ihvesticion.website Open in urlscan Pro
2606:4700:3034::ac43:87bf Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ihvesticion.website/ru/new-gaz-prom1/
Submission: On November 23 via manual (November 23rd 2021, 4:15:41 am UTC) from RU — Scanned from DE

Summary HTTP 70 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3034::ac43:87bf, located in United States and belongs to CLOUDFLARENET, US. The main domain is ihvesticion.website.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 7th 2021. Valid for: a year.

This is the only time ihvesticion.website was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:303... 2606:4700:3034::ac43:87bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	151.101.128.217 151.101.128.217	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
1	34.117.59.81 34.117.59.81	15169 (GOOGLE) (GOOGLE)
1	151.101.64.217 151.101.64.217	54113 (FASTLY) (FASTLY)
8	34.120.202.204 34.120.202.204	15169 (GOOGLE) (GOOGLE)
11	2a02:26f0:12d... 2a02:26f0:12d::17d9:6a0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	178.21.8.220 178.21.8.220	197695 (AS-REG) (AS-REG)
70	13

27 2606:4700:3034::ac43:87bf (United States)

ASN13335 (CLOUDFLARENET, US)

ihvesticion.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

widget.replain.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.217 (United States)

ASN54113 (FASTLY, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.217 (United States)

ASN54113 (FASTLY, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player-telemetry.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:12d::17d9:6a0a (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

14vod-adaptive.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.21.8.220 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: chat.cetis.ru

app.replain.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	ihvesticion.website ihvesticion.website	4 MB
11	akamaized.net 14vod-adaptive.akamaized.net	6 MB
11	vimeocdn.com f.vimeocdn.com i.vimeocdn.com fresnel.vimeocdn.com	220 KB
8	replain.cc widget.replain.cc app.replain.cc	178 KB
4	gstatic.com fonts.gstatic.com	115 KB
4	vimeo.com player.vimeo.com vimeo.com player-telemetry.vimeo.com	14 KB
3	cloudflare.com cdnjs.cloudflare.com	53 KB
1	ipinfo.io ipinfo.io	596 B
1	googleapis.com fonts.googleapis.com	1 KB
70	9

	Domain	Requested by
27	ihvesticion.website	ihvesticion.website
11	14vod-adaptive.akamaized.net	f.vimeocdn.com
6	fresnel.vimeocdn.com	f.vimeocdn.com
5	widget.replain.cc	ihvesticion.website widget.replain.cc
4	fonts.gstatic.com	fonts.googleapis.com
3	app.replain.cc	widget.replain.cc
3	f.vimeocdn.com	player.vimeo.com
3	cdnjs.cloudflare.com	ihvesticion.website
2	player-telemetry.vimeo.com	f.vimeocdn.com
2	i.vimeocdn.com	player.vimeo.com
1	vimeo.com	f.vimeocdn.com
1	ipinfo.io	cdnjs.cloudflare.com
1	player.vimeo.com	ihvesticion.website
1	fonts.googleapis.com	ihvesticion.website
70	14

This site contains links to these domains. Also see Links.

Domain
teleg.run

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-07` - `2022-09-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
widget.replain.cc R3	`2021-10-19` - `2022-01-17`	3 months	crt.sh
*.vimeo.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-09-15` - `2022-10-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
ipinfo.io GTS CA 1D4	`2021-11-02` - `2022-01-31`	3 months	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2021-10-19` - `2022-01-17`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
webview.replain.cc R3	`2021-11-15` - `2022-02-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://ihvesticion.website/ru/new-gaz-prom1/
Frame ID: DBAEBBD5737C90FB90B77F262456B7B3
Requests: 38 HTTP requests in this frame

Frame: https://player.vimeo.com/video/559848413?autoplay=1&loop=1&autopause=0&muted=1
Frame ID: 9705D8EC0B4166671E2F0CC81DD17373
Requests: 26 HTTP requests in this frame

Frame: https://widget.replain.cc/dist/css/app.32a98d58.css
Frame ID: A516E99EE3386171336CF2BF35980CCC
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Газпром

Page Statistics

70
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

14
Subdomains

13
IPs

3
Countries

10662 kB
Transfer

14142 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://teleg.run/GAZPROM_PLATFORM

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ihvesticion.website/ru/new-gaz-prom1/ 256 KB
80 KB 249ms
198ms Document
text/html 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.25 PleskLin
Resource Hash: db9b2d14e60bafc406a0e3754af2f77866831aa065a9436080b6072da1589abe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25 PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRWYhl%2FczTyOmGH6h%2B6uMJFgxW%2F3%2BRoazj%2FqoEDrK%2BKrCMYn4uSv5hKaUBg2kO5YEjyHKmvexR%2FWsXJuz7PAWQzi7uOw2GPiWLS2MkakfsUmNxabJf%2FOoVpSB4m3ys%2F3V2JBfuJ30II1lvYCU2ofoK%2FP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b2793cca9333754-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Ubuntu:400,500,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

861eec5a2c54e4128ef5c1d9d25f2e36683aa3ac875adc301fb1004e09a461ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 04:15:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 04:15:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 04:15:36 GMT

GET
H2 200 fonts.css
ihvesticion.website/ru/new-gaz-prom1/css/ 3 KB
1 KB 62ms
61ms Stylesheet
text/css 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/css/fonts.css
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 34e0085962a3a0873142adb02ba47085683478079b48725300ffc97de618011f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 07:55:24 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"6156beec-b58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXWOli0mSeId2A8gBjkNetqlCpdoFzIHEvGxowMnx2GNfu%2B2GQG6kBvR%2B1OgWvXRMKVCcxS7XHjBoo6t%2FyP5ldg60xL%2Fa4zqrSeuqIndjwCdbShm6uk2IxqhMWDiDgZgImC2IpNLoX%2BTdwRfNwdf4Fo%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b2793ce0a5d3754-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 app.css
ihvesticion.website/ru/new-gaz-prom1/css/ 827 KB
75 KB 73ms
71ms Stylesheet
text/css 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/css/app.css
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4a42e65c15415955258ce700278583db085c46dfebdc5c1531a8a1cd0ee6a92e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 07:55:24 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"6156beec-ceaae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a87UrInpOS%2Fv49nrP2YNWbR84h22djyCFs%2Bwv201GgaKJXMi7Odw0rB8I2Y%2F9BH1PeuAwcLbf2QkFhEy4MiwO%2FdfHjeGvYq8C6wxfy69GQWGYGjSEM7TLmVoHI8aQKkKbR7%2Fol4nY1uT5KivBsyZ8tt3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b2793ce0a5e3754-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 58ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4704059
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27748
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiDcq0PX7mt7dV6enl9RrG75YXa%2FFof58q1tVJY3oYeslVRaopab1P7Ls6Bhc6oOS9MGKgk%2F4cksrKy8xLQZp4EWOs%2BcXZXF8ka8B2pWpk5nKcybXq3Na84Put12%2FbOv2pf38UTUGt%2FQG2ACltC%2BfuWz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2793ce3ab5f937-MXP
expires: Sun, 13 Nov 2022 04:15:36 GMT

