ilstream.info Open in urlscan Pro
104.21.46.67 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Submission: On September 18 via manual (September 18th 2021, 8:57:40 am UTC) from RU — Scanned from DE

Summary HTTP 80 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 80 HTTP transactions. The main IP is 104.21.46.67, located in and belongs to CLOUDFLARENET, US. The main domain is ilstream.info.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 20th 2020. Valid for: a year.

This is the only time ilstream.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	104.21.46.67 104.21.46.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.69.41 104.21.69.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	104.18.16.65 104.18.16.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.181.246 142.250.181.246	15169 (GOOGLE) (GOOGLE)
2	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
2	185.156.202.210 185.156.202.210	56388 (AMBER-AS ...) (AMBER-AS ---CLIENTS---)
16	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
2	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
1	31.13.92.10 31.13.92.10	32934 (FACEBOOK) (FACEBOOK)
1	64.58.116.134 64.58.116.134	7979 (SERVERS-COM) (SERVERS-COM)
1	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
7	173.194.182.74 173.194.182.74	15169 (GOOGLE) (GOOGLE)
2	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
80	20

6 104.21.46.67 (None, )

ASN13335 (CLOUDFLARENET, US)

ilstream.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.69.41 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.siteswithcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.18.16.65 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.246 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.156.202.210 (Belize)

ASN56388 (AMBER-AS ---CLIENTS---, BZ)

m.uttclimber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.92.10 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-01-frt3.facebook.com

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.116.134 (United States)

ASN7979 (SERVERS-COM, US)

c.siteswithcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 173.194.182.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s30-in-f10.1e100.net

r5---sn-4g5e6ns7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	adskeeper.com jsc.adskeeper.com c.adskeeper.com servicer.adskeeper.com s-img.adskeeper.com cm.adskeeper.com	296 KB
14	youtube-nocookie.com www.youtube-nocookie.com	733 KB
8	ytimg.com i.ytimg.com	115 KB
7	googlevideo.com r5---sn-4g5e6ns7.googlevideo.com	789 KB
6	ilstream.info ilstream.info	38 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	43 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com stackpath.bootstrapcdn.com	117 KB
2	mgid.com c.mgid.com	1 KB
2	youtube.com www.youtube.com	45 KB
2	uttclimber.com m.uttclimber.com	55 KB
2	facebook.net connect.facebook.net	69 KB
2	siteswithcontent.com cdn.siteswithcontent.com c.siteswithcontent.com	3 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	google.com www.google.com	13 KB
1	facebook.com web.facebook.com
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	googleapis.com ajax.googleapis.com	30 KB
80	17

	Domain	Requested by
14	www.youtube-nocookie.com	www.youtube.com www.youtube-nocookie.com
9	s-img.adskeeper.com	jsc.adskeeper.com
8	i.ytimg.com	ilstream.info
7	r5---sn-4g5e6ns7.googlevideo.com	www.youtube-nocookie.com
6	ilstream.info	ilstream.info
5	c.adskeeper.com	jsc.adskeeper.com
4	jsc.adskeeper.com	ilstream.info jsc.adskeeper.com
2	cm.adskeeper.com	jsc.adskeeper.com
2	servicer.adskeeper.com	jsc.adskeeper.com
2	www.gstatic.com	www.youtube-nocookie.com www.gstatic.com
2	fonts.gstatic.com	www.youtube-nocookie.com
2	c.mgid.com	cdn.siteswithcontent.com ilstream.info
2	www.youtube.com	ilstream.info www.youtube.com
2	m.uttclimber.com	ilstream.info
2	connect.facebook.net	ilstream.info connect.facebook.net
2	stackpath.bootstrapcdn.com	ilstream.info stackpath.bootstrapcdn.com
2	maxcdn.bootstrapcdn.com	ilstream.info
1	yt3.ggpht.com
1	www.google.com	www.youtube-nocookie.com
1	c.siteswithcontent.com
1	web.facebook.com	connect.facebook.net
1	cdnjs.cloudflare.com	ilstream.info
1	ajax.googleapis.com	ilstream.info
1	cdn.siteswithcontent.com	ilstream.info
80	24

This site contains links to these domains. Also see Links.

Domain
www.adskeeper.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-20` - `2021-12-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
uttclimber.com R3	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
siteswithcontent.com R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-17` - `2021-10-26`	2 months	crt.sh

This page contains 6 frames:

Primary Page: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Frame ID: 857EC2A5E37E2AFE80E207EF1E210BD4
Requests: 47 HTTP requests in this frame

Frame: https://m.uttclimber.com/
Frame ID: 6F7187E4FD09150218AD1AC71D1C1665
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
Frame ID: DB5A0AD94B4F204981DE8AB85F14B97E
Requests: 30 HTTP requests in this frame

Frame: https://m.uttclimber.com/
Frame ID: 92508D6FF01AB50A51EFD98758795BB4
Requests: 2 HTTP requests in this frame

