davalka.cc Open in urlscan Pro
2606:4700:3031::6815:2897 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://davalka.cc/video/5389/
Submission Tags: falconsandbox
Submission: On March 25 via api (March 25th 2024, 8:06:05 pm UTC) from US — Scanned from DE

Summary HTTP 99 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 38 domains to perform 99 HTTP transactions. The main IP is 2606:4700:3031::6815:2897, located in United States and belongs to CLOUDFLARENET, US. The main domain is davalka.cc.
TLS certificate: Issued by E1 on February 22nd 2024. Valid for: 3 months.

This is the only time davalka.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::6815:2897	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 26	172.67.152.236 172.67.152.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	88.208.22.2 88.208.22.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	82.148.12.69 82.148.12.69	50340 (SELECTEL-MSK) (SELECTEL-MSK)
9	2a05:93c4:27::1 2a05:93c4:27::1	7979 (SERVERS-COM) (SERVERS-COM)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	193.200.64.162 193.200.64.162	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2	172.67.160.81 172.67.160.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.203.95.45 116.203.95.45	24940 (HETZNER-AS) (HETZNER-AS)
6	2606:4700:303... 2606:4700:3033::ac43:99e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	78.47.199.210 78.47.199.210	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3032::ac43:ae33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
1	168.119.25.102 168.119.25.102	24940 (HETZNER-AS) (HETZNER-AS)
4	2a01:4f8:e0:1... 2a01:4f8:e0:19cb::1	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 1	67.216.91.3 67.216.91.3	35415 (WEBZILLA) (WEBZILLA)
1	67.216.89.35 67.216.89.35	35415 (WEBZILLA) (WEBZILLA)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:128:7:48... 2a02:128:7:4860::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1	109.206.176.116 109.206.176.116	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	2a02:b4a:1:6::5 2a02:b4a:1:6::5	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	45.133.44.33 45.133.44.33	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:128:7:52... 2a02:128:7:5241::2	50245 (SERVEREL-AS) (SERVEREL-AS)
99	30

1 2606:4700:3031::6815:2897 (United States)

ASN13335 (CLOUDFLARENET, US)

davalka.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.67.152.236 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

davalka.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.208.22.2 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

31825.novemberadventures.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a788d8a3de.7411603f57.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.canstrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.148.12.69 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

pornogoogle.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a05:93c4:27::1 (Netherlands)

ASN7979 (SERVERS-COM, US)

rdrctgoweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mikellli.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
riamiavid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mybmrtrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

vidosikov.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.162 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network

jkha742.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.160.81 (United States)

ASN13335 (CLOUDFLARENET, US)

69v.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

vidosikov.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

vidosikov.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.95.45 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.45.95.203.116.clients.your-server.de

stat.clickfrog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3033::ac43:99e0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.1qu.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.capndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.47.199.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.210.199.47.78.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:ae33 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.25.102 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.102.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:e0:19cb::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

76b8aba987.265ccb08af.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.216.91.3 (United States) 1 redirects

ASN35415 (WEBZILLA, NL)

cdnbuy.bidonmajet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.216.89.35 (United States)

ASN35415 (WEBZILLA, NL)
PTR: 1f1-23-d3360-35.webazilla.com

1-965-12242-1.b.cdn13.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:128:7:4860::2 (Czech Republic)

ASN50245 (SERVEREL-AS, US)

vast.yomeno.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.176.116 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)
PTR: 116.176.serverel.net

porn4fap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:6::5 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

vowggy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.33 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5241::2 (Czech Republic)

ASN50245 (SERVEREL-AS, US)

kts.cvastico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	davalka.cc 1 redirects davalka.cc	353 KB
7	vidosikov.com vidosikov.com	173 KB
6	1qu.info cdn.1qu.info	219 KB
5	novemberadventures.name 31825.novemberadventures.name — Cisco Umbrella Rank: 800823	15 KB
4	265ccb08af.com 76b8aba987.265ccb08af.com	3 KB
4	rdrctgoweb.com rdrctgoweb.com — Cisco Umbrella Rank: 258250	36 KB
3	gstatic.com fonts.gstatic.com	142 KB
3	pornogoogle.info pornogoogle.info	7 KB
2	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 25231	2 KB
2	yomeno.xyz vast.yomeno.xyz — Cisco Umbrella Rank: 40169	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 112	3 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 25988	430 B
2	canstrm.com js.canstrm.com — Cisco Umbrella Rank: 86733	58 KB
2	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 46649	153 KB
2	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 10507	2 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 138
2	riamiavid.com riamiavid.com — Cisco Umbrella Rank: 105774	23 KB
2	69v.club 69v.club — Cisco Umbrella Rank: 510564	5 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8777	2 KB
2	mikellli.com mikellli.com — Cisco Umbrella Rank: 474098	21 KB
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 11416	36 KB
1	cvastico.com kts.cvastico.com — Cisco Umbrella Rank: 55074
1	wmgtr.com i.wmgtr.com — Cisco Umbrella Rank: 12575	28 KB
1	vowggy.xyz 1 redirects vowggy.xyz	137 B
1	porn4fap.com porn4fap.com — Cisco Umbrella Rank: 390663
1	cdn13.com 1-965-12242-1.b.cdn13.com — Cisco Umbrella Rank: 434109	78 KB
1	bidonmajet.com 1 redirects cdnbuy.bidonmajet.com — Cisco Umbrella Rank: 135697	347 B
1	nereserv.com nereserv.com — Cisco Umbrella Rank: 24929	201 B
1	7411603f57.com a788d8a3de.7411603f57.com	207 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 21273
1	capndr.com js.capndr.com — Cisco Umbrella Rank: 27366	238 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 37604	4 KB
1	clickfrog.ru stat.clickfrog.ru — Cisco Umbrella Rank: 798665	334 B
1	mybmrtrg.com mybmrtrg.com — Cisco Umbrella Rank: 468196
1	jkha742.xyz jkha742.xyz — Cisco Umbrella Rank: 115391	193 B
0	google.com Failed accounts.google.com — Cisco Umbrella Rank: 64 Failed
0	facebook.com Failed www.facebook.com Failed
0	reallifeforyouandme_block.com Failed reallifeforyouandme_block.com Failed
99	38

	Domain	Requested by
27	davalka.cc	1 redirects davalka.cc
7	vidosikov.com	davalka.cc vidosikov.com
6	cdn.1qu.info
5	31825.novemberadventures.name	davalka.cc 31825.novemberadventures.name
4	76b8aba987.265ccb08af.com	js.wpushsdk.com
4	rdrctgoweb.com	davalka.cc rdrctgoweb.com
3	fonts.gstatic.com	fonts.googleapis.com
3	pornogoogle.info	davalka.cc pornogoogle.info
2	static.bookmsg.com
2	vast.yomeno.xyz	js.canstrm.com
2	fonts.googleapis.com	client
2	fp.metricswpsh.com	js.wpadmngr.com
2	js.canstrm.com	js.wpadmngr.com js.canstrm.com
2	js.wpushsdk.com	js.wpadmngr.com js.wpushsdk.com
2	notification.tubecup.net	js.wpadmngr.com
2	pagead2.googlesyndication.com	31825.novemberadventures.name
2	riamiavid.com	mikellli.com rdrctgoweb.com
2	69v.club	davalka.cc 69v.club
2	counter.yadro.ru	1 redirects
2	mikellli.com	davalka.cc mikellli.com
2	js.wpadmngr.com	davalka.cc js.wpadmngr.com
1	kts.cvastico.com	js.canstrm.com
1	i.wmgtr.com
1	vowggy.xyz	1 redirects
1	porn4fap.com	js.canstrm.com
1	1-965-12242-1.b.cdn13.com
1	cdnbuy.bidonmajet.com	1 redirects
1	nereserv.com	js.wpushsdk.com
1	a788d8a3de.7411603f57.com	js.wpadmngr.com
1	storage.multstorage.com	js.wpadmngr.com
1	js.capndr.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	stat.clickfrog.ru	davalka.cc
1	mybmrtrg.com	mikellli.com
1	jkha742.xyz	davalka.cc
0	accounts.google.com Failed
0	www.facebook.com Failed
0	reallifeforyouandme_block.com Failed	davalka.cc
99	38

This site contains links to these domains. Also see Links.

Domain
1qe.info
en.davalka.cc
uk.davalka.cc
tr.davalka.cc
de.davalka.cc
fr.davalka.cc
ja.davalka.cc
it.davalka.cc
es.davalka.cc
hi.davalka.cc
pics-tube.icu
sexs-foto.xyz
davalka.pro
www.liveinternet.ru

Subject Issuer	Validity	Valid
davalka.cc E1	`2024-02-22` - `2024-05-22`	3 months	crt.sh
*.novemberadventures.name R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh
js.wpadmngr.com R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
pornogoogle.info R3	`2024-03-06` - `2024-06-04`	3 months	crt.sh
rdrctgoweb.com R3	`2024-02-10` - `2024-05-10`	3 months	crt.sh
mikellli.com R3	`2024-02-15` - `2024-05-15`	3 months	crt.sh
vidosikov.com GTS CA 1P5	`2024-02-08` - `2024-05-08`	3 months	crt.sh
jkha742.xyz R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh
69v.club GTS CA 1P5	`2024-02-03` - `2024-05-03`	3 months	crt.sh
riamiavid.com R3	`2024-03-16` - `2024-06-14`	3 months	crt.sh
mybmrtrg.com R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh
stat.clickfrog.ru R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
1qu.info GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
na.nawpush.com R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh
js.capndr.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
notification.tubecup.net R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
multstorage.com GTS CA 1P5	`2024-03-17` - `2024-06-15`	3 months	crt.sh
a788d8a3de.7411603f57.com R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
js.wpushsdk.com R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
js.canstrm.com R3	`2024-03-19` - `2024-06-17`	3 months	crt.sh
265ccb08af.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
vast.yomeno.xyz R3	`2024-03-23` - `2024-06-21`	3 months	crt.sh
porn4fap.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
static.bookmsg.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
kts.cvastico.com R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://davalka.cc/video/5389/
Frame ID: 5FB8314E87691D60AA09BDA440CCB826
Requests: 67 HTTP requests in this frame

Frame: https://davalka.cc/embed/28358
Frame ID: D50FF0119F8D9B7958E052EEE3E48F80
Requests: 22 HTTP requests in this frame

Frame: https://vidosikov.com/player/player_ads.html?advertising_id=0.5336935735946775&adzone=0.7441438155345577
Frame ID: C643852EB17BB44DA82377DD1170421A
Requests: 1 HTTP requests in this frame

Frame: https://davalka.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: 67CD0E537562D5F812FBE747891B7A85
Requests: 2 HTTP requests in this frame

Frame: https://riamiavid.com/sweetie/check.min.js
Frame ID: 760D46911525F8305A140BB84BA516D2
Requests: 1 HTTP requests in this frame

Frame: https://mybmrtrg.com/cc
Frame ID: 0D9237F8C9ABE8B7FFEE551BA6D351E1
Requests: 1 HTTP requests in this frame

Frame: https://riamiavid.com/sweetie/check.min.js
Frame ID: 0950AF49D73BDFE8DB409442FC451148
Requests: 1 HTTP requests in this frame

Frame: https://vidosikov.com/player/player_ads.html?advertising_id=0.5336935735946775&adzone=0.7441438155345577
Frame ID: 4F13F38D72A12079B2D56523F1A10FED
Requests: 1 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 8270D5C761381367844A7BA78464ADD1
Requests: 1 HTTP requests in this frame

Frame: https://porn4fap.com/v.html?player_url=https%3A%2F%2Fjs.canstrm.com%2Fvast-vpaid-player%2Fmain.js
Frame ID: 5BA3B9D6DD118EAE9D104B78F3ABDE3E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 174EFED9B5C1E9CF42C107DFF5A19975
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

😋 Девушка дрочит член парню ( сперма частное ) порно видео онлайн

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

99
Requests

92 %
HTTPS

39 %
IPv6

38
Domains

38
Subdomains

30
IPs

6
Countries

1363 kB
Transfer

2646 kB
Size

4
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: http://1qe.info/redirect?key=7fnkVe5zSZqST2P3no41Xz&sid=75038752683

Search URL Search Domain Scan URL

URL: http://1qe.info/redirect?key=CvLPibHPkRG7nS5T0e9mhz&sid=75038752685

Search URL Search Domain Scan URL

URL: http://1qe.info/redirect?key=FUEtUupqGgNcRPS19uLGB1&sid=75038752687

Search URL Search Domain Scan URL

URL: http://1qe.info/redirect?key=NeNjDcuAk2BWNGgdZKi7Ph&sid=75038752689

Search URL Search Domain Scan URL

URL: https://en.davalka.cc/video/5389/
Title: English

Search URL Search Domain Scan URL

URL: https://uk.davalka.cc/video/5389/
Title: Український

Search URL Search Domain Scan URL

URL: https://tr.davalka.cc/video/5389/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://de.davalka.cc/video/5389/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://fr.davalka.cc/video/5389/
Title: Français

