3fa5bbb3020cb575f5145770fe91f
fa871df4d3b9f6eb8ec95ff354eea24bbfc58e38cfe53fb150b462b02fc608eb