Frame: https://web.facebook.com/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfffc9f71e42eb8%26domain%3Dilstream.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Filstream.info%252Ff2bd5cf048a19%26relation%3Dparent.parent&color_scheme=light&container_width=956&height=100&href=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&locale=de_DE&numposts=20&order_by=reverse_time&sdk=joey&version=v3.2&width=
Frame ID: D1BE82252CB60BB84BD732A9688EB2B8
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1631955454424382721520
Frame ID: D41576B1E986248596A3FCEFF857EC99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Павел Ширшов о движении «Ветераны боевых действий за справедливость»

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

100 %
HTTPS

0 %
IPv6

17
Domains

24
Subdomains

20
IPs

4
Countries

2352 kB
Transfer

5237 kB
Size

12
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.adskeeper.com/ghits/8164912/i/57511976/2/src/2701347968/pp/1/1?h=TG-Fvlcf1uBTfr1Cl45R5CIf_cKFORIM5TEgV3ry05_UPncSV0WzhxdQSx28JVuK&rid=76f3f8a6-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1&muid=l8iy7J5xL5V1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8193502/i/57511976/2/src/2701347968/pp/2/1?h=TG-Fvlcf1uBTfr1Cl45R5CBTe88ScYki9dheDPlC2lLfCn7XdhGEqbppIRrjloqY&rid=76f3f8a6-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1&muid=l8iy7J5xL5V1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8193504/i/57511976/2/src/2701347968/pp/3/1?h=TG-Fvlcf1uBTfr1Cl45R5GSLU_fyDef2plIdLp-Fy0qFKDK-rSYaolvO8Eiuk9O8&rid=76f3f8a6-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1&muid=l8iy7J5xL5V1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164865/i/57511976/2/src/2701347968/pp/4/1?h=TG-Fvlcf1uBTfr1Cl45R5F_CoCNXT2fz9-CTTG3KbcpFi6G4IxpcIhTZsxz3FWSL&rid=76f3f8a6-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1&muid=l8iy7J5xL5V1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164883/i/57511976/2/src/2701347968/pp/5/1?h=TG-Fvlcf1uBTfr1Cl45R5NQC6VbM_FdjTq1CeAv4mKEuLxPfg-MTxYnj9JrtKXrK&rid=76f3f8a6-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1&muid=l8iy7J5xL5V1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8193496/i/57511976/2/src/2701347968/pp/6/1?h=TG-Fvlcf1uBTfr1Cl45R5I43lJs2Q_pjQAtby5ubFMYuU2bsK5q04Um-iLxGd6sW&rid=76f3f8a6-185e-11ec-9d9d-d0946675f626&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1&muid=l8iy7J5xL5V1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164868/i/57511978/2/src/2701347968/pp/1/1?h=nkdWIrsmMPHCdBWQ4N8oomJtOmPy5VdToevhrC8wqBZjKwxMPWFLJ_S-iHjYC-0E&rid=76f37403-185e-11ec-8fab-2cea7f875b01&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/8164865/i/57511978/2/src/2701347968/pp/2/1?h=nkdWIrsmMPHCdBWQ4N8ool_CoCNXT2fz9-CTTG3Kbcop_ANhv7vrnpk767uXnumY&rid=76f37403-185e-11ec-8fab-2cea7f875b01&tt=Direct&att=3&pubsrcid=ilstream.info&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request eoqKuoGvjpynb3o.html Show response
ilstream.info/white/pavel-ir-ov/ 53 KB
14 KB 1326ms
1239ms Document
text/html 104.21.46.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.46.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f848cee8b7545f1f85e0cc3971853d2d66fe7125d5a3ef6174000a283b10cde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: ilstream.info
:scheme: https
:path: /white/pavel-ir-ov/eoqKuoGvjpynb3o.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400, no-transform
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 18 Sep 2021 08:57:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3DAxf5ZNE%2BmmXcqp5Re2BoN9BynExMkHbShdIH299cKMGb3y13PsiHqXMwACzBrlUrTcVI3wNhJsUKeDjoxJP%2Bfa4vce2JsokzUIlg3ptj5aFFmZt3qTVzXr%2FvJIHuK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 69095e065e97410d-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 61ms
25ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752, 617, 617
age: 41763
cdn-cachedat: 2021-07-24 16:36:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f3720130497a5a1dda74389a4f277a06
cf-ray: 69095e0e6d394125-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 58ms
22ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 41763
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 11f6b86dc6845b3f5a28525b9d3148d7
cf-ray: 69095e0e6c684113-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 s.css
ilstream.info/css/ 27 KB
6 KB 22ms
21ms Stylesheet
text/css 104.21.46.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ilstream.info/css/s.css