Search URL Search Domain Scan URL

URL: https://ja.davalka.cc/video/5389/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://it.davalka.cc/video/5389/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://es.davalka.cc/video/5389/
Title: Español

Search URL Search Domain Scan URL

URL: https://hi.davalka.cc/video/5389/
Title: ह िन ्द ी

Search URL Search Domain Scan URL

URL: http://1qe.info/redirect?key=pgUCFqeSsdySsJ3nOqdT18&sid=75038752691

Search URL Search Domain Scan URL

URL: http://1qe.info/redirect?key=GPnwz7bF5kMtf6HLDDdZ8i&sid=75038752697

Search URL Search Domain Scan URL

URL: https://pics-tube.icu/
Title: Порно фото

Search URL Search Domain Scan URL

URL: https://sexs-foto.xyz/chastnoe-photo/
Title: Частное порно фото

Search URL Search Domain Scan URL

URL: https://davalka.pro/
Title: давалки порh

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://counter.yadro.ru/hit?t40.6;r;s800*600*24;uhttps%3A//davalka.cc/video/5389/;h%uD83D%uDE0B%20%u0414%u0435%u0432%u0443%u0448%u043A%u0430%20%u0434%u0440%u043E%u0447%u0438%u0442%20%u0447%u043B%u0435%u043D%20%u043F%u0430%u0440%u043D%u044E%20%28%20%u0441%u043F%u0435%u0440%u043C%u0430%20%u0447%u0430%u0441%u0442%u043D%u043E%u0435%20%29%20%u043F%u043E%u0440%u043D%u043E%20%u0432%u0438%u0434%u0435%u043E%20%u043E%u043D%u043B%u0430%u0439%u043D;0.5112394049680202 HTTP 302
https://counter.yadro.ru/hit?q;t40.6;r;s800*600*24;uhttps%3A//davalka.cc/video/5389/;h%uD83D%uDE0B%20%u0414%u0435%u0432%u0443%u0448%u043A%u0430%20%u0434%u0440%u043E%u0447%u0438%u0442%20%u0447%u043B%u0435%u043D%20%u043F%u0430%u0440%u043D%u044E%20%28%20%u0441%u043F%u0435%u0440%u043C%u0430%20%u0447%u0430%u0441%u0442%u043D%u043E%u0435%20%29%20%u043F%u043E%u0440%u043D%u043E%20%u0432%u0438%u0434%u0435%u043E%20%u043E%u043D%u043B%u0430%u0439%u043D;0.5112394049680202

Request Chain 37

https://davalka.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://davalka.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Request Chain 78

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKKhW4I4ajVHaECiFxrtAhyXgotqo9tUJGExEwootLU7DB1T2kOg504xKAoSF8lHlx9Fj_-L1w HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKKywAzIirEeSR4dqQxABiB-k-lt4zrOBuNj1A-n207hmSNF4FWR18T_cMyzTK3z1wXUqKCwtQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1376165988%3A1711397150544392&theme=mn&ddm=0

Request Chain 85

https://cdnbuy.bidonmajet.com/61/85/6185ba3966dfe92201b641471067884b.gif?cdn_hash=d81a06788c5730750e3852c0124c3367&cdn_net=2a01:4a0:2b::5 HTTP 302
https://1-965-12242-1.b.cdn13.com/61/85/6185ba3966dfe92201b641471067884b.gif?cdn_hash=d81a06788c5730750e3852c0124c3367&cdn_net=2a01:4a0:2b::5

Request Chain 98

https://vowggy.xyz/dsp/ph/icm?aid=17548006366103159965&mid=0&sid=1826&t=1711397150&subid=14682170&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.02&cpa=3643db3d-b527-4d16-a97c-8619bea69413&prev_step_diff=587 HTTP 302
https://i.wmgtr.com/cic/_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png

99 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
davalka.cc/video/5389/ 43 KB
9 KB 82ms
37ms Document
text/html 2606:4700:3031::6815:2897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/video/5389/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 755df44e3394e69c444d8e0216d918d3063f10968546def1b1d66f246939ac94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 119287
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
cf-ray: 86a1849668f30b05-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 20:05:49 GMT
expires: Sun, 24 Mar 2024 10:57:42 GMT
last-modified: Sun, 24 Mar 2024 10:57:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lkf2NfHH5YY9WDQV3wz2mb7l2kB%2F%2BDMgmMh4xcLCshO2j3UoasHSh%2FlCPrUnkN2S%2Bz1Zep7Fc3M0p%2FrksTPrewzcP%2FhUGEYc3rjXmUzNLxx%2ByRiFIwNKdSYWD9GETTR4VfyN7zZS%2Bynu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

GET
H3 200 styles.css
davalka.cc/templates/davalka/style/ 28 KB
7 KB 33ms
33ms Stylesheet
text/css 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/templates/davalka/style/styles.css
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 151c5837f1989c7dc4daadd4629f387d3f09e8d7d1fc5b33e05c2c823f0238b9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1048743
cf-polished: origSize=32161
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 30 Aug 2022 17:47:35 GMT
server: cloudflare
etag: W/"630e4d37-7da1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9VWsH61xJFIVl5ElJzoTmCt4WUKvXWZ3nRSEV2Pu029bMkbCNOSgEml8sz8Rh%2FafM%2F%2BLDjz16MlQvjx%2BDja4%2FaHlXHXhUNkjsFqE0TigBzKIwBvhStiVKufREA%2BZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 86a18496dfb5b912-AMS

GET
H3 200 engine.css
davalka.cc/templates/davalka/style/ 54 KB
20 KB 51ms
50ms Stylesheet
text/css 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/templates/davalka/style/engine.css
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c967bb5d1fbe2c614d86df1b81839addf8207d74f355a1d7b1bab9ea664f8f55

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1039382
cf-polished: origSize=61776
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Aug 2020 14:23:44 GMT
server: cloudflare
etag: W/"5f2c1270-f150"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6E5UX%2FCnRpZ8aCiwuxiRiJGE8PbidSxdhTi%2FdK7rAZZTv9VIpDUCYwf8wenviubeq5Ic6Yyg9qIogzaRc%2BtoD%2F4Jn54AafbPXEd3q3ElziKS%2BwxF6JH%2FrrXKWC4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 86a18496dfb7b912-AMS

GET
H3 200 font-awesome.css
davalka.cc/templates/davalka/style/ 23 KB
6 KB 34ms
34ms Stylesheet
text/css 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/templates/davalka/style/font-awesome.css
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ea4dfe698af85b8c0be2bea33995932214934666bf103846330a3ed3fda3ce0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1044313
cf-polished: origSize=28747
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Aug 2020 14:23:44 GMT
server: cloudflare
etag: W/"5f2c1270-704b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iErM49t8CJxtRH8QjAMKc5gb6GVxblcHMLgEEVk98KMZ6LyV0f4vGMpYN2Zn%2F8gmjJz9Jg12Lr1ok5JkaS2SeXjON1vV%2B7e9qgyC%2B1TNxylnhImXRJfHnp06bDkY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 86a18496dfb8b912-AMS

GET
H3 200 rocket-loader.min.js Show response
davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 20ms
19ms Script
application/javascript 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: davalka.cc
URL: https://davalka.cc/video/5389/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 10:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fc0d6b-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UoyOGcHlc0UNGkBzzljDejkHVCjpR3bMYIDHwgk5gcPt5OZNKdKFYyiBCPF%2Bxj9iig6i081fJB5SeaW53G7Kf5pMvSjNxOjUk2FFlVD6b6Cd5CoOxAIeQnCDK8xD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86a184970fe3b912-AMS
expires: Wed, 27 Mar 2024 20:05:49 GMT

GET
H3 200 reset-settings.css
davalka.cc/templates/davalka/style/ 14 KB
4 KB 31ms
30ms Stylesheet
text/css 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/templates/davalka/style/reset-settings.css
Requested by: Host: davalka.cc
URL: https://davalka.cc/templates/davalka/style/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f9ef12233a62072c82f27a98fdede602d296f924e23b376a86ae8834870746c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/templates/davalka/style/styles.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1044325
cf-polished: origSize=16031
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Aug 2020 14:23:44 GMT
server: cloudflare
etag: W/"5f2c1270-3e9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Gs6bGYwWscAEgOh5lh458HuNBofeQ3wz%2B69BMjjYKS5xY7RZ5vR6Kn4SpIJvPn5ST1PToytynuZj08iY6GssnKgAURvXINIjmu%2BhlPSbuuga3lGpk9EsPIAXDtp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 86a184970fe5b912-AMS

GET
H3 200 28358 Show response
davalka.cc/embed/ Frame D50F 6 KB
3 KB 94ms
92ms Document
text/html 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/embed/28358
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 64f891913f807f121748305962b1794373c2b7babc71b239a84c484ea0c94a5c

Request headers

Referer: https://davalka.cc/video/5389/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400, must-revalidate
cf-cache-status: MISS
cf-ray: 86a18497a88db912-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 20:05:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Mon, 25 Mar 2024 20:05:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=czaeFIOnNfUfi4GhMN87RcYFfqEO2BT1xXzSNzO68owxQxvN6CGigZu5KAPFVaI9nx9dWmIwlN0HyyPRk1aSwxlYg4OVGLINLXBYVzHixh0KldbESsw16hDIDgaXO2gl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

GET
H3 200 logo.png
davalka.cc/templates/davalka/images/ 33 KB
33 KB 27ms
27ms Image
image/png 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://davalka.cc/templates/davalka/images/logo.png
Requested by: Host: davalka.cc
URL: https://davalka.cc/templates/davalka/style/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c78116d28ba955c86c5aea32df53cfb7ded13e90805f4c1ebe8440094d101f8d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/templates/davalka/style/styles.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 07:59:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1050375
etag: "649fdcdc-8244"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=shR%2FhTJ7q8n4r9u%2Bo3R0w6uCXl1UE366vn%2B882fbfxiMwRAIA6JtEqgzznv0hr5gxouzc7FLslaPElIcph%2BrRCq06jY3XxCfgFwQQpavaBWYJkJcrCRRAU7NOk5L"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 86a18497380fb912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 33348

GET
H3 200 normal.woff2
davalka.cc/cf-fonts/s/open-sans/5.0.20/latin/400/ 18 KB
19 KB 42ms
42ms Font
application/octet-stream 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/cf-fonts/s/open-sans/5.0.20/latin/400/normal.woff2
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCAPpestL7zcEzshxP6gz4mt4UaGJzwwrN7UG9gxoDUxRrU5eDb5doAX3zgmLQQrqiElPg3SL17JnH%2F2RLKfZDIvo%2F7rRQY3QzMGBrlnsIE%2BxLOxcpTHWqsp%2BQ2f"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86a184973813b912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 18664

GET
H3 200 normal.woff2
davalka.cc/cf-fonts/s/open-sans/5.0.20/cyrillic/600/ 11 KB
11 KB 59ms
59ms Font
application/octet-stream 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/cf-fonts/s/open-sans/5.0.20/cyrillic/600/normal.woff2
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c444d599115e3671ac128e3627e371ee93001ed1abb42073970a3ea5011101b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k71OpWw85Gen1OlWU%2BlghhxllzNt9GOIY%2FJusjOHWAe3by6zzkTQc9HwoEPg8y%2F0gXPiv8IFOekUKYxjm8YXDqHh0Rdn%2FvtReIhqifvvyYm9WikvdaU3iUgcILR1"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86a184973814b912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11044

GET
H3 200 fontawesome-webfont.woff2
davalka.cc/templates/davalka/fonts/ 55 KB
56 KB 27ms
26ms Font
font/woff2 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/templates/davalka/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: davalka.cc
URL: https://davalka.cc/templates/davalka/style/font-awesome.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/templates/davalka/style/font-awesome.css
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Aug 2020 14:23:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1044324
etag: "5f2c1273-ddcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WLRQR5s2fSY0uzP1dpSCCpAiYRDzPHU3ljXc25WtwH2mnN56%2Bs%2F1LOl7rzuRzkov1sQq3EvgBpL52tNCoDNm1WG8z9YIl%2Fs975nLxLoeFQjHQRwfJ3R%2FXHHHUVG"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 86a184973816b912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 56780

GET
H3 200 normal.woff2
davalka.cc/cf-fonts/s/open-sans/5.0.20/cyrillic/300/ 11 KB
11 KB 62ms
62ms Font
application/octet-stream 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/cf-fonts/s/open-sans/5.0.20/cyrillic/300/normal.woff2
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1d57d9b193d8de86d75352646ea1cdf755e7629f9124903e7525f6919135c74

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekOieSbgPiSvO9DIJl0WxDisY6jn2nzLcCUVcy1RBHt028sGDwDRsUlcvagEuGLLDU9fNgSmw8Q3E9Kd5JTsNNn8ar3fMzpDjvd3vi5P7C8rPEeLkVatNgRbItee"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86a184973818b912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10996