GET
H2 200 inputmask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/inputmask/4.0.9/inputmask/ 81 KB
18 KB 61ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/inputmask/4.0.9/inputmask/inputmask.min.js

Requested by

Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39e42a8509b3c4e09c28ff77d43527dd24ab5f2da195da9fdb52fddb44d0f923

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5008179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18465
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea1-143bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1h3KX8NIDRGSp%2BBEn1c%2FDgcI9RkizAtpXM0suv7X3fFY1VpwoiCHyOcxBiGiY5yGCUV4jsm9H8aOtDxnPOmPkF1qhJB%2B9ZpPDDOCW6QKVDSF3wCN2vsCxvmKyVtFXLmdi%2F8mpK%2FSWRoQCs8mWEgJAUuP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2793ce3ab7f937-MXP
expires: Sun, 13 Nov 2022 04:15:36 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/ 24 KB
7 KB 67ms
31ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js

Requested by

Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2883330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6970
timing-allow-origin: *
last-modified: Fri, 29 May 2020 16:54:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ed13e63-5f7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40sFDq9BeyVUY2ufJ8nI1S2YgF70fYkvLFjECsn6GOd1BJgQ6CQ%2Fi5Q5LHRiyP3oow0bZy5DbrxYatT0taCuA3lEAqch0gFPQhMK1j%2BjSmeM0Fyhpa7BMPjwk7uREMqo8PoL7adZpCKI9CMDG6HeTHci"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b2793ce3ab8f937-MXP
expires: Sun, 13 Nov 2022 04:15:36 GMT

GET
H2 200 intlTelInput.css
ihvesticion.website/ru/new-gaz-prom1/assets/landing/css/ 26 KB
3 KB 76ms
76ms Stylesheet
text/css 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/css/intlTelInput.css
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6ee18dded3c049d5c70f54a909e4a97ba1dd718df4e05b4beba7aec802c04b6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 07:55:48 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"6156bf04-6777"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1G77I9hYyOBhwHzDEDDVRPPn9ICcKh%2F97mVH9hj3sXyQsM%2Fvfna6alALwyKB8SpujrrJ3xvXvmedWurf%2F%2BbikNEiq0JOG9DKrxg2GiDehwQLodtCdIPbML9KlP4%2FthQ%2FlolyMl0IjpBsB6chtQ1ZXxFE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b2793ce0a5f3754-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 landing.css
ihvesticion.website/ru/new-gaz-prom1/assets/landing/css/ 1 KB
692 B 68ms
68ms Stylesheet
text/css 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/css/landing.css
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bf991f2f491a16c0d53e86c0038d279283f671768db0c6f2eb173c846907bc67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 07:55:49 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"6156bf05-467"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N03Wgu8jv3tyWjx7acZIddN6jlnEUWF0JgjIQWK8lgy4TuBel6iFRZAnB2IHVtfr7Tjde%2FyH99WsDJk9%2FsUhduvqXQVK6QXik%2BbDUhLHZ9WQ3%2BKgO8uAoM6N8nPA1Z%2F%2B%2FEEyRu7zqEmrRUNAc%2FIVTHMW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6b2793ce0a603754-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 logo.png
ihvesticion.website/ru/new-gaz-prom1/images/ 6 KB
7 KB 168ms
165ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/logo.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 204c5925a3b34721bd7fb4a6229f111c5dc9d2b364040bd4c7518d35fb143a18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6186
last-modified: Fri, 01 Oct 2021 07:55:31 GMT
server: cloudflare
etag: "6156bef3-182a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkRV1kNnJTZMVq6l%2BYLydfaTJbJIKlr5aYNNTdSKYO%2Bny5kkUr26dOm7%2F2wBAmSxOlpwap%2BLnyOtxamZPlHs9xcYFxdZc2eczPX5JJF9Hhn%2FWrj8etDPNc7EfhPw8t7tVZL2YZDXp%2BZdQRN8O1IeJf9r"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebfe459ef-MXP

GET
H3 200 telegram.png
ihvesticion.website/ru/new-gaz-prom1/images/ 21 KB
22 KB 169ms
166ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/telegram.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1bdbb93fd409f529a5c2997a0c6e4358d62fb7b9f6e6e04bc17072af6a2d6464

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21872
last-modified: Fri, 01 Oct 2021 07:55:28 GMT
server: cloudflare
etag: "6156bef0-5570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNr87eu89nIdTucdtrSX5ZO2JfS2CgoSeFeQ39NUtBCixZ%2BtUgbfFAHlfDpjnukAb48Wff9hse%2BrMdnijtbvVVvABlcehzFl8PT8ndqCGjcDpskyX8QTCNveMppvv0%2F9trwpdm0dUy%2FClXs3j6nAt2NI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebfe559ef-MXP

GET
H3 200 rus.png
ihvesticion.website/ru/new-gaz-prom1/images/ 11 KB
11 KB 169ms
166ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/rus.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 442f27194f8effaea78707f06f72bb086d8d3e5e23d7c1ac0b363cced422c096

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10850
last-modified: Fri, 01 Oct 2021 07:55:28 GMT
server: cloudflare
etag: "6156bef0-2a62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esYJ51DscQGrfMRioo6EdQGs%2FnDo7blLFJ7el2KydlwMhsX1Pcitzg87WcGvxayIp6blsRxaO3%2Fx4X1rJMJqjHa%2Fg07iCv9AGjbK7W%2Fe2UL%2B%2FcbTY%2FgzR9CQh9HlQ6gdn04VPbS7Vi6KPGMts1nZ2105"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebfe659ef-MXP

GET
H3 200 wait.png
ihvesticion.website/ru/new-gaz-prom1/assets/landing/img/ 23 KB
24 KB 169ms
167ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/img/wait.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 693c199a179a062e13b9211f8afbfc420c1da822d495b19b38cd0528571fa808

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23672
last-modified: Fri, 01 Oct 2021 07:55:52 GMT
server: cloudflare
etag: "6156bf08-5c78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrkWtCmFzHFmSVLCajuo1O3H%2F5JvIg62Z7uJquDHeM2S3%2FygQRpMXh5JWXGaXfV95sI0YY0Gu7VyxyZoN2A6yt9aPkRAcL1doF154XKTA%2F%2BseHBb32mvZpC41hxrW3fYih5auPiR%2FFXMVHSIFZvPTCPW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebfe759ef-MXP

GET
H3 200 success.png
ihvesticion.website/ru/new-gaz-prom1/assets/landing/img/ 9 KB
10 KB 170ms
168ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/img/success.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 43d7977e40842a30573239834df28dcd59fd7f8f95ab44a48e9fd5d008e99f54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9352
last-modified: Fri, 01 Oct 2021 07:55:51 GMT
server: cloudflare
etag: "6156bf07-2488"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbj9yCJYZFBSmAvpLvW%2B3Qfdif43lqt2I99DgsBHJlEdiJ5SyK75PjMMCllNEBEYs%2FWzoNGzIlFLGooeVJwtDeaSH51WR2cGphvpQYK6mSyS%2FvzGEp6IauRUasYJ%2BixtYfiQfwBUb4%2BDnf9XfNDNEAJe"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebfe959ef-MXP