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.46.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ad01e3bb6314005136e71b9414ac0da20dc2db3a8713b09b2339374b9fb278d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /css/s.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ilstream.info
referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271
cf-polished: origSize=28531
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 21 Sep 2019 09:44:57 GMT
server: cloudflare
etag: W/"5d85f119-6f73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZSeYtTxcux96ntOqGkfaTrSY1KqWJZuYP2SAS7mh%2FS8PjZGwtuGUudK8rlmwmmwmWnZ3%2FCgToEl5e55r7fULYz8Vz5HkLenNfiVMitcziNgEmoErrIf%2F%2Fgk12qsEkDx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 69095e0e2aaa410d-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 subscribe.js Show response
cdn.siteswithcontent.com/js/push/ 4 KB
2 KB 66ms
19ms Script
application/javascript 104.21.69.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.siteswithcontent.com/js/push/subscribe.js
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.69.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62761d0cd40a9eeecb3d39dd4f289e55f1edf39e056b76431843fb640963ddcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-id: cec-up-gc13
date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5237
x-cached-since: 2021-04-21T18:05:10+00:00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 4555WVCZPBFPA11N
x-amz-id-2: a24CW3XmeryphTjfRSCqmlJY2LKepmQkqXOTp4m6ln/06ppVz8CuT7oeh0qpGAROnpheMH97Adw=
last-modified: Mon, 04 May 2020 12:18:12 GMT
server: cloudflare
etag: W/"189f6ddd0a08dd184bfe6cd4082874bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8lfi4yfHGj%2BA5A8Iivl0G%2BQt6%2Fddu64ZV%2FkEonv6JxZwH8SrK2%2BUNdxh9RClOraVYxIXBJwPCu6VmgqSLbkqQdppV7%2BXS%2FUwWtCS4Hopze%2By%2BtVAxIkmgvsrxhLTMji8D%2FW5shEhXISw9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
cf-ray: 69095e0edd724138-PRG

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 48ms
15ms Script
text/javascript 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 08:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 259878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Thu, 15 Sep 2022 08:46:15 GMT

GET
H3 200 ui.js Show response
ilstream.info/js/ 32 KB
11 KB 25ms
25ms Script
application/javascript 104.21.46.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ilstream.info/js/ui.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.46.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7099a2273add53eb39c829e4f35d6847aa949fc597badfdef4cf00602cc01f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /js/ui.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ilstream.info
referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271
cf-polished: origSize=33025
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 14 Aug 2019 08:32:48 GMT
server: cloudflare
etag: W/"5d53c730-8101"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bk%2F7LwT%2FWyXi7ut71svntmMad61Ak9roVoKKOfwTnA3OJlC%2FY5K3uWlUDfymR12OlRiMW5xtoaN%2FFsMNQNsrUPllcfbcFLld5Rhna4Ep6O5r4D32efJjZLTdx5Mthz9Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 69095e0e9a064114-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 60ms
25ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 828521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1120
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIcJmR%2Fjh0LfSq4HknMv6kDn4ReBu48Jdfo8b0Fj%2BqQb2PxFVt4nmzb864RIfM4jgGohIifPz%2B1BNNOxD7lNcTqHYte3uA0IG3ay9QCexV%2FTgWNKcMV29XBi0XwSJIB9S9dkoN%2Bk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69095e0ecb442794-PRG
expires: Thu, 08 Sep 2022 08:57:33 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 55ms
37ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752, 617, 617, 617, 617, 617, 617, 617, 617, 617
age: 41763
cdn-cachedat: 2021-08-02 15:29:35
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 018cb4e665195d2c3cff697d6812a833
cf-ray: 69095e0eb8edf9d2-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 f.js Show response
ilstream.info/js/ 10 KB
4 KB 36ms
35ms Script
application/javascript 104.21.46.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ilstream.info/js/f.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.46.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

058a7472842e1ca6c12d9b7de2b4635142fbbac7207d20dd0492726f6adb2a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /js/f.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ilstream.info
referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271
cf-polished: origSize=13019
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 20 Sep 2019 12:55:22 GMT
server: cloudflare
etag: W/"5d84cc3a-32db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2qCLEybrHBqn78UpisVmF1iDDDWxgUJ%2BuCeuCwjf0t3sgUi6H52iVXOmxVw0bzmY0qcQB0PfTna0CBCRnzPPBO7%2FuOm1d4Mzy9DzfqdStZTRTVSHPqefb7YazkcZPcA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 69095e0e9a0b4114-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 vss.js Show response
ilstream.info/js/ 6 KB
3 KB 22ms
21ms Script
application/javascript 104.21.46.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ilstream.info/js/vss.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.46.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1045f21eee60c3c0d34e2d24263b806fa7f0c0ebe90e9ac9280bfc9fe4e1d059

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /js/vss.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ilstream.info
referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 165
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 31 Aug 2019 19:20:15 GMT
server: cloudflare
etag: W/"5d6ac86f-1651"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mamv4WCVLMHXO%2BVR4PaTwmi%2FjKTxj1mEYTo%2FsQjDP2UhwXZJ1A1NxfLL47on8Zes1Kdodb48MQrQKaSAXv6L4NcC1bNGxgzJ6pl5LOfz9Rh6BV0hb48kwTulwMp%2BVoa7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 69095e0e9a0c4114-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rufun.info.1178743.js Show response
jsc.adskeeper.com/r/u/ 2 KB
934 B 70ms
25ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.js
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e691825311d319d1006d0a8bc28127d3f2fb8d1fd24348a3fff0c9432afc4fc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 227
cf-ray: 69095e0eeb5c2794-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 742
x-amz-id-2: dEiwmxJ0IhuWLBQ1AjWRJJco9m09cRYI5aH1XHDangCvGm/4PYF/OquYGT1Xqd8HhkkN4D+e5KY=
last-modified: Wed, 08 Sep 2021 05:45:30 GMT
server: cloudflare
etag: "f4121002af057fb260bcd882bbcaeda1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: DMQGCT9T94GXAZVD
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 18 Sep 2021 12:57:33 GMT