GET
H3 200 normal.woff2
davalka.cc/cf-fonts/s/open-sans/5.0.20/cyrillic/700/ 11 KB
11 KB 63ms
63ms Font
application/octet-stream 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/cf-fonts/s/open-sans/5.0.20/cyrillic/700/normal.woff2
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 724ba0966f09ccb056c81d08c1980a5171f1dbf804d3c85f8864745bea75ae1e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCVGNRgepXq1PSinOSbWN%2Bv1W5xdlqPeBii2wg%2FgW1Iy0MtlGhmHwCyK%2BX7XvOvIll7ffyG1wqSK0EC91WcYIooFFfafy%2FMSFXx9f7qgJqq98PIzBc4eNfB3UkBv"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86a184973819b912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10872

GET
H3 200 normal.woff2
davalka.cc/cf-fonts/s/open-sans/5.0.20/latin/600/ 18 KB
19 KB 62ms
62ms Font
application/octet-stream 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/cf-fonts/s/open-sans/5.0.20/latin/600/normal.woff2
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I94Qqy8Ks%2F6JqTtZlYNSPLZnyVr4Yj15yoXdIWI%2F5XFQbVnoiBxNxuf29x80yaf45s6%2FX3MW7o%2BmHuMNKVt0VT1AzAB%2FudTW%2FEKCZM4si8t5lmMAfvChu%2FCe9Ndu"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86a18497481ab912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 18628

GET
H3 200 normal.woff2
davalka.cc/cf-fonts/s/open-sans/5.0.20/cyrillic/400/ 11 KB
11 KB 65ms
65ms Font
application/octet-stream 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/cf-fonts/s/open-sans/5.0.20/cyrillic/400/normal.woff2
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c72b42c630259e7f589c515f8cf986f14dc6f4cb1b75c92042c68d47a7f79f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ng20fsadh7%2FUsmku812NtHGQxQjCUbin6cdBzekX%2B9qid1z51rReVxTMhZXzTXIM%2FFk0iAk6JcJOhvGqDBG%2Bddg1cJPLBjkbQS%2Fs8Nb9yNHqHXSDyZmYVZolCiAT"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86a184974820b912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11084

GET
H3 200 normal.woff2
davalka.cc/cf-fonts/s/open-sans/5.0.20/latin/300/ 18 KB
19 KB 63ms
63ms Font
application/octet-stream 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/cf-fonts/s/open-sans/5.0.20/latin/300/normal.woff2
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88f421b2498fd4ff75eeb6df1d0e8b5e1f038007350ad968d4f258cbe50a02c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BJdCTRs7KeKWDAncTLo%2FWQ%2FM%2BG1K0YU6lNSpg7O4hjs2xirZVoEGow50xwRUYOzneSocr4RWBWCluBH6DvTM17Fhp6NTBrolLcMm6tUOC%2FCt%2BBku%2FgBTKG0WJ63a"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86a184974825b912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 18656

GET
H3 200 normal.woff2
davalka.cc/cf-fonts/s/open-sans/5.0.20/latin/700/ 18 KB
18 KB 64ms
64ms Font
application/octet-stream 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/cf-fonts/s/open-sans/5.0.20/latin/700/normal.woff2
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9yuNyRkcDykp%2FbXVpI81mklUR2MRrXSwa5g2XK%2BZmy6eW1DYUtsZNNaXz5RinEaTo9cJ7KToftOJTkaNBt77ZaoMNTO36A%2B5EpJFHHJv4Yq2dly4nENauvitaml%2F"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 86a184974828b912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 18232

GET
H2 200 224959 Show response
31825.novemberadventures.name/v3/a/ipn/js/ 18 KB
6 KB 80ms
14ms Script
application/javascript 88.208.22.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://31825.novemberadventures.name/v3/a/ipn/js/224959
Requested by: Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6ca1a5546b80841e76c2e3259f218e6cca0f591cdd1ac6f79bf2b4acf38008d2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
referrer-policy: unsafe-url
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
accept-ch-lifetime: 31536000
access-control-allow-credentials: true

GET
H2 200 224870 Show response
31825.novemberadventures.name/v3/a/pop/js/ 15 KB
6 KB 83ms
17ms Script
application/javascript 88.208.22.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://31825.novemberadventures.name/v3/a/pop/js/224870
Requested by: Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f228d347876d805bb31f4af604d8b4ceb7a0f2e1fa155d9d9549141e21dedc02

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
referrer-policy: unsafe-url
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
access-control-max-age: 86400
accept-ch-lifetime: 31536000
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 6142

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 2 KB
1 KB 73ms
7ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a79783f2566c23424c5192f91ddcb5bb722dde96ad5f18c91a104ed42373b152

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 20:10:49 GMT
date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 13:22:02 GMT
server: nginx/1.18.0
etag: W/"65fd85fa-6ba"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET /
reallifeforyouandme_block.com/services/ 0
0

GET
H3 200 lazyload.js Show response
davalka.cc/templates/davalka/js/ 2 KB
2 KB 59ms
58ms Script
application/javascript 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/templates/davalka/js/lazyload.js
Requested by: Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dab35dacfc245899201f41480f280bcddb19f27e2e9224da4e9c185a7f571fe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1039381
cf-polished: origSize=2431
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Aug 2020 14:23:40 GMT
server: cloudflare
etag: W/"5f2c126c-97f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ca0qdsETc5HhFAfYTBSzxwEHuVlry4QROe0R%2Bfr2P%2BL6hoyhC%2FmIanbjIM2XmIeLufnUGz8Sz84LdCVy%2FG%2FOntrrlByMS1uBCSLiPlUUL2SM94X9eNkmjL3zSrLE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 86a18497583ab912-AMS

GET
H2 200 6453 Show response
pornogoogle.info/embed_teaser/9187/ 5 KB
2 KB 238ms
45ms Script
text/html 82.148.12.69
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://pornogoogle.info/embed_teaser/9187/6453

Requested by

Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

82.148.12.69 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx/1.14.2 / Express

Resource Hash

25e403b17a74929b98ab51a93ade83a6473e38c371ccab098cac23c90274874b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
server: nginx/1.14.2
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 6451 Show response
pornogoogle.info/embed_teaser/9187/ 5 KB
2 KB 237ms
45ms Script
text/html 82.148.12.69
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://pornogoogle.info/embed_teaser/9187/6451

Requested by

Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

82.148.12.69 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx/1.14.2 / Express

Resource Hash

25e403b17a74929b98ab51a93ade83a6473e38c371ccab098cac23c90274874b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
server: nginx/1.14.2
x-powered-by: Express
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 libs.js Show response
davalka.cc/templates/davalka/js/ 3 KB
2 KB 59ms
59ms Script
application/javascript 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/templates/davalka/js/libs.js
Requested by: Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513f7b6ab64a35c9289db5ca0c11e66b308b9ce9dc202172fef1772a61dd933e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1044293
cf-polished: origSize=3938
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Aug 2020 14:23:39 GMT
server: cloudflare
etag: W/"5f2c126b-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Zq1k9wcOQzPf8Gcz2QhHuDv0D2W%2BXFXUk5lZxOILibtb4foMJvfmAEnPM8XC%2BritgoW3xvN3pwNbrOIGRaEdQlr7aBxWh2FKlWT3yrq%2FlvXAOajzjK%2Bkwz8nHo8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 86a18497583bb912-AMS

GET
H3 200 index.php Show response
davalka.cc/engine/classes/min/ 24 KB
8 KB 60ms
60ms Script
application/x-javascript 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/engine/classes/min/index.php?charset=utf-8&f=engine/classes/masha/masha.js&19
Requested by: Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 4af1cc6c4612e9ea733ad311f93fcc854ea3ce378302e8de52852be6017a9b2b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323317
x-powered-by: PHP/7.2.34
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Aug 2020 14:22:31 GMT
server: cloudflare
etag: W/"pub1596723751;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4L1Y%2Btq%2Fn%2FOHD7A7Y5LlYoivEQsRL04wMfJzVr2Gys%2B81nXbw43MreslvGCYFLmPjORVO%2FKDTwcj%2B0QpLeczClNyk%2BChpkIf1t9Fe4LNj9BVJ6zBn9Ix7wmFl%2F1"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 86a18497583cb912-AMS
expires: Sat, 22 Mar 2025 02:17:12 GMT

GET
H3 200 index.php Show response
davalka.cc/engine/classes/min/ 203 KB
63 KB 61ms
60ms Script
application/x-javascript 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/engine/classes/min/index.php?charset=utf-8&g=general&19
Requested by: Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 58ff32fec9bb44fa012e947f3911140b3535152cda48d20e8eb6d6b03c9d5cb2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1048931
cf-polished: origSize=208376
x-powered-by: PHP/7.2.34
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 06 Aug 2020 14:22:32 GMT
server: cloudflare
etag: W/"pub1596723752;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbUvMTiI%2B4ZPUsM2vc4mjpJkWFIcKkYhH9rqpIzsVJBWVwj78AzYpafiOto%2BWxRsli%2BJAf3Ge8eoFqls7BKxh6DKSHrHk3djYBS0xwwe%2BB05N1jVLF9KIZg9gwe7"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 86a18497583db912-AMS
expires: Thu, 13 Mar 2025 16:43:38 GMT

GET
H3 200 rocket-loader.min.js Show response
davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame D50F 12 KB
4 KB 28ms
28ms Script
application/javascript 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: davalka.cc
URL: https://davalka.cc/embed/28358

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/embed/28358
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2024 10:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fc0d6b-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VunF9MbfcggwcAJyqnI8XUEopenjzg6ds9a0Idm946SlaqvAAM3Ya5fczO1OYiBjRz7EjSslmXvwlp5ElDtK0qkUqDTYdS2AXl6rgl%2BLQ2bUPOE4aEspaPcztSN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86a18498899bb912-AMS
expires: Wed, 27 Mar 2024 20:05:49 GMT

GET
H2 200 hello.min.js Show response
rdrctgoweb.com/sweetie/ Frame D50F 91 KB
31 KB 98ms
42ms Script
application/javascript 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rdrctgoweb.com/sweetie/hello.min.js?id=1699421342

Requested by

Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

b1e7885b7e52914720b2b7c57eec1b536ab410bb7122e06bbc4bdd3cdd9d87d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 08:57:59 GMT
server: nginx/1.21.6
etag: W/"65af7f97-16d59"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000
expires: Thu, 04 Apr 2024 20:05:49 GMT

GET
H2 200 article.min.js Show response
mikellli.com/who/ Frame D50F 48 KB
20 KB 86ms
27ms Script
application/javascript 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://mikellli.com/who/article.min.js?id=1674651160

Requested by

Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

a0ac529020d1dfb6df5c0a7232ab0696474fe93b4f230063e31bac0465eb47b3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
last-modified: Thu, 07 Jul 2022 04:51:33 GMT
server: nginx/1.21.6
etag: W/"62c66655-bea3"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000
expires: Thu, 04 Apr 2024 20:05:49 GMT

GET
H2 200 kt_player.js Show response
vidosikov.com/player/ Frame D50F 159 KB
58 KB 72ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vidosikov.com/player/kt_player.js?v=5.3.0
Requested by: Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8193b7e4f8b45ff8f3764bc4f2bc035bb34da7ef9bb56d1fa85a5515b4663e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Jan 2021 14:36:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 258262
etag: W/"5ffdb3e2-27caf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8FwWeCUR7qmzoPFnDhsSetj5z4LoClL%2FPq51kXvmgYoD6T0tcraVL%2BJ2CLgVexpduTKaZrUj9ShQepfF3D8oX3RxonVFh%2FLQKS4J8goWV3X8kkknoNn4XlhWJJJmTMsrT2KFWxTzFrWEDkTE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 86a18498ee719c0d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Mar 2024 20:21:27 GMT

GET
H3 200 favicon.png
davalka.cc/templates/davalka/images/ 5 KB
5 KB 29ms
27ms Other
image/png 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/templates/davalka/images/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c77ce116b93c433c48f164efec8ffa01121d1c5300efb7d872ba25fe50f27e91

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/video/5389/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Aug 2020 14:23:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1048741
etag: "5f2c126d-135d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1I3PHPjfSTCp1vib9Ht2g3mGufLZGJLR%2FOgPYEeKKDEKJQQ5cxIbtUhrt0zKTCMepgKm%2BSBzyK4Qfrx%2BBAW1trh78pQ0DC%2B%2BIc6O36Xyf%2F7Jy9fS95%2FP3qromTh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 86a18498d9dfb912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4957

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t40.6;r;s800*600*24;uhttps%3A//davalka.cc/video/5389/;h%uD83D%uDE0B%20%u0414%u0435%u0432%u0443%u0448%u043A%u0430%20%u0434%u0440%u043E%u0447%u0438%u0442%20%u0447%u043B%u...
https://counter.yadro.ru/hit?q;t40.6;r;s800*600*24;uhttps%3A//davalka.cc/video/5389/;h%uD83D%uDE0B%20%u0414%u0435%u0432%u0443%u0448%u043A%u0430%20%u0434%u0440%u043E%u0447%u0438%u0442%20%u0447%u043B...