GET
H3 200 oil.png
ihvesticion.website/ru/new-gaz-prom1/images/ 119 KB
119 KB 171ms
168ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/oil.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 820cad38671093cfbf4f94be9b63882de3474acd4c17b6c6ceaf4ede7266702f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 121650
last-modified: Fri, 01 Oct 2021 07:55:28 GMT
server: cloudflare
etag: "6156bef0-1db32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tKsEgg%2FejCZIVAKSP%2Bk31p89Hosmfi4ASuCApYP9Vjpc5WxbS%2BLB4doe0IcQpa2B%2BUsC3a3e0%2Fz4Tz1EqNiniz2OoHnLxmJZWGfnzjJCJFXSBiqhBdnE6YnFjS%2FctyGc3Wen8n386lGDQ4%2BXzlkggzf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebfea59ef-MXP

GET
H3 200 worker.png
ihvesticion.website/ru/new-gaz-prom1/images/ 585 KB
586 KB 180ms
178ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/worker.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 58fcb2b65fa8c79d26f9c3562c1a6b3eb95e446e9c681794a9be1473eefc6ae8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 598830
last-modified: Fri, 01 Oct 2021 07:55:30 GMT
server: cloudflare
etag: "6156bef2-9232e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0g%2FzHGYT7J1tN%2BpV9o5RLv%2Byl9IBbSU8Kwhn2XpJvg34CcUiSr8IumzUYTuFb3IoV54SzsGq%2FGYM2oZPato5LAW%2BujVgK5MA1%2BRWuGvIQQeL4rj7LiRaPALqSGn5g1KCGAy5ucZjEldHnLOOmENhV8Or"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebfeb59ef-MXP

GET
H3 200 man.png
ihvesticion.website/ru/new-gaz-prom1/images/ 1 MB
1 MB 203ms
201ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/man.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 03ce25dae1e8cd911d23ed53edb099e6babbf3004cc2ababd669f0e15a7d7c20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1427605
last-modified: Fri, 01 Oct 2021 07:55:29 GMT
server: cloudflare
etag: "6156bef1-15c895"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtfaT8EfmIt%2FzmJ2tgGGMC2o8gxfl91sg69teXTI4mpeDJfFv1KV7D0tG8idaT%2BdZog5As%2Ffmi7fpuyxRqRUTNqEBxFahWoH9ogpxH5J9z4e0f1aTocQ3HvjMrNF1rMhjS2vtYxF7HdMqUWVwQoUmmap"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebfed59ef-MXP

GET
H3 200 1.png
ihvesticion.website/ru/new-gaz-prom1/images/ 147 KB
148 KB 231ms
229ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/1.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 836376288631b7cc7c95b5d8e28a85e4f7a3dd7f18d51c57dc24abdfe343ced9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 150410
last-modified: Fri, 01 Oct 2021 07:55:33 GMT
server: cloudflare
etag: "6156bef5-24b8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjugeNmG%2BZD0%2BTp5pZN9%2BRCtJ4KBsRkOmaxaL%2FSsMULLZvWRFVE%2BS8YhJMeMuQb9N4lqLoFyH5YRtpTgDfB4uScDYPoju%2Bxg0IMcM1Y8Jy0wjYLlXq9ICzqUijol4Nm%2BpJRIuT%2B0K5dRg8rhs%2BG%2FvEB1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebfee59ef-MXP

GET
H3 200 2.png
ihvesticion.website/ru/new-gaz-prom1/images/ 236 KB
236 KB 233ms
231ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/2.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 27a6589f2f5a9a557e2f6ce47b70a60047580b4e83486a674480a237acaac889

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 241357
last-modified: Fri, 01 Oct 2021 07:55:32 GMT
server: cloudflare
etag: "6156bef4-3aecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4FkuaHX5%2BN0qDj4Lk8iwlYWMlxvABsIKQn6ToRYYyS%2BPlyE4o34duF2TjbDE%2BKhu7bVBXVBkAKfHm%2B7CGandzJDEFimM%2B7KjSbrIax7EmIH4rTNMzhe0AA5xjRGltLg2OWgQCKHD0GXOede6ch6GaZz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebfef59ef-MXP

GET
H3 200 3.png
ihvesticion.website/ru/new-gaz-prom1/images/ 312 KB
313 KB 235ms
233ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/3.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 259233edf718167c04cd2bb7a28fc939d7518122cfe6cb9b21032e443a5df7b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 319872
last-modified: Fri, 01 Oct 2021 07:55:32 GMT
server: cloudflare
etag: "6156bef4-4e180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gu0rPyL%2BraYx3onfLMlvCaecFiRvn04a27wCbeyHLRI%2FzdSCjeBmHOiijB3%2BGAED9%2FNUOpRULUVQZTTYhyMsD097xjxKJWyqJ3g8us%2FO%2BD9Bx%2BGxv3qnSrOBF7oR%2FI6wCI9xSHs2iLS4tZT4UaaHEn51"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebff059ef-MXP

GET
H3 200 4.png
ihvesticion.website/ru/new-gaz-prom1/images/ 214 KB
215 KB 239ms
237ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/4.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5727d969b841b31fe90892172858a599802a618dd1cc2902b36e644670682402

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 219170
last-modified: Fri, 01 Oct 2021 07:55:31 GMT
server: cloudflare
etag: "6156bef3-35822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzSFqdQvdTpOSXsSsWbg5PESfc7zlSHivYRgc7DFElhwh%2Fk0ia0lGsam2cSZmbwdpnh9zLyvIv7jiaWvf9QnEXjVobUXU%2FlaWogYWfWToHCyiMFqErWx3SoOOwZhtSiASJLJA9pkzSXBAwWUcwilu5Bu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebff459ef-MXP

GET
H3 200 5.png
ihvesticion.website/ru/new-gaz-prom1/images/ 270 KB
271 KB 241ms
240ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/images/5.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 13eff517c5bacfb8904ca69dc6254c6860136d85ba430694aa30608700d58537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 276756
last-modified: Fri, 01 Oct 2021 07:55:31 GMT
server: cloudflare
etag: "6156bef3-43914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVgjeYpLFMfvDyjcazKZXg8MOi8YskJSl4Id8qgmhUsTXGhRdH7Rh6X2o28nWPQdvdqLR9Qwzwh1rfWlJ8iwqqZg7kMRR2Uohl0CPjnfK8ejbm5tKBknog2GjFy7CX5b8mZ02kYCDaABSP%2Bohb5S3rJ5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793cebff659ef-MXP