GET
H3 200 o.gif
ilstream.info/img/ 43 B
684 B 23ms
22ms Image
image/gif 104.21.46.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ilstream.info/img/o.gif

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.46.67 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /img/o.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ilstream.info
referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 271
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
last-modified: Wed, 14 Aug 2019 08:32:47 GMT
server: cloudflare
etag: "5d53c72f-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNMFv9ZnFYiewlyMDNpDSvr6OFAI4%2BhWABCPGGwIX%2FIW5pejQ2Mcl9uQ%2Fwzr3e2GgvUGqrrGCfCuR1i8acsPDg4Jvz78IKqRojQ0oXkUqz4nQom4PSzRryfYLflwWXpN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 69095e0e9a0d4114-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rufun.info.1178745.js Show response
jsc.adskeeper.com/r/u/ 2 KB
1 KB 65ms
19ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.js
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa72f2b960b4d2d368349c238463a5dcc3e804f813b7fae82b94ae3706eec5cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 227
cf-ray: 69095e0eeb5f2794-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 742
x-amz-id-2: A9VuhvyGemIhLK/TldTDq44pVqY2NTKoAJnOGbTgcimL4UMVYFepbkOqlEBHovMD3/0IvPXFjNM=
last-modified: Wed, 08 Sep 2021 05:46:32 GMT
server: cloudflare
etag: "4d06e7afe5faea3604bfe8a033b53569"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: DMQHFJZCTMA8WZDZ
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 18 Sep 2021 12:57:33 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/6fV2U8wgVLU/ 9 KB
10 KB 33ms
8ms Image
image/jpeg 142.250.181.246
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/6fV2U8wgVLU/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.246 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f22.1e100.net

Software

sffe /

Resource Hash

e82f2631c70f95ca2d3bf77c4bc297be6ef137c222bd83edd0bd9b4952cf5ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:27:49 GMT
x-content-type-options: nosniff
age: 1784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9221
x-xss-protection: 0
server: sffe
etag: "1549448927"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:27:49 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/y8ZsHJcFTfs/ 20 KB
20 KB 72ms
47ms Image
image/jpeg 142.250.181.246
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/y8ZsHJcFTfs/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.246 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f22.1e100.net

Software

sffe /

Resource Hash

e03d66de0457bb93f80e7a9152f6a360e09d85511fa69c1a6b5a270789c09edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
x-content-type-options: nosniff
server: sffe
etag: "1528429338"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20611
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:57:33 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/xlgwOPNnmHw/ 9 KB
9 KB 41ms
16ms Image
image/jpeg 142.250.181.246
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/xlgwOPNnmHw/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.246 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f22.1e100.net

Software

sffe /

Resource Hash

1d6e388ad48519846741274d10d2662309fb82c2adc6b1ea391f9bee3aaf8ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:48:58 GMT
x-content-type-options: nosniff
age: 515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8772
x-xss-protection: 0
server: sffe
etag: "1630231120"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:48:58 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/zxYjTTXc-J8/ 26 KB
26 KB 34ms
9ms Image
image/jpeg 142.250.181.246
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zxYjTTXc-J8/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.246 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f22.1e100.net

Software

sffe /

Resource Hash

b8eb2bf2f39489b9b48af06dbc64ca88ca3c636abb94e23ae03393382cecd13d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:53:12 GMT
x-content-type-options: nosniff
age: 261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26348
x-xss-protection: 0
server: sffe
etag: "1630441315"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:53:12 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/wT2tgslNkSY/ 12 KB
12 KB 42ms
17ms Image
image/jpeg 142.250.181.246
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wT2tgslNkSY/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.246 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f22.1e100.net

Software

sffe /

Resource Hash

7292eb9edd795d5a433f06c4aef2af9c336418460cedfa236e6a8352cf4c38bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:56:48 GMT
x-content-type-options: nosniff
age: 45
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12273
x-xss-protection: 0
server: sffe
etag: "1631622962"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:56:48 GMT

GET
H3 200 mqdefault.jpg
i.ytimg.com/vi/vWo_nK0OXxc/ 7 KB
7 KB 23ms
8ms Image
image/jpeg 142.250.181.246
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/vWo_nK0OXxc/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.246 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f22.1e100.net

Software

sffe /

Resource Hash

7c39fd92933f7cb0661d25530b6b0d5903add1a013f1e06280944d3650ef82c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:54:28 GMT
x-content-type-options: nosniff
age: 185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6897
x-xss-protection: 0
server: sffe
etag: "1631698675"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 08:59:28 GMT