133 B
619 B

44ms
44ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t40.6;r;s800*600*24;uhttps%3A//davalka.cc/video/5389/;h%uD83D%uDE0B%20%u0414%u0435%u0432%u0443%u0448%u043A%u0430%20%u0434%u0440%u043E%u0447%u0438%u0442%20%u0447%u043B%u0435%u043D%20%u043F%u0430%u0440%u043D%u044E%20%28%20%u0441%u043F%u0435%u0440%u043C%u0430%20%u0447%u0430%u0441%u0442%u043D%u043E%u0435%20%29%20%u043F%u043E%u0440%u043D%u043E%20%u0432%u0438%u0434%u0435%u043E%20%u043E%u043D%u043B%u0430%u0439%u043D;0.5112394049680202

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

85f2f9268707586e0b9fcd1212157603de031cca53e1be63bfa2f62a8010ff1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://davalka.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Mar 2024 20:05:49 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 133
Expires: Sat, 25 Mar 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Mar 2024 20:05:49 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t40.6;r;s800*600*24;uhttps%3A//davalka.cc/video/5389/;h%uD83D%uDE0B%20%u0414%u0435%u0432%u0443%u0448%u043A%u0430%20%u0434%u0440%u043E%u0447%u0438%u0442%20%u0447%u043B%u0435%u043D%20%u043F%u0430%u0440%u043D%u044E%20%28%20%u0441%u043F%u0435%u0440%u043C%u0430%20%u0447%u0430%u0441%u0442%u043D%u043E%u0435%20%29%20%u043F%u043E%u0440%u043D%u043E%20%u0432%u0438%u0434%u0435%u043E%20%u043E%u043D%u043B%u0430%u0439%u043D;0.5112394049680202
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sat, 25 Mar 2023 21:00:00 GMT

GET
H2 200 / Show response
jkha742.xyz/wcm/ 0
193 B 51ms
16ms Script
text/plain 193.200.64.162
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://jkha742.xyz/wcm/?sh=davalka.cc&sth=7ab3624698f0bee984b8077f8dcf8922&d=e3b000ffe39c980c475b4478201afaac&m=02bd1f51ae5382fc49fdfe0471886ae4&sid=731_457567_362161108&stime=426.10&curpage=https%3A%2F%2Fdavalka.cc%2Fvideo%2F5389%2F&rand=0.30068306877401807
Requested by: Host: davalka.cc
URL: https://davalka.cc/video/5389/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.64.162 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 20:05:49 GMT
vary: Accept-Encoding
p3p: CP="NON DSP COR CURa TIA"
content-type: text/plain;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-msr: TRUE
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 goclick Show response
69v.club/dear_code/9187/ 9 KB
4 KB 155ms
125ms Script
text/html 172.67.160.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://69v.club/dear_code/9187/goclick?t=every_sec&c=&ref=

Requested by

Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.160.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2af7a6e853edeeafad1e8f32bbf16b5c24878f90bf61d58694db196a07170228

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ogn1pF7ZWs46bi7EuYUpTSuCSQYlM95oeLZDUyzXwL%2Bn2jL4iOeU8Oyb3hmK5YKSN93Q9e%2B51nWH5aliJgfH7hdbG8NUp5imUi3qp5UMw27qHWwMLIo10H92bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache
cf-ray: 86a18498fbec36e0-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 25 Mar 2024 20:05:48 GMT

GET
H2 200 teaser Show response
pornogoogle.info/banner/9187/ 18 KB
3 KB 117ms
117ms Script
application/javascript 82.148.12.69
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://pornogoogle.info/banner/9187/teaser?callback=MP_TEASER_9187&width=260&refer=https%3A%2F%2Fdavalka.cc%2Fvideo%2F5389%2F&r=&installation_id[]=6451&installation_id[]=6453&width_id[6451]=1080&width_id[6453]=260&_=1711397149573&start=1711397149539

Requested by

Host: pornogoogle.info
URL: https://pornogoogle.info/embed_teaser/9187/6453

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

82.148.12.69 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

9cf3f26f29e6333dbbfd1f05aef1193e1663b553544251fd7f6b66dcc8bd6fdb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
server: nginx/1.14.2
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8

GET
H2 200 youtube.css
vidosikov.com/player/skin/ Frame D50F 28 KB
5 KB 20ms
19ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vidosikov.com/player/skin/youtube.css
Requested by: Host: vidosikov.com
URL: https://vidosikov.com/player/kt_player.js?v=5.3.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6855b84c0f4f9e12c04fe22ff563fa465862d44e423db6e916d94ca3da927d42

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Jan 2021 14:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 266227
etag: W/"5ffdb3e3-70cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COas%2BJMAW5Jufc8jUyO9Hgowyt0naXHZoxAUubuihYw5N3exwdrSJY4xALw6XnUtGuADJRhuqKC9BqoFDSW25%2BsoAh0ymEsekXuej7fq1iFqgBvr%2BmOP%2F1n7Gt2o%2FE8p%2BId%2BvV99oBHEdwHs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 86a184993ef49c0d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Mar 2024 18:08:42 GMT

GET player_ads.html
vidosikov.com/player/ Frame C643 0
0

GET
H3

200

main.js Show response
davalka.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame 67CD
Redirect Chain

https://davalka.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://davalka.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

8 KB
4 KB

25ms
24ms

Script
application/javascript

172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://davalka.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Protocol

Server

172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff33166d12bc8e46a4eea3f47641bec1f45264f63574a19456f47ed034964a46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSbVemrY0725AUajWdgYlhP43rzPa8DZnUgItThku4udS7OyGu1n6wN%2F1sMKWOSqIjGWR2MJZadghfDxFxko0d6EQyqmPZQIDpha96hMH9NfjdCdNz1ErnqmMeye"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86a184998a96b912-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 25 Mar 2024 20:05:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OHt8QrWwj6pxcyY%2F87a4EVc7DnN%2BZ3%2BZgxKdc0d9ZShdDQyj7qZiMWlaQWn%2B2mAdZaWCkN0goAqrI5B9zV3cu8Nsd%2F3aJRl6foguMzgyGUBiDI5Edeeov%2FRrgwzs"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
cache-control: max-age=300, public
cf-ray: 86a184995a6cb912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 check.min.js Show response
riamiavid.com/sweetie/ Frame 760D 35 KB
12 KB 99ms
39ms Script
application/javascript 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://riamiavid.com/sweetie/check.min.js

Requested by

Host: mikellli.com
URL: https://mikellli.com/who/article.min.js?id=1674651160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

c85183390b23326532649a0091ba89aa4d9d1422e85535d6c00b36ec1db5ed4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 14:24:27 GMT
server: nginx/1.21.6
etag: W/"6503179b-8d3c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000
expires: Thu, 04 Apr 2024 20:05:49 GMT

GET
H2 200 cc
mybmrtrg.com/ Frame 0D92 0
0 88ms
29ms Document
text/html 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://mybmrtrg.com/cc

Requested by

Host: mikellli.com
URL: https://mikellli.com/who/article.min.js?id=1674651160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://davalka.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-origin
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=utf-8
date: Mon, 25 Mar 2024 20:05:49 GMT
server: nginx/1.21.6
x-frame-options: SAMEORIGIN

GET
H2 200 check.min.js Show response
riamiavid.com/sweetie/ Frame 0950 35 KB
12 KB 85ms
41ms Script
application/javascript 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://riamiavid.com/sweetie/check.min.js

Requested by

Host: rdrctgoweb.com
URL: https://rdrctgoweb.com/sweetie/hello.min.js?id=1699421342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

c85183390b23326532649a0091ba89aa4d9d1422e85535d6c00b36ec1db5ed4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 14:24:27 GMT
server: nginx/1.21.6
etag: W/"6503179b-8d3c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000
expires: Thu, 04 Apr 2024 20:05:49 GMT

GET
DATA 200
OK truncated
/ Frame D50F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ktplayeryt.ttf
vidosikov.com/player/skin/fonts/ Frame D50F 2 KB
2 KB 61ms
39ms Font
application/font-sfnt 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vidosikov.com/player/skin/fonts/ktplayeryt.ttf?wqseia
Requested by: Host: vidosikov.com
URL: https://vidosikov.com/player/skin/youtube.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf86d8eb9277b69e2c6202ca711c3b19c64a2a9a8cf4ba7bc33bdecacfb8a0b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vidosikov.com/player/skin/youtube.css
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 12 Jan 2021 14:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8d8-5b8b4f21a7ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzHlNHYFktNDaHAkaLp7V5XM7Fc6JJhDR9gx6AH5ro4jZ133uuXcv3r%2BprRtxENBTJsGCKg00X5tFEd06LtDq%2BKinVrADdjhS4VIVWEXTb3u9Fp16pgtdVXnipVoLoqq"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 86a18499bd7d362d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 preview.mp4.jpg
vidosikov.com/contents/videos_screenshots/28000/28358/ Frame D50F 103 KB
103 KB 26ms
26ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidosikov.com/contents/videos_screenshots/28000/28358/preview.mp4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd0ab10c669936edfb6affbf71d1263ad8936209088dbed5601df0b2e0da9f3e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
last-modified: Thu, 21 Apr 2022 07:33:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 140355
etag: W/"626108ad-19bb8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MgnMebYfJ5Y9F6QXXM95bcN8SJK36cH%2BbI99g34v2dxQ55Z8WNbkcS%2FMar05HyW6Q3I3VE8lXC56zv7CnxeRDmKPcX5%2Fw0lC1eaxP%2BwDCb14kgTbF6jbdNNDd03vvYXx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
cf-ray: 86a18499ab043c9b-CDG
alt-svc: h3=":443"; ma=86400
expires: Mon, 01 Apr 2024 05:06:34 GMT

GET
H2 404 player_ads.html
vidosikov.com/player/ Frame 4F13 0
0 59ms
58ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vidosikov.com/player/player_ads.html?advertising_id=0.5336935735946775&adzone=0.7441438155345577
Requested by: Host: vidosikov.com
URL: https://vidosikov.com/player/kt_player.js?v=5.3.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash

Request headers

Referer: https://davalka.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86a18499a8801cbf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 20:05:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBGoeHYe0Lw%2Ft%2BPsQsrjlzqErwXe%2BfTQAuvgDEXUGpuyHj8iS3neyx2M8oWF1j9qLiB2AgcsrFUZLQ7IQG5h40E4A%2BJcsgQ54L%2FNFgcZYDzL5JoTDxFrbpW7GFs18W8VkrWJBR3%2FPuxto0rf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

GET
H3 200 play_white.png
vidosikov.com/player/skin/img/ Frame D50F 4 KB
4 KB 74ms
74ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidosikov.com/player/skin/img/play_white.png
Requested by: Host: vidosikov.com
URL: https://vidosikov.com/player/skin/youtube.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e13296a19c623cff752620a9f03aa2b920a13ea08a1d2292ebd423a2e0feeb2c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://vidosikov.com/player/skin/youtube.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Jan 2021 14:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 523810
etag: W/"5ffdb3e3-e5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQZU0UiugATvmYauzT1ij%2B%2BDCNOrVoUrhRsMhYQdrzR8aDWu6mc9HF3l9Tb0Wh5twt%2Fkq60xLVd3UOsDknerLTqPaImP7HnPOuRqqCmyICSV2eaJZW8V2Pa5kHisQZoR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
cf-ray: 86a18499ab0c3c9b-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Mar 2024 18:35:39 GMT

GET
DATA 200
OK truncated
/ Frame D50F 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 stats.php
vidosikov.com/player/ Frame D50F 43 B
441 B 71ms
71ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidosikov.com/player/stats.php?embed=1&device_type=2&event=PlayerLoad,
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ug%2FdjvqiTyt5nWbxxT%2FG79WEH31Eem%2BpwFyMU0ytF8EneU%2FuAvWFjqLWBkvB3u1yhbJkN55Px1y9eC7IXJ6cYujsIUu7voC20VocmiznDs0V3EiHxiim6xRlFOLKkNaN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 86a18499bb1b3c9b-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 cmin.js Show response
stat.clickfrog.ru/ 0
334 B 35ms
8ms Script
text/html 116.203.95.45
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.clickfrog.ru/cmin.js?ma_di=18835&up=9187&r=0.6082119401485839

Requested by

Host: davalka.cc
URL: https://davalka.cc/video/5389/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

116.203.95.45 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.45.95.203.116.clients.your-server.de

Software

nginx / PHP/5.4.45

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 20:05:49 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Mon, 25 Mar 2024 20:05:49 GMT

GET
H2 200 tZNwO7Ly1ST1IAMvfw3m.gif
cdn.1qu.info/banners/tZ/Nw/ 61 KB
61 KB 230ms
177ms Image
image/gif 2606:4700:3033::ac43:99e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.1qu.info/banners/tZ/Nw/tZNwO7Ly1ST1IAMvfw3m.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71351895de2940632adf0499176d4cebcdb25eaca7e689e2b0e1a424233a8f03

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Jan 2020 13:32:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e26fd72-f2f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yze8jc1CQKRB62Lq5PmOlbPzcGtKFXBXnjV2E9fNhLNCKjVWIwT%2B2njr5vDNPj8MJ6ZRmb8Dy%2F5NlhU6ujPvyOEyyVZerboXlytBb1IGDJdlGDNW59yrhf1eadTxXIFaIhmAUKuDFAfu9Mk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 86a1849a0c1f2c25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 62197