GET
H3 200 app.js Show response
ihvesticion.website/ru/new-gaz-prom1/js/ 2 MB
367 KB 116ms
115ms Script
application/javascript 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/js/app.js
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: de4274ba1fc3d426b74c3703145160b38bf8489666c99b1c02d979cca712ac6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 07:55:33 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"6156bef5-183f59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRz3WxUuco87SrYZ0RMq66PLj1lR8EltRCnfJOsbNyssJAQnMcxnWBsKhWZrmlb51HryS1mE6v0b4RLuFSMd1Mb%2BfcyEFBOnGp05j6K4FoR4P2SvxpOkvn%2FoeDtuww4UCoSF2N%2F73LNqEQ3nCwmWSrUJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b2793ce8faa59ef-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 intlTelInput.js Show response
ihvesticion.website/ru/new-gaz-prom1/assets/landing/js/ 89 KB
21 KB 84ms
84ms Script
application/javascript 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/js/intlTelInput.js
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eeaae984e35cea0766b14d58b0e0772bb2f9887b1043b53f6b51a6867b5809ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 15:40:04 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"618a9654-16248"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAezq%2FHYasMo1ksUjb%2BcLR82Z%2FPBYiw5vSOjdCbT4CadJDXhEY0pTajtjmlIcLEz%2FFjW88UF0suT65q6v766v2OeJ1LcEVLPpLI04LgxqLnlgUjuyR%2BScL2Q1PR%2BaBf0aqLA6SMdElBTr8liez0%2FPxpg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b2793ce9fcb59ef-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 form.js Show response
ihvesticion.website/ru/new-gaz-prom1/assets/landing/js/ 5 KB
2 KB 168ms
165ms Script
application/javascript 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/js/form.js
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 287fd9de0d484370c2ecede35fca01655545d020f5865bb81ee692883a459415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 15:40:03 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"618a9653-1453"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUF20w4hUDs%2FIhAUtFYdI4lRAuF6IW%2FZdOiqmqEZwlFEG6R09FmhLMq1ruc9hEmuFg3ADZppkYCYwoxNWQr6F6T%2BP6XCwTkzZK%2BRk8IEp7TMu5L%2BIhVeghbCDfCUyJoEN7UiN%2BiZzQF7F1gXxvNGDnMk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b2793cebfe159ef-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 client.js Show response
widget.replain.cc/dist/ 3 KB
2 KB 92ms
21ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.replain.cc/dist/client.js
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 33164995ed36ec5d07e9a3054eb2e8cbb576737380e0d9d876cf050c1a58a443

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Tue, 23 Nov 2021 04:15:36 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 04:58:33 GMT
server: nginx
etag: W/"618ca2f9-d34"
x-cached-since: 2021-11-23T03:18:36+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=345600
cache: HIT
expires: Sat, 27 Nov 2021 04:15:36 GMT

GET
H/1.1 200
OK 559848413 Show response
player.vimeo.com/video/ Frame 9705 14 KB
14 KB 157ms
118ms Document
text/html 151.101.128.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/559848413?autoplay=1&loop=1&autopause=0&muted=1

Requested by

Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8f8bb7a27dd1e8267be407b3ec59288097bd62bc5879332c358a41785132ccdf

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/

Response headers

Connection: keep-alive
Content-Length: 10439
Server: nginx
Content-Type: text/html; charset=UTF-8
X-Xss-Protection: 1; mode=block
Content-Security-Policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires: Tue, 23 Nov 2021 04:18:13 GMT
Via: 1.1 varnish, 1.1 varnish
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache: 1
X-VServer: infra-playproxy-b-1
X-Vimeo-DC: ge
Accept-Ranges: bytes
Date: Tue, 23 Nov 2021 04:15:36 GMT
Age: 0
X-Served-By: cache-hhn4046-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1637640937.785283,VS0,VE112
Vary: Accept-Encoding
X-Player-Backend: p

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Ubuntu:400,500,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ihvesticion.website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 311014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:52:02 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 28 KB
28 KB 40ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Ubuntu:400,500,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ihvesticion.website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 14:26:25 GMT
x-content-type-options: nosniff
age: 568151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28968
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 14:26:25 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 24 KB
24 KB 45ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Ubuntu:400,500,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ihvesticion.website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:30:03 GMT
x-content-type-options: nosniff
age: 312333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:30:03 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v15/ 18 KB
18 KB 38ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800|Ubuntu:400,500,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b18e9aef52e9405612bd233a8053fd0ddf9f9ce93114050fe5679dd139b1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ihvesticion.website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 02:50:14 GMT
x-content-type-options: nosniff
age: 523522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18160
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 17 Nov 2022 02:50:14 GMT

GET
H2 200 player.de-DE.js Show response
f.vimeocdn.com/p/3.46.0/js/ Frame 9705 682 KB
160 KB 40ms
8ms Script
application/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/559848413?autoplay=1&loop=1&autopause=0&muted=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a86cf28ce8ec2b4c9354709be1a2a7dca13e8a694a21c628362bc695862eadb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
via: 1.1 varnish, 1.1 varnish
age: 381873
x-guploader-uploadid: ADPycdtux1zROgcaW_plrl0H4SI0jOIrTJxraUdygACSruupsT7divizfIaiztVI1lnC0ih6nlrtThbJqmRTcKsG5V4
x-cache: MISS, HIT
content-encoding: br
content-length: 163924
x-served-by: cache-bwi5182-BWI, cache-hhn4029-HHN
last-modified: Thu, 18 Nov 2021 18:02:22 GMT
server: UploadServer
x-timer: S1637640937.043968,VS0,VE0
etag: "994938d7d3ec4fd309b1cdf45d94f959"
vary: Accept-Encoding,x-http-method-override
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 0, 4035

GET
H2 200 player.css
f.vimeocdn.com/p/3.46.0/css/ Frame 9705 195 KB
19 KB 39ms
6ms Stylesheet
text/css 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/3.46.0/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/559848413?autoplay=1&loop=1&autopause=0&muted=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: df28fccbafb244dd6825a3eb86ec470c874a19fa978031c470f2280a5a319a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
via: 1.1 varnish, 1.1 varnish
age: 381873
x-guploader-uploadid: ADPycduhx01JBKaRR6hdfLeWmsglTRqnyss_e388w5HreX3J9zuyPnOARdJCkecjW30qjJsnh6RxeY2jLnc_sr4kFwYLdPUIpg
x-cache: MISS, HIT
content-encoding: br
content-length: 19236
x-served-by: cache-bwi5128-BWI, cache-hhn4029-HHN
last-modified: Thu, 18 Nov 2021 18:02:22 GMT
server: UploadServer
x-timer: S1637640937.043906,VS0,VE0
etag: "4d1acc56d3e4ce8c3dd5b7b01300b9da"
vary: Accept-Encoding,x-http-method-override
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-cache-hits: 0, 421072

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 9705 3 KB
1 KB 36ms
7ms Script
text/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/559848413?autoplay=1&loop=1&autopause=0&muted=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
content-encoding: gzip
age: 4655625
x-cache: HIT, HIT
content-length: 1238
x-served-by: cache-bwi5125-BWI, cache-hhn4029-HHN
last-modified: Thu, 30 Sep 2021 05:42:18 GMT
server: Apache
cache-control: max-age=315360000
x-timer: S1637640937.044004,VS0,VE0
etag: "a68-5cd2fe8e48280-gzip"
vary: Accept-Encoding,x-http-method-override
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
expires: Sun, 28 Sep 2031 07:01:52 GMT
x-vimeo-dc: ge
x-bapp-server: assets-v3244-jqhzs
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 1074527