GET
H3 200 mqdefault.jpg
i.ytimg.com/vi/nO5-0w4py8g/ 19 KB
19 KB 23ms
8ms Image
image/jpeg 142.250.181.246
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/nO5-0w4py8g/mqdefault.jpg

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.246 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f22.1e100.net

Software

sffe /

Resource Hash

c5136612bacf8f9163d8d08f77628940d92f721da35e182842d6bd8fe9bea84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 07:57:17 GMT
x-content-type-options: nosniff
age: 3616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19687
x-xss-protection: 0
server: sffe
etag: "1631246443"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 09:57:17 GMT

GET
H3 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 42ms
22ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 133820
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 787bfde5dabdd2a95c04ea7c7171bf4f
accept-ranges: bytes
cf-ray: 69095e0eca7b411a-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sdk.js Show response
connect.facebook.net/de_DE/ 3 KB
2 KB 22ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js

Requested by

Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

eb0c369f8b2315b43d6f5c753d8ac7b1c384a1487896321aad3ebac069516d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: hDqQHgAcij4tjZTONvVBJg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: E2Morom2BksZ0OUpwH0TVo9CdsEbZfV8edG1T9ahV4Mk5WAr2lAjgJT/fAm86DOcmvJJVsxqpv626nNORrHoNA==
x-fb-trip-id: 2050670934
x-fb-content-md5: 2f48e765903cac65d48bac8630fea69f
x-frame-options: DENY
date: Sat, 18 Sep 2021 08:57:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "899821adbdffe8854e8671e6b608edaf"
timing-allow-origin: *
expires: Sat, 18 Sep 2021 09:12:47 GMT

POST
H2 200 / Show response
m.uttclimber.com/ Frame 6F71 97 KB
55 KB 129ms
51ms XHR
text/plain 185.156.202.210
AMBER-AS ---CLIEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.uttclimber.com/
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.156.202.210 , Belize, ASN56388 (AMBER-AS ---CLIENTS---, BZ),
Reverse DNS
Software: openresty /
Resource Hash: fe223f59e5627f875e9650f0a1f015d47097d7970809e21fae82dd00df561b87

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
x-cache-date: Sat, 18 Sep 2021 08:56:30 GMT
x-cache: STALE
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
2 KB 65ms
29ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: ilstream.info
URL: https://ilstream.info/js/vss.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

15f82c1390578d6d20727a3bb7191dc62d07b221005c34f191eddae4cfe0e21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Sat, 18 Sep 2021 08:57:33 GMT

GET
H2 200 js-cookie-muidn Show response
c.mgid.com/ 65 B
822 B 133ms
72ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/js-cookie-muidn
Requested by: Host: cdn.siteswithcontent.com
URL: https://cdn.siteswithcontent.com/js/push/subscribe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05113649e84b6ff5771ebf9b554b2f8d606c5be8052bf1c6c4a22b49725bb992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 852b5ffa-0384-437b-938f-9d70f20c7cc5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095e10293ff9d6-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 rufun.info.1178745.es6.js Show response
jsc.adskeeper.com/r/u/ 225 KB
65 KB 61ms
42ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56b03a276b2da8a5e427be32efc4e3f91143080c21ca7823b96e1e42cff01e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5848
cf-ray: 69095e0fef604125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 65882
x-amz-id-2: ST3PNmce0MFzj4/8qqgbhrG4gwZObPxJ8vh0/FyxGNDO9JluiKr2Ze/6sEdt9yAvq8TOJLWuquE=
last-modified: Wed, 08 Sep 2021 05:46:32 GMT
server: cloudflare
etag: "37f1ac2b0e559cfa6ead3d78b9b720d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 0A4SF4J6H41C0F8R
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 18 Sep 2021 12:57:33 GMT

GET
H3 200 rufun.info.1178743.es6.js Show response
jsc.adskeeper.com/r/u/ 225 KB
65 KB 44ms
25ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc5826348d69567babd3982a7f4e222e0f351e04697f7db76db98c1eb799cdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5848
cf-ray: 69095e0fef624125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 65897
x-amz-id-2: 5gb7woEMS1oU4tqGHWslSI3Uvw7gKk7xERtw4H43pwaSnqTZtiKaHHy2/e2yebouiyG3Ux/9arA=
last-modified: Wed, 08 Sep 2021 05:45:30 GMT
server: cloudflare
etag: "8cbe4dbc10446e462bc537c203248f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 0A4XYTJ19XS8HKPQ
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 18 Sep 2021 12:57:33 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/de_DE/ 228 KB
67 KB 15ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js?hash=e373c3a7b6964c75cd260960a3900947

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

f4280d9998706a70f7fdd274c2d98aa0de09d1db42405fe0a503f002830231b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BQwVzMR2QZnkwR3MwdIVEQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68471
x-fb-rlafr: 0
x-fb-debug: sbRKh805aA9nTNcxYbqaCtpMdd9ZIODiBe2PYD3CRjTEsx3NTBFUgtABCto153w10Hh7fgxBwxx2msD9UUFuig==
x-fb-content-md5: fc547d70721d186b47eb9ae671d6dfff
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 18 Sep 2021 08:57:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5a302c8a1d5d9d85674e480fc1add49d"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Sep 2022 08:50:52 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/ 135 KB
44 KB 21ms
7ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