GET
H2 200 160x160
cdn.1qu.info/banners/Bx/as/Bxas81vLzVTO96zQjRTu.gif/r/ 18 KB
18 KB 162ms
110ms Image
image/gif 2606:4700:3033::ac43:99e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.1qu.info/banners/Bx/as/Bxas81vLzVTO96zQjRTu.gif/r/160x160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 305465b97bf6cb59ebf3d22e46bff29e6d7fc564e47c1f170c9a97be612bac5f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Jan 2020 13:30:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e26fcff-75f7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Itczw22%2BuvSmBhJIZje5uSm%2BEBra%2BZiJOuUGU2BLXqlLuiWplhyzu63y%2BkY5kdmDCHeblFaFsngqJRRf26XfhzI%2BqdNiIQVKYNl7JhxkkldGSIcY3ZaKwvrWvb7l0qD8foEM8PZMiQCM9pU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 86a1849a0c222c25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18327

GET
H2 200 HuYfbGG3tuiBPCnYSo16.gif
cdn.1qu.info/banners/Hu/Yf/ 40 KB
40 KB 243ms
191ms Image
image/gif 2606:4700:3033::ac43:99e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.1qu.info/banners/Hu/Yf/HuYfbGG3tuiBPCnYSo16.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c195211a2ff6d5da164f18c3755397746cde65bee8b4b78e06813fc1d474313

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Jan 2020 13:29:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e26fccb-9e62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L6byZPbcmygzQDZZE8sIFTYK%2FXuJ0nkSMcIPlgQP%2BkVJqna3HkH48NZYz%2BYF%2FrEWGqosOyHFJWgMxR9o3cNkdvDwAM3wBDywZ55p%2F%2Fr%2BDClLVqM4iwR2oMnW4xzFHDArzYQF4sbPCBAhciM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 86a1849a0c242c25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 40546

GET
H2 200 160x160
cdn.1qu.info/banners/AU/gL/AUgLJdnpxRx7SCVk3fPx.gif/r/ 19 KB
19 KB 204ms
151ms Image
image/gif 2606:4700:3033::ac43:99e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.1qu.info/banners/AU/gL/AUgLJdnpxRx7SCVk3fPx.gif/r/160x160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 407f536ee7f4e3763f61f300c058c64d63395ac00db571a51674bc1ae3a9185c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Jan 2020 13:30:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e26fce1-7d8e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rO1m2vdw41sQNG0rb%2BjwFQ2wNtB%2F7DKtgsZ4SCprZ10PsKPJtQwRdCGCoys0H1zQxMnppFMvZTphF%2B62juCcxM5oTToup%2BSgPR3APf6PKkxgfuIowVGj64Xu66j%2FLaMukkS1MwsWpqJ%2Fzcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 86a1849a0c2a2c25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19093

GET
H2 200 160x160
cdn.1qu.info/banners/1Y/t7/1Yt7cbAWdYN8QCwx93F9.jpg/r/ 4 KB
5 KB 237ms
184ms Image
image/jpeg 2606:4700:3033::ac43:99e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.1qu.info/banners/1Y/t7/1Yt7cbAWdYN8QCwx93F9.jpg/r/160x160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59e75bcd612a370c286ed11f955277c411edebc066c6323ce57ca0829b7076d4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 21 Jan 2020 13:31:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5e26fd17-2abc"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2FAylS8WSE%2Fq2stBu%2F9%2BpndqbsP9163fLZ7cSa7rcVvn44WwQSG1HTUriAE0g9kpAIWN%2BF%2FlsLwluAAK9Km98FKGhqm923mlM2sFE9yUDATHIFoaJtsFAU%2FlxgAs5%2BXSZbphna%2BxvsokUvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 86a1849a0c282c25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4496

GET
H2 200 XDa6ffZKX8NLvaPiW7Ec.gif
cdn.1qu.info/banners/XD/a6/ 75 KB
76 KB 246ms
193ms Image
image/gif 2606:4700:3033::ac43:99e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.1qu.info/banners/XD/a6/XDa6ffZKX8NLvaPiW7Ec.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:99e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1569592184caf6ecb7fdcabc1068d79fd8f8d997f0d1d00b7364d783b82560f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Jan 2020 13:31:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e26fd43-12dfb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AcKBIL%2BSlOaMgrNKzecydpmnmteLpa0FMHmINqGdBwqedfwVCxDxAP2uoMxi8VsmPBMHXZeoX6705Eb19Uo3Zh4t8ui49zjfl7qicQx9XTCyaVaWNWfr09Z0M%2F11gqQGo0bvlwRwvBlWaHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 86a1849a0c2b2c25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 77307

POST
H3 200 86a18497d9626613 Show response
davalka.cc/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 67CD 0
574 B 67ms
66ms XHR
text/plain 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://davalka.cc/cdn-cgi/challenge-platform/h/g/jsd/r/86a18497d9626613
Requested by: Host: davalka.cc
URL: https://davalka.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6ILj04bR3guA5hAYeOhdDrzHUxluFf7a8aBZSGTGi%2Floq2uPli3%2Bfnj5Qt19st5%2FkMWPWQf7z7DxUF2F4VkG149au1CNNxkop3bJbDTnhCMalAAKcfwu5CkPetH"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86a1849a0b45b912-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 marker.png
davalka.cc/templates/davalka/dleimages/ 2 KB
2 KB 31ms
28ms Image
image/png 172.67.152.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://davalka.cc/templates/davalka/dleimages/marker.png
Requested by: Host: davalka.cc
URL: https://davalka.cc/templates/davalka/style/engine.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.152.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e393ab33da5f5e3cb8a5fd7beece758d61ae71f7646f9dd100dc562aa667b723

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/templates/davalka/style/engine.css
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Aug 2020 14:23:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1039358
etag: "5f2c126f-75b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I87t64VX5i8V8EHUuftE7bRzgKKtjnQgZO5%2F1ErBiRXuDw5gxhRDVXaMpZD7oiAz3djD%2Bc5ZsfykNAfIfzRYQSQZz99vbUXeTtGCAUVE6bEMaWGphFcsaNnEi5%2FE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 86a1849a2b74b912-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1883

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 106 KB
35 KB 13ms
13ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7476f09f40ca3c0e6da1c090efe8cf627f06a0f40673fa327465f4552ba86fdc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 20:10:49 GMT
date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 13:22:06 GMT
server: nginx/1.18.0
etag: W/"65fd85fe-1a995"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 73ms
52ms Fetch
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 31825.novemberadventures.name
URL: https://31825.novemberadventures.name/v3/a/pop/js/224870

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50998
x-xss-protection: 0
server: cafe
etag: 11898989689917398158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 25 Mar 2024 20:05:49 GMT

GET login.php
www.facebook.com/ 0
0

HEAD
H3 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 50ms
49ms Fetch
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 31825.novemberadventures.name
URL: https://31825.novemberadventures.name/v3/a/ipn/js/224959

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50999
x-xss-protection: 0
server: cafe
etag: 12613594117362578362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 25 Mar 2024 20:05:49 GMT

GET
H2 204 224959 Show response
31825.novemberadventures.name/v3/a/ipn/xch/ 0
328 B 48ms
17ms XHR
text/plain 88.208.22.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://31825.novemberadventures.name/v3/a/ipn/xch/224959?subID=&pageUri=https%3A%2F%2Fdavalka.cc%2Fvideo%2F5389%2F&referer=&abl=0&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Win32%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%22800%22%2C%22600%22%2C%22800%22%2C%22600%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221113%22%2C%221600%22%2C%221113%22%2C%22false%22%2C%221%22%2C%2217%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Mon%20Mar%2025%202024%2021%3A05%3A49%20GMT%2B0100%20(Central%20European%20Standard%20Time)%22%2C%22-60%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D
Requested by: Host: 31825.novemberadventures.name
URL: https://31825.novemberadventures.name/v3/a/ipn/js/224959
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
referrer-policy: unsafe-url
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
access-control-max-age: 86400
accept-ch-lifetime: 31536000
access-control-allow-origin: https://davalka.cc
access-control-allow-credentials: true

GET
H2 204 224959 Show response
31825.novemberadventures.name/v3/a/ipn/xch/ 0
327 B 23ms
16ms XHR
text/plain 88.208.22.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://31825.novemberadventures.name/v3/a/ipn/xch/224959?subID=&pageUri=https%3A%2F%2Fdavalka.cc%2Fvideo%2F5389%2F&referer=&abl=0&remnant=1&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Win32%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%22800%22%2C%22600%22%2C%22800%22%2C%22600%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221113%22%2C%221600%22%2C%221113%22%2C%22false%22%2C%221%22%2C%2217%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Mon%20Mar%2025%202024%2021%3A05%3A49%20GMT%2B0100%20(Central%20European%20Standard%20Time)%22%2C%22-60%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D
Requested by: Host: 31825.novemberadventures.name
URL: https://31825.novemberadventures.name/v3/a/ipn/js/224959
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:49 GMT
referrer-policy: unsafe-url
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
access-control-max-age: 86400
accept-ch-lifetime: 31536000
access-control-allow-origin: https://davalka.cc
access-control-allow-credentials: true

GET
H3 200 9187 Show response
69v.club/show/clickunder/ 611 B
973 B 231ms
231ms Script
application/javascript 172.67.160.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://69v.club/show/clickunder/9187?callback=__MPAY_CLICKUNDER_CALLBACK__&url=https%3A%2F%2Fdavalka.cc%2Fvideo%2F5389%2F&referrer=&time=1711397149767

Requested by

Host: 69v.club
URL: https://69v.club/dear_code/9187/goclick?t=every_sec&c=&ref=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.160.81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec5de29180fdbf89af95fc3cba8e16edcca3775a5ce6ce14326743a9abab2a48

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CV47qC4qXUuqaukVFJrzzJzjNCXExiqFPnvDryfaCe%2BvI5o1roerEfRGORuagW4N7lS1ixSGA2KhIQewXn10Qyd%2F4LwguaGHQS0H5A4OZRRxWQRt7OFZVSwJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cf-ray: 86a1849b8f1a36e0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 23626 Show response
na.nawpush.com/tags/ 3 KB
4 KB 36ms
8ms XHR
application/json 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/23626?version_name=d
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3f20a759241a4586563561c34aaa106a47305136f44daf910ee1f956ca2c273d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 20:05:50 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
x-proxy-cache: HIT

GET
H2 200 advertising.js Show response
js.capndr.com/ 0
238 B 33ms
7ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.capndr.com/advertising.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 20:10:50 GMT
date: Mon, 25 Mar 2024 20:05:50 GMT
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
server: nginx/1.18.0
etag: "64b105fd-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 6322 Show response
rdrctgoweb.com/osvald/ Frame D50F 42 B
383 B 42ms
42ms Script
text/html 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rdrctgoweb.com/osvald/6322?n=bmxRoGz&ab=0&ts=1711397150292&fg=cbbdff0505b1656ece6e0169ec100289&&rt=0&id=1711397150292&tz=-60&ps=1711397149322&meta%5Bwidth%5D=800&meta%5Bheight%5D=600&meta%5Bratio%5D=1&meta%5Bram%5D=8&meta%5Bgpu%5D=Intel%20Iris%20OpenGL%20Engine&meta%5BcolorDepth%5D=24&meta%5Bgamut%5D=srgb&meta%5Bcores%5D=17&meta%5BhashG%5D=7363124689&meta%5BhashC%5D=14.680&meta%5Bhints%5D%5Barchitecture%5D=x86&meta%5Bhints%5D%5Bbitness%5D=64&meta%5Bhints%5D%5Bbrands%5D%5B0%5D%5Bbrand%5D=Google%20Chrome&meta%5Bhints%5D%5Bbrands%5D%5B0%5D%5Bversion%5D=123&meta%5Bhints%5D%5Bbrands%5D%5B1%5D%5Bbrand%5D=Not%3AA-Brand&meta%5Bhints%5D%5Bbrands%5D%5B1%5D%5Bversion%5D=8&meta%5Bhints%5D%5Bbrands%5D%5B2%5D%5Bbrand%5D=Chromium&meta%5Bhints%5D%5Bbrands%5D%5B2%5D%5Bversion%5D=123&meta%5Bhints%5D%5BfullVersionList%5D%5B0%5D%5Bbrand%5D=Google%20Chrome&meta%5Bhints%5D%5BfullVersionList%5D%5B0%5D%5Bversion%5D=123.0.6312.58&meta%5Bhints%5D%5BfullVersionList%5D%5B1%5D%5Bbrand%5D=Not%3AA-Brand&meta%5Bhints%5D%5BfullVersionList%5D%5B1%5D%5Bversion%5D=8.0.0.0&meta%5Bhints%5D%5BfullVersionList%5D%5B2%5D%5Bbrand%5D=Chromium&meta%5Bhints%5D%5BfullVersionList%5D%5B2%5D%5Bversion%5D=123.0.6312.58&meta%5Bhints%5D%5Bmobile%5D=0&meta%5Bhints%5D%5Bplatform%5D=Win32&meta%5Bhints%5D%5BplatformVersion%5D=10.0.0&meta%5Bhints%5D%5BuaFullVersion%5D=123.0.6312.58&meta%5Bhints%5D%5Bwow64%5D=0&action=init