GET
H2 200 / Show response
ipinfo.io/ 616 B
596 B 142ms
123ms Script
text/javascript 34.117.59.81
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?callback=jQuery341031203047753433144_1637640936734&_=1637640936735

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

eaba4b4abd328e741b5f29285b8f02aa23e898ce682a087ae06b8fa9ae74d4ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
via: 1.1 google
vary: Accept-Encoding
x-envoy-upstream-service-time: 3
x-content-type-options: nosniff
alt-svc: clear
x-xss-protection: 1; mode=block

GET
H3 200 flags.png
ihvesticion.website/ru/new-gaz-prom1/assets/landing/img/ 69 KB
70 KB 40ms
40ms Image
image/png 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/img/flags.png
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/css/intlTelInput.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70857
last-modified: Fri, 01 Oct 2021 07:55:52 GMT
server: cloudflare
etag: "6156bf08-114c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSMA%2FvUrqsZhF%2BdYpeyJpEDV%2FDHszwyU8%2FioOgBahjxvgt9KJ%2BwmF8Uv5h29Fpb6G1PCK%2Fw4YYDdJ5yb2UUM06x8p5VqRbNHnQMRO%2FseOoo5DCaesTKPO0NM5FD9NoITJ9b5nRCUJbj%2BTLe5PHMaVlYR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b2793d069e859ef-MXP

GET
H3 404 prev.png
ihvesticion.website/images/vendor/lightbox2/dist/ 808 B
808 B 64ms
63ms Image
text/html 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/images/vendor/lightbox2/dist/prev.png?84b76dee6b27b795e89e3649078a11c2
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Jun 2021 09:33:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9E7ZpwgySnRZL5Vt5Z3Zl0pgFssaSszC%2Bh8uu15oReYo9XOLyOGHlJHWnCzg0U69%2BhQEPN5bGumiQ0LUR%2FDXNvDN9sG%2F7ZHdjrzZRsnv%2FwIze3W56EQu9c%2FOC4VeqmcHWJ%2FPGzqb4A7RK5tsORYM%2FWd"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b2793d069ee59ef-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 next.png
ihvesticion.website/images/vendor/lightbox2/dist/ 808 B
808 B 39ms
38ms Image
text/html 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/images/vendor/lightbox2/dist/next.png?31f15875975aab69085470aabbfec802
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Jun 2021 09:33:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9i1WefIpqzD01iuXEn5UzlkEFj%2FWl8pefyWHCFLMbPMyi7bnl6Z7FQtZ3bB4x9eggtfPZ8WUufaRrSEsb9pXQ6UXnEIoKkqh3Bib22zSp7MU0Q42iYJg3Id0Nvv9wU2eOyZfHtMqs9AOlyY9UlcKF%2Bik"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b2793d069ef59ef-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 loading.gif
ihvesticion.website/images/vendor/lightbox2/dist/ 808 B
808 B 62ms
62ms Image
text/html 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/images/vendor/lightbox2/dist/loading.gif?2299ad0b3f63413f026dfec20c205b8f
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Jun 2021 09:33:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0Rq3P8TkQIb7afYmJLO0n1PrafcXlsEvwecOEX6z0Xa7mvPBvVL9KA1Mj%2FnPVk5CbINwCkJfFFJBIy45Wp1SqqC9I411G3WiYCChg7Fj0K4E3yln1SO1XhUZ%2BHjREXUCZpoOubj%2FGCQt%2BqnpYTrupQL"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b2793d069f059ef-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 404 close.png
ihvesticion.website/images/vendor/lightbox2/dist/ 808 B
808 B 66ms
66ms Image
text/html 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ihvesticion.website/images/vendor/lightbox2/dist/close.png?d9d2d0b1308cb694aa8116915592e2a9
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 09 Jun 2021 09:33:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2F9vco1a%2Fyb5ehO0YbcOk7XF1LoOr3Jc9HZWvR6tcwGYLYPhKn5P76cwtoRfSlE9Q6GhnImFAjKm3oYJAHm5GG0hKd8NP2DPoPQpwZ74p1yGqXGentL2YXIlO60BbhIj1m4GQUama%2Brns7OlFIvZaUG5"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b2793d069f459ef-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 9705 0
790 B 149ms
126ms Ping
text/plain 151.101.64.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=30c2b326afb06d859413b061e385bf9b631f71661637640936

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 varnish, 1.1 varnish
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Served-By: cache-bwi5128-BWI, cache-hhn4033-HHN
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1637640937.095609,VS0,VE119
X-Frame-Options: sameorigin
Date: Tue, 23 Nov 2021 04:15:37 GMT
Vary: User-Agent
Expires: Mon, 22 Nov 2021 16:15:37 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server: pweb-v17599-m9gv4
X-UA-Compatible: IE=edge
Accept-Ranges: bytes
X-Cache-Hits: 0, 0

GET
H2 200 52609642_60x60.jpg
i.vimeocdn.com/portrait/ Frame 9705 853 B
1 KB 15ms
7ms Image
image/jpeg 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/portrait/52609642_60x60.jpg
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/559848413?autoplay=1&loop=1&autopause=0&muted=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 148398c1a4b86774a48fbe1ab132c2a5d5e2bdd2cdeb69a36946c015c759daf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 409251
x-viewmaster-lossless-format: false
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 853
viewmaster-server: viewmaster-us-central1-rcn7
x-served-by: cache-dfw18647-DFW, cache-hhn4029-HHN
x-timer: S1637640937.124977,VS0,VE1
etag: debdf957d2e31087a80cfe64e114560c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1, 1

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame 9705 0
40 B 126ms
109ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 23 Nov 2021 04:15:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 1157333681-a556ee945bfd6ccf8832dd6826716ac02198c070e0f9ea9fceb88edba6b6c444-d
i.vimeocdn.com/video/ Frame 9705 37 KB
37 KB 8ms
8ms Image
image/avif 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1157333681-a556ee945bfd6ccf8832dd6826716ac02198c070e0f9ea9fceb88edba6b6c444-d?mw=900&mh=506
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/559848413?autoplay=1&loop=1&autopause=0&muted=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1b2e42e167552df590b3c47aeeee3847cf7670534bb28850aa5bc1c9d8f23b42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 2227306
x-viewmaster-lossless-format: false
x-cache: miss, MISS, HIT
x-backend-server: varnish
content-length: 38083
viewmaster-server: viewmaster-us-central1-w716
x-served-by: cache-dfw18678-DFW, cache-hhn4029-HHN
x-timer: S1637640937.140802,VS0,VE1
etag: b3c50b156c021f53695b11c59a4d80ed
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 0, 1

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 9705 0
110 B 116ms
105ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=30c2b326afb06d859413b061e385bf9b631f71661637640936
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 23 Nov 2021 04:15:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 9705 0
40 B 108ms
107ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=30c2b326afb06d859413b061e385bf9b631f71661637640936
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 23 Nov 2021 04:15:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 200 play
player-telemetry.vimeo.com/player-events/log/ Frame 9705 0
60 B 110ms
104ms Ping
text/html 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/play
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 23 Nov 2021 04:15:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK master.json Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 24 KB
9 KB 165ms
67ms XHR
application/json 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/sep/video/fae8df27,99d8a119,0d3283df,f0011a31/audio/25d2e2ee,5bbd7790/master.json?query_string_ranges=1&base64_init=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 820c14346563af70c4c44659096f5cc4940a82d1015fa13dd8bb3b3f69364798