16de1d7645521d4b2909a9590e266c6a19dd4992b357f984d05b8e0683245bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 18 Sep 2022 08:16:25 GMT

GET
H2 200 AWTYMwXkF9E Show response
www.youtube-nocookie.com/embed/ Frame DB5A 55 KB
24 KB 66ms
65ms Document
text/html 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

9380db06efa10536a95bba1e9f8b7df70339b871021cc3ef796945f5be9c3880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube-nocookie.com
:scheme: https
:path: /embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ilstream.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Sep 2021 08:57:33 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraF8kvpPgkkYf7NfrxN7y50wX-O9sdgO44AY1Q0Xw3I5lf8_mKJYJs"
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AZM8iraF8kvpPgkkYf7NfrxN7y50wX-O9sdgO44AY1Q0Xw3I5lf8_mKJYJs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraF8kvpPgkkYf7NfrxN7y50wX-O9sdgO44AY1Q0Xw3I5lf8_mKJYJs"}]}
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 / Show response
m.uttclimber.com/ Frame 9250 93 B
439 B 41ms
41ms XHR
text/plain 185.156.202.210
AMBER-AS ---CLIEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.uttclimber.com/
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.156.202.210 , Belize, ASN56388 (AMBER-AS ---CLIENTS---, BZ),
Reverse DNS
Software: openresty /
Resource Hash: 9733e858008006b7e46a95acfc298981e1a5d90fdd34a0ed4a6aa0f666626d5c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 93

GET
H3 200 www-player-webp.css
www.youtube-nocookie.com/s/player/d7a19ed1/ Frame DB5A 329 KB
45 KB 9ms
9ms Stylesheet
text/css 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/www-player-webp.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46352
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:43:09 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/www-embed-player.vflset/ Frame DB5A 201 KB
66 KB 14ms
13ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67291
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:40:11 GMT

GET
H3 200 base.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame DB5A 2 MB
505 KB 7ms
6ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516948
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:40:11 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/fetch-polyfill.vflset/ Frame DB5A 8 KB
3 KB 13ms
12ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:40:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB5A 15 KB
15 KB 48ms
13ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 392360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 19:58:13 GMT

GET
H2 200 comments.php
web.facebook.com/v3.2/plugins/ Frame D1BE 0
0 76ms
40ms Document
text/html 31.13.92.10
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfffc9f71e42eb8%26domain%3Dilstream.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Filstream.info%252Ff2bd5cf048a19%26relation%3Dparent.parent&color_scheme=light&container_width=956&height=100&href=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&locale=de_DE&numposts=20&order_by=reverse_time&sdk=joey&version=v3.2&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=e373c3a7b6964c75cd260960a3900947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.10 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-shv-01-frt3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: web.facebook.com
:scheme: https
:path: /v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfffc9f71e42eb8%26domain%3Dilstream.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Filstream.info%252Ff2bd5cf048a19%26relation%3Dparent.parent&color_scheme=light&container_width=956&height=100&href=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&locale=de_DE&numposts=20&order_by=reverse_time&sdk=joey&version=v3.2&width=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ilstream.info/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: ITMLSl296TgLIiMsNH8J1ta1GxXE/n9MGeefmtn12sC1ZzmUx4etcWk3w1O7g2V7ftPYS/atCpFgbFmb0WEC+A==
content-length: 0
date: Sat, 18 Sep 2021 08:57:33 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 push-event-counter
c.siteswithcontent.com/ 43 B
482 B 389ms
123ms Image
image/gif 64.58.116.134
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.siteswithcontent.com/push-event-counter?permission=default&domain=ilstream.info
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.58.116.134 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:34 GMT
x-mg-request-uuid: ada09943-acf1-49cf-a1b0-484b868970b8
access-control-allow-methods: POST, OPTIONS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://ilstream.info
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: *
server: nginx

GET
H2 200 3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js Show response
www.google.com/js/th/ Frame DB5A 34 KB
13 KB 28ms
6ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3kAHTdcT5fG0Js-DZv11sXxKdgJzwYcAKGwQ7tsGiFU.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 14:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13157
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 14:42:24 GMT

GET
H3 200 embed.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame DB5A 24 KB
7 KB 8ms
7ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:43:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 119663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7340
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:43:10 GMT

POST
H3 200 player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame DB5A 67 KB
22 KB 89ms
88ms XHR
application/json 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

68efeceb8392be2f1278a76b4874deff83a26946a7a3920664515bc8d640b865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210915.1.2
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id: CgsyTUxZMHd2LU1zYyj905aKBg%3D%3D
Content-Type: application/json