Requested by

Host: rdrctgoweb.com
URL: https://rdrctgoweb.com/sweetie/hello.min.js?id=1699421342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

270fdb6410492879aca3036773565424390849f6b6a2b60b2274f572cee39b35

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: gzip
server: nginx/1.21.6
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Model
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin
access-control-allow-credentials: true

GET
H2 200 sigma Show response
mikellli.com/ Frame D50F 236 B
513 B 362ms
362ms Script
text/html 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://mikellli.com/sigma?n=bmGH9wA&site=6320&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&r=https%3A%2F%2Fdavalka.cc%2Fvideo%2F5389%2F&location=https%3A%2F%2Fdavalka.cc%2Fembed%2F28358&ab=false&fg=cbbdff0505b1656ece6e0169ec100289&rt=false&ts=1711397150316&title=28358&hardwareLogical=17&orientation=landscape&orientationAngle=0&resolution=800x600&screenWidth=800&screenHeight=600&devicePixelRatio=1&description=null&keywords=null

Requested by

Host: mikellli.com
URL: https://mikellli.com/who/article.min.js?id=1674651160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

77a17943bcd23ad2b403d77dd44150ebd91a7f9dbd86d9e175f1692136f452e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: gzip
server: nginx/1.21.6
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Model
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin
access-control-allow-credentials: true

GET
H2 200 tags Show response
notification.tubecup.net/ 4 KB
2 KB 35ms
14ms XHR
application/json 78.47.199.210
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notification.tubecup.net/tags?tag_id=23626&timezone_olson=Europe/Berlin&version_name=d&med_script_id=87&page=https%3A//davalka.cc/video/5389/
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.199.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.210.199.47.78.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: febd13c4ff5272c6be4b8eb8e64b626d699628a46abaa944e844262be915492c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: br
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 1310

GET
H2 200 count.html
storage.multstorage.com/log/ Frame 8270 0
0 364ms
37ms Document
text/html 2606:4700:3032::ac43:ae33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://davalka.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86a1849fec0c9a24-FRA
content-encoding: br
content-type: text/html
date: Mon, 25 Mar 2024 20:05:50 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3LjP4tl8fqLYo6eOdPO8oyVNA3gstcZiLz8FrRQKKDBm4g%2BDPc5fDHuQ%2FNlkzqBNWPxKz52cdHeezWKrBWWhRjOhDVKR%2FNQWLqOrSznUNTTfybjlfzSfUk9iIDMXBniyfvDsdNwx%2BHHxqzkJVRrbFvw1lbGPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-request-id: 2e7c3025201e2730cfff45597584637c

GET
H2 200 track Show response
a788d8a3de.7411603f57.com/in/ 0
207 B 310ms
22ms XHR
text/plain 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a788d8a3de.7411603f57.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIyODg1MDg2MzQwNzUyMzg0MDAiLCJ0aW1lem9uZSI6MSwidmVyIjoiMy4xMTQuMCIsInRhZ19pZCI6MjM2MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiODAweDYwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXVyb3BlL0JlcmxpbiIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjM1LCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiIlRjAlOUYlOTglOEIlMkMlRDAlOTQlRDAlQjUlRDAlQjIlRDElODMlRDElODglRDAlQkElRDAlQjAlMkMlRDAlQjQlRDElODAlRDAlQkUlRDElODclRDAlQjglRDElODIlMkMlRDElODclRDAlQkIlRDAlQjUlRDAlQkQlMkMlRDAlQkYlRDAlQjAlRDElODAlRDAlQkQlRDElOEUlMkMoJTJDJUQxJTgxJUQwJUJGJUQwJUI1JUQxJTgwJUQwJUJDJUQwJUIwJTJDJUQxJTg3JUQwJUIwJUQxJTgxJUQxJTgyJUQwJUJEJUQwJUJFJUQwJUI1JTJDKSUyQyVEMCVCRiVEMCVCRSVEMSU4MCVEMCVCRCVEMCVCRSUyQyVEMCVCMiVEMCVCOCVEMCVCNCVEMCVCNSVEMCVCRSUyQyVEMCVCRSVEMCVCRCVEMCVCQiVEMCVCMCVEMCVCOSVEMCVCRCUyQyVEMCU5QSVEMSU4MCVEMSU4MyVEMSU4MiVEMCVCRSVEMCVCNSUyQyVEMSU4NyVEMCVCMCVEMSU4MSVEMSU4MiVEMCVCRCVEMCVCRSVEMCVCNSUyQyVEMCVCMiVEMCVCOCVEMCVCNCVEMCVCNSVEMCVCRSUyQyVEMSU4MSUyQyVEMCVCNCVEMSU4MCVEMCVCRSVEMSU4NyVEMCVCQSVEMCVCRSVEMCVCOSUyQyVEMSU4NyVEMCVCQiVEMCVCNSVEMCVCRCVEMCVCMCUyQyVEMCVCRCVEMCVCMCUyQyVEMCVCQSVEMCVCRSVEMSU4MiVEMCVCRSVEMSU4MCVEMCVCRSVEMCVCQyUyQyVEMCVCMiVEMCVCOCVEMCVCNCVEMCVCRCVEMCVCRSUyQyVEMCVCQSVEMCVCMCVEMCVCQSUyQyVEMCVCNCVEMCVCNSVEMCVCMiVEMSU4MyVEMSU4OCVEMCVCQSVEMCVCMCUyQyVEMSU4MCVEMCVCMCVEMSU4MSVEMSU4MiVEMCVCNSVEMCVCMyVEMCVCRCVEMSU4MyVEMCVCQiVEMCVCMCUyQyVEMSU4OCVEMCVCOCVEMSU4MCVEMCVCOCVEMCVCRCVEMCVCQSVEMSU4MyUyQyVEMSU4MSVEMCVCMiVEMCVCRSVEMCVCNSVEMCVCQyVEMSU4MyUyQyVEMCVCNCVEMSU4MCVEMSU4MyVEMCVCMyVEMSU4MyUyQyVEMCVCNCVEMCVCRSVEMSU4MSVEMSU4MiVEMCVCMCVEMCVCQiVEMCVCMCUyQyVEMCVCNSVEMCVCMyVEMCVCRSUyQyVEMSU4NyVEMCVCQiVEMCVCNSVEMCVCRCUyQyVEMCVCOCUyQyVEMCVCRiVEMSU4MCVEMCVCRSVEMSU4MSVEMSU4MiVEMCVCRSUyQyVEMCVCRCVEMCVCMCVEMSU4NyVEMCVCMCVEMCVCQiVEMCVCMCUyQyVEMCVCNSVEMCVCMyVEMCVCRSUyQyVEMCVCNCVEMSU4MCVEMCVCRSVEMSU4NyVEMCVCOCVEMSU4MiVEMSU4QyUyQyVEMCVCRiVEMCVCMCVEMSU4MCVEMCVCNSVEMCVCRCVEMSU4QyUyQyVEMCVCRiVEMSU4MCVEMCVCRSVEMSU4MSVEMSU4MiVEMCVCRSUyQyVEMSU4MSVEMCVCRCVEMCVCOCVEMCVCQyVEMCVCMCVEMCVCQiUyQyVEMCVCRCVEMCVCMCVEMCVCMiVEMCVCOCVEMCVCNCVEMCVCNSVEMCVCRSUyQyVEMCVCRiVEMCVCRSVEMCVCQiVEMSU4MyVEMSU4NyVEMCVCMCVEMCVCQiUyQyVEMSU4MyVEMCVCNCVEMCVCRSVEMCVCMiVEMCVCRSVEMCVCQiVEMSU4QyVEMSU4MSVEMSU4MiVEMCVCMiVEMCVCOCVEMCVCNSUyQyVEMCVCOCUyQyVEMCVCMiJ9
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 20:05:50 GMT
server: nginx/1.20.2
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 204 info
notification.tubecup.net/med/ 0
197 B 7ms
7ms Image
text/plain 78.47.199.210
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notification.tubecup.net/med/info?tag_id=23626
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.47.199.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.210.199.47.78.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 20:05:50 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type

GET
H2 200 npush.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 162 KB
45 KB 43ms
7ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d0fd0955e5dcedeea614dc1ebf5d34db3d1c2d69225e7535041f6a090f4bb68

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 20:10:50 GMT
date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 10:27:24 GMT
server: nginx/1.18.0
etag: W/"65fd5d0c-28936"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 build.js Show response
js.canstrm.com/in-stream-ad-admanager/ 18 KB
7 KB 288ms
12ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.canstrm.com/in-stream-ad-admanager/build.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 46a1b5b6c612f50b5f3242014e763383d967b4431e21b9015e912af4423be48f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 20:10:50 GMT
date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Mar 2024 12:52:34 GMT
server: nginx/1.18.0
etag: W/"66017392-4762"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 60 B
430 B 26ms
8ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=23626
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a28cfc0fc5a38aa93c88a3df7d3bc9ebcba7a8c4e0c518243d9917dcfba8d209

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Mon, 25 Mar 2024 20:05:50 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://davalka.cc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 60

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 43ms
8ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=23626
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://davalka.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://davalka.cc
Connection: keep-alive
Date: Mon, 25 Mar 2024 20:05:50 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 nmain.m.js Show response
js.wpushsdk.com/skins/ 459 KB
108 KB 9ms
9ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/skins/nmain.m.js
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e48f9fa2d05db0d1c450fea8f640b1aebc6c4430ef1a5b54bb6506679f334030

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 20:10:50 GMT
date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2024 10:31:25 GMT
server: nginx/1.18.0
etag: W/"65fabafd-72c52"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKKhW4I4ajVHaECiFxrtAhyXgotqo9tUJGExEwootLU7DB1T2kOg504xK...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKKywAzIirEeSR4dqQxABiB-k-lt4zrOBuNj1A-n207hmSNF4FWR18T_cMyzTK3z1wXUqKCwtQ&passive...

0
0

GET
H2 200 6322 Show response
rdrctgoweb.com/osvald/ Frame D50F 8 KB
5 KB 174ms
173ms Script
text/html 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rdrctgoweb.com/osvald/6322?n=bmvmXvQ&ab=0&ts=1711397150487&fg=cbbdff0505b1656ece6e0169ec100289&&rt=0&id=1711397150292&tz=-60&ps=1711397149322&meta%5Bwidth%5D=800&meta%5Bheight%5D=600&meta%5Bratio%5D=1&meta%5Bram%5D=8&meta%5Bgpu%5D=Intel%20Iris%20OpenGL%20Engine&meta%5BcolorDepth%5D=24&meta%5Bgamut%5D=srgb&meta%5Bcores%5D=17&meta%5BhashG%5D=7363124689&meta%5BhashC%5D=14.680&meta%5Bhints%5D%5Barchitecture%5D=x86&meta%5Bhints%5D%5Bbitness%5D=64&meta%5Bhints%5D%5Bbrands%5D%5B0%5D%5Bbrand%5D=Google%20Chrome&meta%5Bhints%5D%5Bbrands%5D%5B0%5D%5Bversion%5D=123&meta%5Bhints%5D%5Bbrands%5D%5B1%5D%5Bbrand%5D=Not%3AA-Brand&meta%5Bhints%5D%5Bbrands%5D%5B1%5D%5Bversion%5D=8&meta%5Bhints%5D%5Bbrands%5D%5B2%5D%5Bbrand%5D=Chromium&meta%5Bhints%5D%5Bbrands%5D%5B2%5D%5Bversion%5D=123&meta%5Bhints%5D%5BfullVersionList%5D%5B0%5D%5Bbrand%5D=Google%20Chrome&meta%5Bhints%5D%5BfullVersionList%5D%5B0%5D%5Bversion%5D=123.0.6312.58&meta%5Bhints%5D%5BfullVersionList%5D%5B1%5D%5Bbrand%5D=Not%3AA-Brand&meta%5Bhints%5D%5BfullVersionList%5D%5B1%5D%5Bversion%5D=8.0.0.0&meta%5Bhints%5D%5BfullVersionList%5D%5B2%5D%5Bbrand%5D=Chromium&meta%5Bhints%5D%5BfullVersionList%5D%5B2%5D%5Bversion%5D=123.0.6312.58&meta%5Bhints%5D%5Bmobile%5D=0&meta%5Bhints%5D%5Bplatform%5D=Win32&meta%5Bhints%5D%5BplatformVersion%5D=10.0.0&meta%5Bhints%5D%5BuaFullVersion%5D=123.0.6312.58&meta%5Bhints%5D%5Bwow64%5D=0&action=link&userAgent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F123.0.0.0%20Safari%2F537.36&r=https%3A%2F%2Fdavalka.cc%2Fvideo%2F5389%2F&location=https%3A%2F%2Fdavalka.cc%2Fembed%2F28358&title=28358&hardwareLogical=17&orientation=landscape&orientationAngle=0&resolution=800x600&screenWidth=800&screenHeight=600&devicePixelRatio=1&&