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
origin-retrieved-hour: 1637265600
timing-allow-origin: *
Connection: keep-alive
Content-Length: 8375
AK-REFERENCE-ID: 0.66ad917.1637640937.68e0214
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=2217433
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
Content-Type: application/json
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H2 200 app.32a98d58.css
widget.replain.cc/dist/css/ Frame A516 44 KB
10 KB 42ms
41ms Stylesheet
text/css 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.replain.cc/dist/css/app.32a98d58.css
Requested by: Host: widget.replain.cc
URL: https://widget.replain.cc/dist/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c50cfa94dc6c0728d629073b35fc4bb3189a1379be8ca0a7dff826a3b44df1d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 23 Nov 2021 04:15:37 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 05:02:40 GMT
server: nginx
etag: W/"616e5170-af73"
x-cached-since: 2021-10-19T06:35:08+00:00
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=345600
cache: HIT
x-id: fr5-up-gc34
expires: Sat, 27 Nov 2021 04:15:37 GMT

GET
H2 200 app.30c9fc6e.js Show response
widget.replain.cc/dist/js/ Frame A516 326 KB
120 KB 21ms
21ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.replain.cc/dist/js/app.30c9fc6e.js
Requested by: Host: widget.replain.cc
URL: https://widget.replain.cc/dist/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 352d848ea634a23adb1a3f08b41fd24a7cd547ad3449c25d32d55ca1636b19af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 23 Nov 2021 04:15:37 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 04:57:55 GMT
server: nginx
etag: W/"618ca2d3-5189f"
x-cached-since: 2021-11-11T05:02:55+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=345600
cache: HIT
x-id: fr5-up-gc34
expires: Sat, 27 Nov 2021 04:15:37 GMT

GET
H3 200 utils.js Show response
ihvesticion.website/ru/new-gaz-prom1/assets/landing/js/ 244 KB
58 KB 95ms
95ms Script
application/javascript 2606:4700:3034::ac43:87bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/js/utils.js
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/assets/landing/js/intlTelInput.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:87bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e35694e1ea4c6cd874243c3640f05fa9d0bf2bbcc1485f3fa3f2bdc912c52321

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/ru/new-gaz-prom1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 04:15:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 07:55:50 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"6156bf06-3d1f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhQPLrFOKKrBBTGMF%2BIgg5gwY9mDQaULCu75yrSscC2kNGRYyzqdpNTowX4iPDi%2BjQQHUuevd%2BqymKL2mkod%2Bqa6gQpZSrYlhJLVDwlF%2BwVtTpVvb%2FJUMJfJZk%2FM9tc608mw9KQBn1%2BS5QOa7Kee8h3p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6b2793d19b5d59ef-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H/1.1 200
OK auth
app.replain.cc/ Frame 0
0 234ms
84ms Preflight
text/plain 178.21.8.220
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://app.replain.cc/auth

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

chat.cetis.ru

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ihvesticion.website
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 23 Nov 2021 04:16:46 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff nosniff
X-XSS-Protection: 1; mode=block 1; mode=block
Vary: Accept-Encoding
Access-Control-Allow-Origin: https://ihvesticion.website
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Allow-Methods: OPTIONS,GET,POST,PUT,DELETE
Access-Control-Allow-Credentials: true
Allow: POST

POST
H/1.1 200
OK auth Show response
app.replain.cc/ Frame A516 320 B
950 B 69ms
69ms XHR
application/json 178.21.8.220
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL

https://app.replain.cc/auth

Requested by

Host: widget.replain.cc
URL: https://widget.replain.cc/dist/js/app.30c9fc6e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),

Reverse DNS

chat.cetis.ru

Software

nginx /

Resource Hash

8fbf7125a5dfcd49bb7c7c7dea6222a1163a7cef5007a22c23c2521bcd994a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://ihvesticion.website/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 23 Nov 2021 04:16:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block, 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Strict-Transport-Security: max-age=15552000; includeSubDomains
Access-Control-Allow-Methods: OPTIONS,GET,POST,PUT,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Content-Type

GET
H2 206 notification.ac905963.mp3
widget.replain.cc/dist/media/ Frame A516 24 KB
24 KB 20ms
20ms Media
audio/mpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.replain.cc/dist/media/notification.ac905963.mp3
Requested by: Host: ihvesticion.website
URL: https://ihvesticion.website/ru/new-gaz-prom1/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d29d3345cf4f562771b5b807bc898e977d32a63e49bb4b084dc86acae4597c1e

Request headers

Referer: https://ihvesticion.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

pragma: public
date: Tue, 23 Nov 2021 04:15:37 GMT
last-modified: Tue, 19 Oct 2021 05:02:40 GMT
server: nginx
access-control-allow-origin: *
etag: "616e5170-6053"
x-cached-since: 2021-10-19T06:35:08+00:00
content-type: audio/mpeg
Content-Range: bytes 0-24658/24659
cache-control: max-age=345600
cache: HIT
x-id: fr5-up-gc34
Content-Length: 24659
expires: Sat, 27 Nov 2021 04:15:37 GMT

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 9705 0
40 B 124ms
124ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=30c2b326afb06d859413b061e385bf9b631f71661637640936
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 23 Nov 2021 04:15:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK 5bbd7790.mp4 Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 49 KB
50 KB 46ms
46ms XHR
video/mp4 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/parcel/audio/5bbd7790.mp4?range=1155-50909
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: e07503fbfe0432dee49b8ba31ccb4304840531fc23e1980f2ba996eea35565f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:37 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
Origin-Retrieved-Hour: 1623049200
Connection: keep-alive
Content-Length: 49755
AK-REFERENCE-ID: 0.66ad917.1637640937.68e021b
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Mon, 07 Jun 2021 07:37:11 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2001741
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Thu, 16 Dec 2021 08:17:58 GMT

GET
H/1.1 200
OK 99d8a119.mp4 Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 219 KB
220 KB 46ms
45ms XHR
video/mp4 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/parcel/video/99d8a119.mp4?range=1154-225379
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 31a94b0e83a75e96f46648abb115d6f6e0195e66c969ee492704e0444f92056f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:37 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
Origin-Retrieved-Hour: 1623049200
Connection: keep-alive
Content-Length: 224226
AK-REFERENCE-ID: 0.66ad917.1637640937.68e021d
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Mon, 07 Jun 2021 07:37:41 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=2000599
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Thu, 16 Dec 2021 07:58:56 GMT

GET
H/1.1 200
OK 25d2e2ee.mp4 Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 72 KB
73 KB 48ms
48ms XHR
video/mp4 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/parcel/audio/25d2e2ee.mp4?range=1155-75051
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 19c938cc8e3632bce689134c0eeadf76127d30f201ee7576a7abd5d0632a9bf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:37 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
Origin-Retrieved-Hour: 1623049200
Connection: keep-alive
Content-Length: 73897
AK-REFERENCE-ID: 0.66ad917.1637640937.68e0222
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Mon, 07 Jun 2021 07:37:07 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=1999707
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Thu, 16 Dec 2021 07:44:04 GMT