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22329
x-xss-protection: 0

GET
H3 200 js-cookie-muidn Show response
c.mgid.com/ Frame 9250 65 B
499 B 139ms
123ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/js-cookie-muidn
Requested by: Host: ilstream.info
URL: https://ilstream.info/white/pavel-ir-ov/eoqKuoGvjpynb3o.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05113649e84b6ff5771ebf9b554b2f8d606c5be8052bf1c6c4a22b49725bb992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: d3d12866-52d3-49c6-8fa2-cffb8e760c10
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095e126a6af9ce-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
DATA 200
OK truncated
/ Frame DB5A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLT1dy4XFSlRgseA9TgCwAcnGLN8hWI8XVeQQtilIA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame DB5A 2 KB
3 KB 90ms
14ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT1dy4XFSlRgseA9TgCwAcnGLN8hWI8XVeQQtilIA=s68-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

676ef4edd50a39df0808976793adc82efb41cfb7e36ed71347d1b1b1190fc704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 07:15:23 GMT
x-content-type-options: nosniff
age: 6130
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
server: fife
etag: "v115"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Sep 2021 07:03:53 GMT

GET
DATA 200
OK truncated
/ Frame DB5A 356 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c64b0de0962926c3545e374f17fe916a24fa3ab6dab9a6c758838b75641e568

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB5A 10 KB
10 KB 41ms
17ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:14:50 GMT
x-content-type-options: nosniff
age: 409363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 15:14:50 GMT

GET
H3 204 generate_204
www.youtube-nocookie.com/ Frame DB5A 0
9 B 7ms
6ms Image
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?GpWtsw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe
www.youtube-nocookie.com/api/stats/ Frame DB5A 0
17 B 16ms
16ms Ping
text/html 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?event=streamingstats&fmt=133&afmt=251&cpn=TyqFP4_s7MiUPIeZ&ei=_alFYcvnMZWegAet84P4Dw&el=embedded&docid=AWTYMwXkF9E&ns=yt&fexp=23748146%2C23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24077924%2C24080738%2C24082661%2C24084121%2C24096481&cl=397162147&seq=1&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210915.1.2&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.166:B,0.166:B&cmt=0.009:0.000,0.166:0.000&ctmp=cc:t.159;useVodTrack&afs=0.166:251::i&vfs=0.166:133:133::o&view=0.166:956:538&bwe=0.166:130000&bat=0.166:1:1&vis=0.166:0&bh=0.166:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:33 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5e6ns7.googlevideo.com/ Frame DB5A 65 KB
66 KB 102ms
43ms XHR
video/mp4 173.194.182.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns7.googlevideo.com/videoplayback?expire=1631977053&ei=_alFYcvnMZWegAet84P4Dw&ip=216.131.114.72&id=o-ADDWn5_JLPTO_i_8qUJ2oDIRJmLX_vEsQTKc_Ec790eu&itag=133&aitags=133%2C160%2C242%2C278&source=youtube&requiressl=yes&mh=x_&mm=31%2C26&mn=sn-4g5e6ns7%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=5&pl=24&initcwndbps=153750&vprv=1&mime=video%2Fmp4&ns=EIIyjjJ-WHAvNMzE6y-xOgcG&gir=yes&clen=4057659&otfp=1&dur=149.480&lmt=1604777841197684&mt=1631954944&fvip=5&keepalive=yes&fexp=24001373%2C24007246&beids=23886212&c=WEB_EMBEDDED_PLAYER&txp=6216222&n=pkM4AB9ORA8ojg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKCbWjMVZDW2nDEGxW0kZXv5q9GzNVrzxuduM8MX7i47AiEAtKQNT8MuYgPxFkBHtRoegwlAJSLDVAKyDzGgRvx8e-Y%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPdME54JE9njiw6S1E0soEhGZyWcHiw4ycmH5NmKABt0AiEAoWWlTndkAQVL7iWbAo0sN8JeLUfxBxi5t4trKzXhFX8%3D&alr=yes&cpn=TyqFP4_s7MiUPIeZ&cver=1.20210915.1.2&range=0-66656&rn=1&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.194.182.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s30-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

4ca7b6283bd174a943d3fbf538df9d916e02d73646add68894d2f61b4623892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 08:57:34 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66657
Last-Modified: Sat, 07 Nov 2020 19:37:21 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
X-Content-Type-Options: nosniff
Expires: Sat, 18 Sep 2021 08:57:34 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5e6ns7.googlevideo.com/ Frame DB5A 65 KB
66 KB 108ms
36ms XHR
audio/webm 173.194.182.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns7.googlevideo.com/videoplayback?expire=1631977053&ei=_alFYcvnMZWegAet84P4Dw&ip=216.131.114.72&id=o-ADDWn5_JLPTO_i_8qUJ2oDIRJmLX_vEsQTKc_Ec790eu&itag=251&source=youtube&requiressl=yes&mh=x_&mm=31%2C26&mn=sn-4g5e6ns7%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=5&pl=24&initcwndbps=153750&vprv=1&mime=audio%2Fwebm&ns=EIIyjjJ-WHAvNMzE6y-xOgcG&gir=yes&clen=2468925&otfp=1&dur=149.501&lmt=1604777836441783&mt=1631954944&fvip=5&keepalive=yes&fexp=24001373%2C24007246&beids=23886212&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=pkM4AB9ORA8ojg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPt2rHOcS_5n-l2l0hb8LX3qASrxxJQZTOCnEnJrxHUNAiBpuN0QlCgbi0zZzctyqVNIdbx1AuiDauEV2sY9Vl4KJA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPdME54JE9njiw6S1E0soEhGZyWcHiw4ycmH5NmKABt0AiEAoWWlTndkAQVL7iWbAo0sN8JeLUfxBxi5t4trKzXhFX8%3D&alr=yes&cpn=TyqFP4_s7MiUPIeZ&cver=1.20210915.1.2&range=0-66053&rn=2&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.194.182.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s30-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