Requested by

Host: rdrctgoweb.com
URL: https://rdrctgoweb.com/sweetie/hello.min.js?id=1699421342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

1e1442b06213cb9a4420f79aacbce7af5adf1cd97e26c97fe3d081281fbfcc68

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: gzip
server: nginx/1.21.6
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Model
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin
access-control-allow-credentials: true

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 23ms
6ms XHR
text/plain 168.119.25.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=1344cc81-a760-445c-ba16-8cdae29b3dca&subid=1246705633&sid=3080070508&spot_id=17117&created_at=2024-03-25&timezone=1&ver=8.155.0&is_native=1
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.102 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.102.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 20:05:50 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 multy Show response
76b8aba987.265ccb08af.com/in/ 24 KB
3 KB 522ms
522ms XHR
application/json 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://76b8aba987.265ccb08af.com/in/multy
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2413e4d26735f9b1aba71555cdc417b5d2fd952b3b8f25de0794ed2862c394ff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 20:05:51 GMT
content-encoding: gzip
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 2825

OPTIONS
H2 204 multy
76b8aba987.265ccb08af.com/in/ Frame 0
0 58ms
25ms Preflight 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://76b8aba987.265ccb08af.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://davalka.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Mon, 25 Mar 2024 20:05:50 GMT
pragma: no-cache
server: nginx/1.18.0
vary: Origin

GET
H2 200 css2
fonts.googleapis.com/ Frame D50F 23 KB
2 KB 45ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Mar 2024 19:02:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Mar 2024 20:05:50 GMT

GET
H2 200 icon
fonts.googleapis.com/ Frame D50F 591 B
781 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons:wght@300;400;600;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b21138e1f122349ced0a6a46d6d2d87534cde4ab4a7900f404a4552c0b41d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Mar 2024 20:05:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Mar 2024 20:05:50 GMT

GET
H2

200

6185ba3966dfe92201b641471067884b.gif
1-965-12242-1.b.cdn13.com/61/85/ Frame D50F
Redirect Chain

https://cdnbuy.bidonmajet.com/61/85/6185ba3966dfe92201b641471067884b.gif?cdn_hash=d81a06788c5730750e3852c0124c3367&cdn_net=2a01:4a0:2b::5
https://1-965-12242-1.b.cdn13.com/61/85/6185ba3966dfe92201b641471067884b.gif?cdn_hash=d81a06788c5730750e3852c0124c3367&cdn_net=2a01:4a0:2b::5

77 KB
78 KB

92ms
17ms

Image
image/gif

67.216.89.35
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1-965-12242-1.b.cdn13.com/61/85/6185ba3966dfe92201b641471067884b.gif?cdn_hash=d81a06788c5730750e3852c0124c3367&cdn_net=2a01:4a0:2b::5
Protocol: H2
Server: 67.216.89.35 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS: 1f1-23-d3360-35.webazilla.com
Software: ucdn/1.24.0 /
Resource Hash: e5b77f255cd95569b4a00c777d4f4e272c18b8a9ca561437d8ca928eb4374cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://davalka.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 20:05:50 GMT
x-openstack-request-id: txd263ae9dee5f42c980b94-0065f316cb
content-length: 79201
x-trans-id: txd263ae9dee5f42c980b94-0065f316cb
last-modified: Wed, 01 Jun 2022 09:53:30 GMT
server: ucdn/1.24.0
x-ureq-id: iGdXh0p4jsirXbA0mc5/5j0y28/UR56/ETKWefxruAa7ikNKVuPTCjuknQBC5dzD9uMkMLxbmXw4LDkZCXZWDU/dMRYCrsxeJbh9lRee3Jo=
etag: "6185ba3966dfe92201b641471067884b"
x-served-from: l1
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/gif
x-vhostid: 1497, 11715
access-control-allow-origin: *
x-timestamp: 1654077209.57229
cache-control: max-age=13143860
accept-ranges: bytes
expires: Sat, 24 Aug 2024 23:10:10 GMT

Redirect headers

date: Mon, 25 Mar 2024 20:05:50 GMT
server: ucdn/1.24.0
x-ureq-id: iGdXh0p4jsirXbA0mc5/5j0y28/UR56/ETKWefxruAbkujq93PJeXkXfHmVYU75aBsBx0BwoEI3NNoKUxLJv4g==
x-served-from: origin
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/html
location: https://1-965-12242-1.b.cdn13.com/61/85/6185ba3966dfe92201b641471067884b.gif?cdn_hash=d81a06788c5730750e3852c0124c3367&cdn_net=2a01:4a0:2b::5
access-control-allow-origin: *
x-vhostid: 11392
content-length: 144

GET
H2 200 clickadilla-vast.min.js Show response
js.canstrm.com/pb/downloads/latest/ 146 KB
50 KB 11ms
11ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.canstrm.com/pb/downloads/latest/clickadilla-vast.min.js
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/in-stream-ad-admanager/build.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8d9e74ce4b71fe2207e40ca98034299c70f90059e37ccd525883b705f2f74e44

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Mon, 25 Mar 2024 20:10:50 GMT
date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: gzip
last-modified: Mon, 25 Mar 2024 12:52:34 GMT
server: nginx/1.18.0
etag: W/"66017392-24676"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame D50F 47 KB
47 KB 42ms
18ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 587697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 00:50:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame D50F 47 KB
48 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 587697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 00:50:53 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame D50F 47 KB
47 KB 38ms
14ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://davalka.cc
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 00:50:53 GMT
x-content-type-options: nosniff
age: 587697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 00:50:53 GMT

OPTIONS
H2 204 vast
vast.yomeno.xyz/ Frame 0
0 54ms
17ms Preflight
text/plain 2a02:128:7:4860::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.yomeno.xyz/vast
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4860::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://davalka.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://davalka.cc
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 25 Mar 2024 20:05:49 GMT
server: nginx/1.20.1

POST
H2 200 vast Show response
vast.yomeno.xyz/ 3 KB
2 KB 285ms
285ms XHR
application/json 2a02:128:7:4860::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.yomeno.xyz/vast
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/in-stream-ad-admanager/build.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4860::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e5e7decc6389c5ec9a48af0b7f666dd04815ed026fb9c14c9f085936f3b6c6aa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 20:05:50 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Accept-Encoding, *
content-type: application/json; charset=utf-8
access-control-allow-origin: https://davalka.cc
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 v.html
porn4fap.com/ Frame 5BA3 0
0 112ms
27ms Document
text/html 109.206.176.116
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://porn4fap.com/v.html?player_url=https%3A%2F%2Fjs.canstrm.com%2Fvast-vpaid-player%2Fmain.js
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/pb/downloads/latest/clickadilla-vast.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.176.116 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 116.176.serverel.net
Software: nginx/1.23.1 /
Resource Hash

Request headers

Referer: https://davalka.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
cache-control: max-age=300
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 25 Mar 2024 20:05:51 GMT
etag: W/"66017392-b60"
expires: Mon, 25 Mar 2024 20:10:01 GMT
last-modified: Mon, 25 Mar 2024 12:52:34 GMT
server: nginx/1.23.1
x-nginx-cache-status: HIT
x-proxy-cache: HIT

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
699 B 337ms
10ms Image
image/webp 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.02&cpa=c6d3cdf8-4f83-4442-ac26-d029f03e31e1&prev_step_diff=587
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 25 Mar 2025 20:05:51 GMT
date: Mon, 25 Mar 2024 20:05:51 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1e6"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486
x-proxy-cache: HIT

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 337ms
10ms Image
image/webp 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 25 Mar 2025 20:05:51 GMT
date: Mon, 25 Mar 2024 20:05:51 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-42a"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1066
x-proxy-cache: HIT

GET
H2 200 /
76b8aba987.265ccb08af.com/in/show/ 0
201 B 14ms
4ms Image
text/plain 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://76b8aba987.265ccb08af.com/in/show/?tag_ab=d&site_id=3117117&adblock=0&testab=1&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Fdavalka.cc%2Fvideo%2F5389%2F&refdom=davalka.cc&auction_time=1711397150&subid=1246705633&sid=3080070508&tcid=0&ver=8.155.0&ver_c=&spot_id=17117&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-25&iabcat=IAB25-3&keywords=adult&user_fp=15045080816121483769&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1246705633%26spot_id%3D17117%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdavalka.cc%252Fvideo%252F5389%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1246705633%26spot_id%3D17117%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdavalka.cc%252Fvideo%252F5389%252F%26idzone%3D0%26sid%3D1886&icons=T8Owqfg5H6mbtlOtGhNYET363jWpkn511nPTbnM-x5wofTbSmDzie_dOv1QSSYqyoL0ssrcnO6L0MoAizKvremh9q5Pm8El0Cl2VIyCdFH_dlLdQYJiGjJcNRmAYFMEAjI4hsARUh-PBR84aaR_Zof5dfb2S8rVDPay_SroTJPvv82V-OA&ext_cid=0&px_id=17117&min_cpm=0.022952441618171577&out_id=1&campaign_type=pop-default&aid=0&cid=2957&uniq=&mid=3455318398395959700&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.02295244161817158&cpm=0&verify_hash=fd6e6878237dd1b91cd4448ac029a8d3&is_native=4&real_bid=0.000472989&original_bid_usd=0.000472989&original_bid=0.000472989&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F123.0.0.0%20Safari%2F537.36&ip_mismatch=2a01:4a0:2b::5&geo=DE&carrier=-&label_ids=0,114,20,27,108&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.000472989&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.000000472989&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.02&cpa=418ab85b-5208-4b93-98b7-dbdc0330f95c&prev_step_diff=587
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 20:05:51 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
DATA 200
OK truncated
/ Frame 174E 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
76b8aba987.265ccb08af.com/in/show/ 0
200 B 4ms
4ms Image
text/plain 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://76b8aba987.265ccb08af.com/in/show/?tag_ab=d&site_id=3117117&adblock=0&testab=1&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Fdavalka.cc%2Fvideo%2F5389%2F&refdom=davalka.cc&auction_time=1711397150&subid=1246705633&sid=3080070508&tcid=0&ver=8.155.0&ver_c=&spot_id=17117&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-25&iabcat=IAB25-3&keywords=adult&user_fp=15045080816121483769&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1246705633%26spot_id%3D17117%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fdavalka.cc%252Fvideo%252F5389%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=94982391&crtid=45aacb05b799f81e7d27b64c2097d0ee&url=https%3A%2F%2Fvowggy.xyz%2Fdsp%2Fph%2Fclcm%3Faid%3D17548006366103159965%26mid%3D0%26t%3D1711397150%26s%3D1094150%26sid%3D1826&icons=HE7epJ57nqHlK4S99ZouQLa2m8x99Zqel6aBxIbsn725B5pmynO5X3UfCbpRbkj29ca5QJC-aXbb1q-i6CUqYIVKg5yomt9rSfIquTaKD4w4IqrxBhnmKvsqMmnS_q9ihzZVanl1d9sD-RilhyRYVPJ6E0-8FmRRaPSFkRHBCxianOArKGYJOYE&ext_cid=0&px_id=14682170&min_cpm=0.0007919002199010445&out_id=0&campaign_type=hq&aid=2085&cid=16408&uniq=&mid=3455318398395959700&skin_id=71&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.010550164107565228&cpm=0&verify_hash=987f5b21bd2c4b52657d5f9332512810&is_native=1&real_bid=0.006301439809799184&original_bid_usd=0.0072&original_bid=0.0072&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F123.0.0.0%20Safari%2F537.36&ip_mismatch=2a01:4a0:2b::5&geo=DE&carrier=-&label_ids=4,90,5&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=&site=native-push-adult&price=0.0072&hostname=auc-inpage-hz-11-c&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Berlin&topics=&historical_keywords=&pop_cpc=0.0000072000000000000005&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.02&cpa=ebb8d6c5-9337-439e-a928-a7bb3d262bb6&prev_step_diff=587
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 20:05:51 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png
i.wmgtr.com/cic/ Frame 174E
Redirect Chain

https://vowggy.xyz/dsp/ph/icm?aid=17548006366103159965&mid=0&sid=1826&t=1711397150&subid=14682170&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=...
https://i.wmgtr.com/cic/_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png

28 KB
28 KB

35ms
6ms

Image
image/png

45.133.44.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png

Protocol

Server

45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

09959f401dbec86370932a57cc491685741bd4b6c7df2f344e680a0bb4b6177d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

expires: Tue, 26 Mar 2024 19:05:51 GMT
date: Mon, 25 Mar 2024 20:05:51 GMT
content-encoding: gzip
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cic/_F_oKtsSfl2JoVvYpP6iZx1D1K6EwOID.png
date: Mon, 25 Mar 2024 20:05:51 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 204 /
kts.cvastico.com/in/vmon/ 0
0 53ms
15ms Fetch 2a02:128:7:5241::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kts.cvastico.com/in/vmon/?title=In-stream%20Ad&system=SSP%20LINK%20Wrapper%2CClickadilla%2CClickadilla&type=vast&mediafile=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F696%2F696496%2FomQivt46.mp4&click=https%3A%2F%2Fdeq.denebalgiedi.top%2F%3Fpl%3DkT4A6zYfe0u28gwjXLADiw%26sub_id%3Dporn4fap.com&katds_ep=gilozyS-0i88ghpX213OaHdaw7G50YnLPXzUgV05fprlSkqt2oz4qa5oTEbSkF-Iz5lMxu6nNntPx5hVxxcw0PtS6FYIXm-eqsoBDUJGyHSkJqZiy5KlghphkB3bpsHS4tBrde4
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/pb/downloads/latest/clickadilla-vast.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:5241::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://davalka.cc
pragma: no-cache
date: Mon, 25 Mar 2024 20:05:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
vary: *