GET
H/1.1 200
OK segment-1.m4s Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 858 KB
859 KB 49ms
49ms XHR
video/mp4 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/sep/video/f0011a31/chop/segment-1.m4s
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ac2d98721357c2a7df20ca593d6fbf0b4d824d25353ac9b659f30c7993a5b901

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:37 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
using-starlord: true
origin-retrieved-hour: 1637049600
Connection: keep-alive
Content-Length: 878954
AK-REFERENCE-ID: 0.66ad917.1637640937.68e0226
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=2000766
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 9705 0
40 B 105ms
105ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=30c2b326afb06d859413b061e385bf9b631f71661637640936
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 23 Nov 2021 04:15:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 lang-en-json.028565e5.js Show response
widget.replain.cc/dist/js/ Frame A516 3 KB
2 KB 20ms
19ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.replain.cc/dist/js/lang-en-json.028565e5.js
Requested by: Host: widget.replain.cc
URL: https://widget.replain.cc/dist/js/app.30c9fc6e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f1089c1ea202e6e874ec81064f0c861e25430fb40f2628bbefd961275a6fa16c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 23 Nov 2021 04:15:37 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 04:51:32 GMT
server: nginx
etag: W/"617a2c54-bda"
x-cached-since: 2021-10-28T05:19:18+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=345600
cache: HIT
x-id: fr5-up-gc34
expires: Sat, 27 Nov 2021 04:15:37 GMT

POST
H2 200 partial
player-telemetry.vimeo.com/player-events/log/ Frame 9705 0
41 B 104ms
104ms Ping
text/html 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://player-telemetry.vimeo.com/player-events/log/partial
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 23 Nov 2021 04:15:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
content-type: text/html; charset=UTF-8

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 9705 0
40 B 106ms
105ms Ping
text/plain 34.120.202.204
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=30c2b326afb06d859413b061e385bf9b631f71661637640936
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Tue, 23 Nov 2021 04:15:37 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK logo-default.png
app.replain.cc/ Frame A516 20 KB
20 KB 273ms
135ms Image
image/png 178.21.8.220
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.replain.cc/logo-default.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.21.8.220 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: chat.cetis.ru
Software: nginx /
Resource Hash: 4e873726d9fb941ec46569ec0a685950f9f954e5c9c00389142d8c35a9584ebe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ihvesticion.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: public
Date: Tue, 23 Nov 2021 04:16:47 GMT
Last-Modified: Thu, 11 Nov 2021 04:45:06 GMT
Server: nginx
ETag: "618c9fd2-4fd9"
Content-Type: image/png
Cache-Control: max-age=31536000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20441
Expires: Wed, 23 Nov 2022 04:16:47 GMT

GET
H/1.1 200
OK 25d2e2ee.mp4 Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 72 KB
73 KB 44ms
44ms XHR
video/mp4 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/parcel/audio/25d2e2ee.mp4?range=75052-148565
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 89e7479f8da8b33417a435b7525e979a8e91cd06fe5ab132e11be3b4753f6bc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:38 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
Origin-Retrieved-Hour: 1623049200
Connection: keep-alive
Content-Length: 73514
AK-REFERENCE-ID: 0.66ad917.1637640938.68e022c
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Mon, 07 Jun 2021 07:37:07 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=1999927
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Thu, 16 Dec 2021 07:47:45 GMT

GET
H/1.1 200
OK segment-2.m4s Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 2 MB
2 MB 504ms
503ms XHR
video/mp4 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/sep/video/f0011a31/chop/segment-2.m4s
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 599b4b89bd97203610c694975f8dc621198046aee9ad813b0882261da59327b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:39 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
using-starlord: true
origin-retrieved-hour: 1637049600
Connection: keep-alive
Content-Length: 2098593
AK-REFERENCE-ID: 0.66ad917.1637640939.68e0245
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=2001702
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK 25d2e2ee.mp4 Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 72 KB
73 KB 69ms
69ms XHR
video/mp4 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/parcel/audio/25d2e2ee.mp4?range=148566-222211
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: 97de75d97433e5b9532c387ae99d1ca2be5e67b18ecdae541165a15d5810998d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:40 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
Origin-Retrieved-Hour: 1623049200
Connection: keep-alive
Content-Length: 73646
AK-REFERENCE-ID: 0.66ad917.1637640940.68e028d
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Mon, 07 Jun 2021 07:37:07 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=1999548
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Thu, 16 Dec 2021 07:41:28 GMT

GET
H/1.1 200
OK segment-3.m4s Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 2 MB
2 MB 46ms
46ms XHR
video/mp4 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/sep/video/f0011a31/chop/segment-3.m4s
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 80d593191e76ccc74eae926e6c62c697c67998bd0ec0ce2a79913c03fe7b69f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:40 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
using-starlord: true
origin-retrieved-hour: 1637049600
Connection: keep-alive
Content-Length: 1623682
AK-REFERENCE-ID: 0.66ad917.1637640940.68e028f
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=2001023
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

GET
H/1.1 200
OK 25d2e2ee.mp4 Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 72 KB
73 KB 44ms
44ms XHR
video/mp4 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/parcel/audio/25d2e2ee.mp4?range=222212-295823
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: parcel /
Resource Hash: f654af26f1da85e5db59410ba75fbfcd77027c6e1b890a0e921acec6f185b4c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:40 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
Origin-Retrieved-Hour: 1623049200
Connection: keep-alive
Content-Length: 73612
AK-REFERENCE-ID: 0.66ad917.1637640940.68e0294
Akamai-Mon-Iucid-Del: 877678
Last-Modified: Mon, 07 Jun 2021 07:37:07 GMT
Server: parcel
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: private, max-age=1999662
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent
Expires: Thu, 16 Dec 2021 07:43:22 GMT

GET
H/1.1 200
OK segment-4.m4s Show response
14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a42685003... Frame 9705 976 KB
977 KB 51ms
51ms XHR
video/mp4 2a02:26f0:12d::17d9:6a0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://14vod-adaptive.akamaized.net/exp=1637644836~acl=%2F83050d48-8e13-45b3-84f3-a426850033ed%2F%2A~hmac=97356388f621c4ac5a399603251de39af14229098667581749f1008ff2140615/83050d48-8e13-45b3-84f3-a426850033ed/sep/video/f0011a31/chop/segment-4.m4s
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.46.0/js/player.de-DE.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:12d::17d9:6a0a Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3de888a37e1533e173ef6c24c3719c44ce79a15cbea0af670a5b7ef28a3a9068

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 04:15:40 GMT
Content-Type: video/mp4
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
using-starlord: true
origin-retrieved-hour: 1637049600
Connection: keep-alive
Content-Length: 999432
AK-REFERENCE-ID: 0.66ad917.1637640940.68e029a
Akamai-Mon-Iucid-Del: 877678
Access-Control-Max-Age: 86400
Aka-c-hit: cache-hit
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control: max-age=2000847
Akamai-Edge-IP: 2a02:26f0:12d::17d9:6a0a
timing-allow-origin: *
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ihvesticion.website/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8fbg2dan84jqvemu173otkspfs
.vimeo.com/	1970-01-20 16:25:12	Name: vuid Value: pl70498416.1078725490
.vimeo.com/	1970-01-20 07:39:36	Name: player Value: ""

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ihvesticion.website/images/vendor/lightbox2/dist/next.png?31f15875975aab69085470aabbfec802 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ihvesticion.website/images/vendor/lightbox2/dist/loading.gif?2299ad0b3f63413f026dfec20c205b8f Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ihvesticion.website/images/vendor/lightbox2/dist/prev.png?84b76dee6b27b795e89e3649078a11c2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ihvesticion.website/images/vendor/lightbox2/dist/close.png?d9d2d0b1308cb694aa8116915592e2a9 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14vod-adaptive.akamaized.net
app.replain.cc
cdnjs.cloudflare.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
ihvesticion.website
ipinfo.io
player-telemetry.vimeo.com
player.vimeo.com
vimeo.com
widget.replain.cc
151.101.114.109
151.101.128.217
151.101.64.217
178.21.8.220
2606:4700:3034::ac43:87bf
2606:4700::6810:125e
2a00:1450:4001:810::200a
2a00:1450:4001:82b::2003
2a02:26f0:12d::17d9:6a0a
2a03:90c0:41:2801::254
34.117.59.81
34.120.202.204
03ce25dae1e8cd911d23ed53edb099e6babbf3004cc2ababd669f0e15a7d7c20
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
13eff517c5bacfb8904ca69dc6254c6860136d85ba430694aa30608700d58537
148398c1a4b86774a48fbe1ab132c2a5d5e2bdd2cdeb69a36946c015c759daf3
19c938cc8e3632bce689134c0eeadf76127d30f201ee7576a7abd5d0632a9bf2
1b2e42e167552df590b3c47aeeee3847cf7670534bb28850aa5bc1c9d8f23b42
1bdbb93fd409f529a5c2997a0c6e4358d62fb7b9f6e6e04bc17072af6a2d6464
204c5925a3b34721bd7fb4a6229f111c5dc9d2b364040bd4c7518d35fb143a18
259233edf718167c04cd2bb7a28fc939d7518122cfe6cb9b21032e443a5df7b0
27a6589f2f5a9a557e2f6ce47b70a60047580b4e83486a674480a237acaac889
287fd9de0d484370c2ecede35fca01655545d020f5865bb81ee692883a459415
31a94b0e83a75e96f46648abb115d6f6e0195e66c969ee492704e0444f92056f
33164995ed36ec5d07e9a3054eb2e8cbb576737380e0d9d876cf050c1a58a443
34e0085962a3a0873142adb02ba47085683478079b48725300ffc97de618011f
352d848ea634a23adb1a3f08b41fd24a7cd547ad3449c25d32d55ca1636b19af
39e42a8509b3c4e09c28ff77d43527dd24ab5f2da195da9fdb52fddb44d0f923
3de888a37e1533e173ef6c24c3719c44ce79a15cbea0af670a5b7ef28a3a9068
43d7977e40842a30573239834df28dcd59fd7f8f95ab44a48e9fd5d008e99f54
442f27194f8effaea78707f06f72bb086d8d3e5e23d7c1ac0b363cced422c096
4a42e65c15415955258ce700278583db085c46dfebdc5c1531a8a1cd0ee6a92e
4e873726d9fb941ec46569ec0a685950f9f954e5c9c00389142d8c35a9584ebe
5727d969b841b31fe90892172858a599802a618dd1cc2902b36e644670682402
58fcb2b65fa8c79d26f9c3562c1a6b3eb95e446e9c681794a9be1473eefc6ae8
599b4b89bd97203610c694975f8dc621198046aee9ad813b0882261da59327b7
693c199a179a062e13b9211f8afbfc420c1da822d495b19b38cd0528571fa808
6a86cf28ce8ec2b4c9354709be1a2a7dca13e8a694a21c628362bc695862eadb
6ee18dded3c049d5c70f54a909e4a97ba1dd718df4e05b4beba7aec802c04b6e
80d593191e76ccc74eae926e6c62c697c67998bd0ec0ce2a79913c03fe7b69f3
820c14346563af70c4c44659096f5cc4940a82d1015fa13dd8bb3b3f69364798
820cad38671093cfbf4f94be9b63882de3474acd4c17b6c6ceaf4ede7266702f
836376288631b7cc7c95b5d8e28a85e4f7a3dd7f18d51c57dc24abdfe343ced9
861eec5a2c54e4128ef5c1d9d25f2e36683aa3ac875adc301fb1004e09a461ab
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89e7479f8da8b33417a435b7525e979a8e91cd06fe5ab132e11be3b4753f6bc7
8f8bb7a27dd1e8267be407b3ec59288097bd62bc5879332c358a41785132ccdf
8fbf7125a5dfcd49bb7c7c7dea6222a1163a7cef5007a22c23c2521bcd994a1e
97de75d97433e5b9532c387ae99d1ca2be5e67b18ecdae541165a15d5810998d
ac2d98721357c2a7df20ca593d6fbf0b4d824d25353ac9b659f30c7993a5b901
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bf991f2f491a16c0d53e86c0038d279283f671768db0c6f2eb173c846907bc67
c50cfa94dc6c0728d629073b35fc4bb3189a1379be8ca0a7dff826a3b44df1d2
d29d3345cf4f562771b5b807bc898e977d32a63e49bb4b084dc86acae4597c1e
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
db9b2d14e60bafc406a0e3754af2f77866831aa065a9436080b6072da1589abe
de4274ba1fc3d426b74c3703145160b38bf8489666c99b1c02d979cca712ac6c
df28fccbafb244dd6825a3eb86ec470c874a19fa978031c470f2280a5a319a5c
e07503fbfe0432dee49b8ba31ccb4304840531fc23e1980f2ba996eea35565f4
e35694e1ea4c6cd874243c3640f05fa9d0bf2bbcc1485f3fa3f2bdc912c52321
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b18e9aef52e9405612bd233a8053fd0ddf9f9ce93114050fe5679dd139b1bb
eaba4b4abd328e741b5f29285b8f02aa23e898ce682a087ae06b8fa9ae74d4ac
eeaae984e35cea0766b14d58b0e0772bb2f9887b1043b53f6b51a6867b5809ce
f1089c1ea202e6e874ec81064f0c861e25430fb40f2628bbefd961275a6fa16c
f654af26f1da85e5db59410ba75fbfcd77027c6e1b890a0e921acec6f185b4c8
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

ihvesticion.website Open in urlscan Pro 2606:4700:3034::ac43:87bf Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

70 Requests

100 %HTTPS

50 %IPv6

9 Domains

14 Subdomains

13 IPs

3 Countries

10662 kBTransfer

14142 kBSize

3 Cookies

1 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ihvesticion.website Open in urlscan Pro
2606:4700:3034::ac43:87bf Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

14
Subdomains

13
IPs

3
Countries

10662 kB
Transfer

14142 kB
Size

3
Cookies

70 HTTP transactions
1 data transactions