GET
H2 200 push-in-impression
rdrctgoweb.com/ Frame D50F 43 B
180 B 71ms
71ms Image
image/gif 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rdrctgoweb.com/push-in-impression?key=84d68397-31c6-4841-b17b-abf13c329172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 25 Mar 2024 20:05:51 GMT
access-control-allow-credentials: true
server: nginx/1.21.6
x-frame-options: SAMEORIGIN
content-type: image/gif

GET
H2 200 jCxCBoY3PQ_iZtdxoEWUMWYX08lW-dyNfPlYfo_FTpcXZ87BpNhX9MjdUdFjet2aw4sCIfhz1Km9SOC0HuPvaS6VmqTFpLmDbQMQLr8kJHpgv8pDrn4pUQxMqUurnasc0BT6t8c Show response
31825.novemberadventures.name/ 2 KB
2 KB 16ms
15ms XHR
text/plain 88.208.22.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://31825.novemberadventures.name/jCxCBoY3PQ_iZtdxoEWUMWYX08lW-dyNfPlYfo_FTpcXZ87BpNhX9MjdUdFjet2aw4sCIfhz1Km9SOC0HuPvaS6VmqTFpLmDbQMQLr8kJHpgv8pDrn4pUQxMqUurnasc0BT6t8c?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fdavalka.cc%2Fvideo%2F5389%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Win32%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%22800%22%2C%22600%22%2C%22800%22%2C%22600%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221113%22%2C%221600%22%2C%221113%22%2C%22false%22%2C%221%22%2C%2217%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Mon%20Mar%2025%202024%2021%3A05%3A49%20GMT%2B0100%20(Central%20European%20Standard%20Time)%22%2C%22-60%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1
Requested by: Host: 31825.novemberadventures.name
URL: https://31825.novemberadventures.name/v3/a/pop/js/224870
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2e0afafbc1849ce53d9cd190ec6b1a07962d9f2987965022de8d60888ffa5f5e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://davalka.cc/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 25 Mar 2024 20:05:52 GMT
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: unsafe-url
last-modified: Mon, 25 Mar 2024 20:05:52 UTC
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://davalka.cc
accept-ch-lifetime: 31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Mon, 25 Mar 2024 20:05:52 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: reallifeforyouandme_block.com
URL: https://reallifeforyouandme_block.com/services/?id=159907

Domain: vidosikov.com
URL: https://vidosikov.com/player/player_ads.html?advertising_id=0.5336935735946775&adzone=0.7441438155345577

Domain: www.facebook.com
URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKKywAzIirEeSR4dqQxABiB-k-lt4zrOBuNj1A-n207hmSNF4FWR18T_cMyzTK3z1wXUqKCwtQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1376165988%3A1711397150544392&theme=mn&ddm=0

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-21 04:07:30	Name: FTID Value: 1c0TaT0kUg8m1c0TaT001Pe7
.yadro.ru/	1970-01-21 04:07:30	Name: VID Value: 1F9MYG0-QGOm1c0TaT0013sT
.davalka.cc/	1970-01-21 04:08:53	Name: cf_clearance Value: DCJMetuKduPKUHe4oVcY5H8awdEFJjHKNrdCzyjeefk-1711397149-1.0.1.1-7kAXscfxq5RdMvvlu8J9AWa06SnrlO1_kKH2VtdMcRN9Z1RjaMfCiZWqEYMu1WQK1u73jOedUpk4vO6hqj3LbQ
fp.metricswpsh.com/	1970-01-21 04:08:53	Name: id Value: 1643141483951416277

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://reallifeforyouandme_block.com/services/?id=159907 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://davalka.cc/embed/28358 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://davalka.cc/video/5389/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://davalka.cc/video/5389/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://davalka.cc/video/5389/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
deprecation	warning	URL: https://davalka.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other	warning	URL: https://davalka.cc/video/5389/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1-965-12242-1.b.cdn13.com
31825.novemberadventures.name
69v.club
76b8aba987.265ccb08af.com
a788d8a3de.7411603f57.com
accounts.google.com
cdn.1qu.info
cdnbuy.bidonmajet.com
counter.yadro.ru
davalka.cc
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
i.wmgtr.com
jkha742.xyz
js.canstrm.com
js.capndr.com
js.wpadmngr.com
js.wpushsdk.com
kts.cvastico.com
mikellli.com
mybmrtrg.com
na.nawpush.com
nereserv.com
notification.tubecup.net
pagead2.googlesyndication.com
porn4fap.com
pornogoogle.info
rdrctgoweb.com
reallifeforyouandme_block.com
riamiavid.com
stat.clickfrog.ru
static.bookmsg.com
storage.multstorage.com
vast.yomeno.xyz
vidosikov.com
vowggy.xyz
www.facebook.com
accounts.google.com
reallifeforyouandme_block.com
vidosikov.com
www.facebook.com
109.206.176.116
116.203.95.45
142.250.185.130
157.90.84.242
168.119.25.102
172.67.152.236
172.67.160.81
188.114.96.3
193.200.64.162
2606:4700:3031::6815:2897
2606:4700:3032::ac43:ae33
2606:4700:3033::ac43:99e0
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
2a01:4f8:e0:19cb::1
2a02:128:7:4860::2
2a02:128:7:5241::2
2a02:b4a:1:6::5
2a05:93c4:27::1
2a06:98c1:3120::3
2a06:98c1:3121::3
45.133.44.24
45.133.44.33
45.133.44.52
45.133.44.53
67.216.89.35
67.216.91.3
78.47.199.210
82.148.12.69
88.208.22.2
88.212.201.198
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
09959f401dbec86370932a57cc491685741bd4b6c7df2f344e680a0bb4b6177d
151c5837f1989c7dc4daadd4629f387d3f09e8d7d1fc5b33e05c2c823f0238b9
18c72b42c630259e7f589c515f8cf986f14dc6f4cb1b75c92042c68d47a7f79f
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
1e1442b06213cb9a4420f79aacbce7af5adf1cd97e26c97fe3d081281fbfcc68
1ea4dfe698af85b8c0be2bea33995932214934666bf103846330a3ed3fda3ce0
2413e4d26735f9b1aba71555cdc417b5d2fd952b3b8f25de0794ed2862c394ff
25e403b17a74929b98ab51a93ade83a6473e38c371ccab098cac23c90274874b
270fdb6410492879aca3036773565424390849f6b6a2b60b2274f572cee39b35
2af7a6e853edeeafad1e8f32bbf16b5c24878f90bf61d58694db196a07170228
2e0afafbc1849ce53d9cd190ec6b1a07962d9f2987965022de8d60888ffa5f5e
305465b97bf6cb59ebf3d22e46bff29e6d7fc564e47c1f170c9a97be612bac5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f20a759241a4586563561c34aaa106a47305136f44daf910ee1f956ca2c273d
407f536ee7f4e3763f61f300c058c64d63395ac00db571a51674bc1ae3a9185c
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
46a1b5b6c612f50b5f3242014e763383d967b4431e21b9015e912af4423be48f
4af1cc6c4612e9ea733ad311f93fcc854ea3ce378302e8de52852be6017a9b2b
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
513f7b6ab64a35c9289db5ca0c11e66b308b9ce9dc202172fef1772a61dd933e
58ff32fec9bb44fa012e947f3911140b3535152cda48d20e8eb6d6b03c9d5cb2
59e75bcd612a370c286ed11f955277c411edebc066c6323ce57ca0829b7076d4
5dab35dacfc245899201f41480f280bcddb19f27e2e9224da4e9c185a7f571fe
64f891913f807f121748305962b1794373c2b7babc71b239a84c484ea0c94a5c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6855b84c0f4f9e12c04fe22ff563fa465862d44e423db6e916d94ca3da927d42
6b21138e1f122349ced0a6a46d6d2d87534cde4ab4a7900f404a4552c0b41d46
6c444d599115e3671ac128e3627e371ee93001ed1abb42073970a3ea5011101b
6ca1a5546b80841e76c2e3259f218e6cca0f591cdd1ac6f79bf2b4acf38008d2
6ca843c8152080da9858beb844feafe1264162fa3285d61286251ef9be1537e6
6d0fd0955e5dcedeea614dc1ebf5d34db3d1c2d69225e7535041f6a090f4bb68
6f9ef12233a62072c82f27a98fdede602d296f924e23b376a86ae8834870746c
71351895de2940632adf0499176d4cebcdb25eaca7e689e2b0e1a424233a8f03
724ba0966f09ccb056c81d08c1980a5171f1dbf804d3c85f8864745bea75ae1e
7476f09f40ca3c0e6da1c090efe8cf627f06a0f40673fa327465f4552ba86fdc
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
755df44e3394e69c444d8e0216d918d3063f10968546def1b1d66f246939ac94
77a17943bcd23ad2b403d77dd44150ebd91a7f9dbd86d9e175f1692136f452e1
7c195211a2ff6d5da164f18c3755397746cde65bee8b4b78e06813fc1d474313
85f2f9268707586e0b9fcd1212157603de031cca53e1be63bfa2f62a8010ff1e
8d9e74ce4b71fe2207e40ca98034299c70f90059e37ccd525883b705f2f74e44
9cf3f26f29e6333dbbfd1f05aef1193e1663b553544251fd7f6b66dcc8bd6fdb
a0ac529020d1dfb6df5c0a7232ab0696474fe93b4f230063e31bac0465eb47b3
a28cfc0fc5a38aa93c88a3df7d3bc9ebcba7a8c4e0c518243d9917dcfba8d209
a79783f2566c23424c5192f91ddcb5bb722dde96ad5f18c91a104ed42373b152
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa8193b7e4f8b45ff8f3764bc4f2bc035bb34da7ef9bb56d1fa85a5515b4663e
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b1569592184caf6ecb7fdcabc1068d79fd8f8d997f0d1d00b7364d783b82560f
b1d57d9b193d8de86d75352646ea1cdf755e7629f9124903e7525f6919135c74
b1e7885b7e52914720b2b7c57eec1b536ab410bb7122e06bbc4bdd3cdd9d87d1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bf86d8eb9277b69e2c6202ca711c3b19c64a2a9a8cf4ba7bc33bdecacfb8a0b2
c77ce116b93c433c48f164efec8ffa01121d1c5300efb7d872ba25fe50f27e91
c78116d28ba955c86c5aea32df53cfb7ded13e90805f4c1ebe8440094d101f8d
c85183390b23326532649a0091ba89aa4d9d1422e85535d6c00b36ec1db5ed4f
c967bb5d1fbe2c614d86df1b81839addf8207d74f355a1d7b1bab9ea664f8f55
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0ab10c669936edfb6affbf71d1263ad8936209088dbed5601df0b2e0da9f3e
e13296a19c623cff752620a9f03aa2b920a13ea08a1d2292ebd423a2e0feeb2c
e393ab33da5f5e3cb8a5fd7beece758d61ae71f7646f9dd100dc562aa667b723
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48f9fa2d05db0d1c450fea8f640b1aebc6c4430ef1a5b54bb6506679f334030
e5b77f255cd95569b4a00c777d4f4e272c18b8a9ca561437d8ca928eb4374cb0
e5e7decc6389c5ec9a48af0b7f666dd04815ed026fb9c14c9f085936f3b6c6aa
e88f421b2498fd4ff75eeb6df1d0e8b5e1f038007350ad968d4f258cbe50a02c
ec5de29180fdbf89af95fc3cba8e16edcca3775a5ce6ce14326743a9abab2a48
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f228d347876d805bb31f4af604d8b4ceb7a0f2e1fa155d9d9549141e21dedc02
febd13c4ff5272c6be4b8eb8e64b626d699628a46abaa944e844262be915492c
ff33166d12bc8e46a4eea3f47641bec1f45264f63574a19456f47ed034964a46

davalka.cc Open in urlscan Pro 2606:4700:3031::6815:2897 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

92 %HTTPS

39 %IPv6

38 Domains

38 Subdomains

30 IPs

6 Countries

1363 kBTransfer

2646 kBSize

4 Cookies

19 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

davalka.cc Open in urlscan Pro
2606:4700:3031::6815:2897 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

92 %
HTTPS

39 %
IPv6

38
Domains

38
Subdomains

30
IPs

6
Countries

1363 kB
Transfer

2646 kB
Size

4
Cookies

99 HTTP transactions
4 data transactions