c535531235b9cb6a3d4e684904a348aa30319f985c3f2a2529c26a2eb4eec6fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 18 Sep 2021 08:57:34 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66054
Last-Modified: Sat, 07 Nov 2020 19:37:16 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Sat, 18 Sep 2021 08:57:34 GMT

GET
H3 200 remote.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame DB5A 95 KB
29 KB 7ms
7ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29920
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Sep 2022 12:20:09 GMT

GET
H3 200 captions.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame DB5A 63 KB
24 KB 8ms
8ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

9040a139631211e17470f010dbf75c22df174e015f73164cd7ccce019a132a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 01:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24378
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Sep 2022 01:07:05 GMT

GET
H3 200 endscreen.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame DB5A 26 KB
7 KB 9ms
8ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

sffe /

Resource Hash

b219c775b483ef8b92a2310b53c5066f2ccc661bf8126194efc49fa2febbe40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7110
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Sep 2022 00:06:23 GMT

POST
H3 200 next Show response
www.youtube-nocookie.com/youtubei/v1/ Frame DB5A 5 KB
1 KB 147ms
145ms XHR
application/json 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

90f1f45d771dfef8c69431ba04b4769be131e5827d6e300209ed63a3ce16eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210915.1.2
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Goog-Visitor-Id: CgsyTUxZMHd2LU1zYyj905aKBg%3D%3D
Content-Type: application/json

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1309
x-xss-protection: 0

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/AWTYMwXkF9E/ Frame DB5A 13 KB
13 KB 8ms
8ms Image
image/webp 142.250.181.246
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/AWTYMwXkF9E/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.246 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f22.1e100.net

Software

sffe /

Resource Hash

fdae48ba51745b7da714401b6acf73fecd4158fb9b9db199254489773bc5413a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:37:26 GMT
x-content-type-options: nosniff
age: 1207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12910
x-xss-protection: 0
server: sffe
etag: "1604777999"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 Sep 2021 10:37:26 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DB5A 4 KB
3 KB 36ms
15ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Sat, 18 Sep 2021 08:57:34 GMT

GET
H2 200 / Show response
c.adskeeper.com/pv/ 0
307 B 82ms
67ms Script
text/plain 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.com/pv/?pv=5&src_id=ilstream.info&cbuster=1631955454000966465062&uniqId=149eb&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&lu=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&sessionId=6145a9fe-15a45&pageView=1&pvid=17bf8200831b73953d5&site=733294&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095e13aac22794-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/92/ Frame DB5A 52 KB
15 KB 35ms
14ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/92/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 06:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15330
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 15:08:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 19 Sep 2021 06:39:58 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5e6ns7.googlevideo.com/ Frame DB5A 64 KB
64 KB 15ms
7ms XHR
video/mp4 173.194.182.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.182.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s30-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

2a244cfcd7d67dd422fba41c17c4252a001190606e1efb773f1051a5043bc289

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:21 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Sat, 18 Sep 2021 08:57:34 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5e6ns7.googlevideo.com/ Frame DB5A 64 KB
64 KB 7ms
7ms XHR
audio/webm 173.194.182.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns7.googlevideo.com/videoplayback?expire=1631977053&ei=_alFYcvnMZWegAet84P4Dw&ip=216.131.114.72&id=o-ADDWn5_JLPTO_i_8qUJ2oDIRJmLX_vEsQTKc_Ec790eu&itag=251&source=youtube&requiressl=yes&mh=x_&mm=31%2C26&mn=sn-4g5e6ns7%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=5&pl=24&initcwndbps=153750&vprv=1&mime=audio%2Fwebm&ns=EIIyjjJ-WHAvNMzE6y-xOgcG&gir=yes&clen=2468925&otfp=1&dur=149.501&lmt=1604777836441783&mt=1631954944&fvip=5&keepalive=yes&fexp=24001373%2C24007246&beids=23886212&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=pkM4AB9ORA8ojg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPt2rHOcS_5n-l2l0hb8LX3qASrxxJQZTOCnEnJrxHUNAiBpuN0QlCgbi0zZzctyqVNIdbx1AuiDauEV2sY9Vl4KJA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPdME54JE9njiw6S1E0soEhGZyWcHiw4ycmH5NmKABt0AiEAoWWlTndkAQVL7iWbAo0sN8JeLUfxBxi5t4trKzXhFX8%3D&alr=yes&cpn=TyqFP4_s7MiUPIeZ&cver=1.20210915.1.2&range=66054-131789&rn=4&rbuf=3857

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.182.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s30-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

82902f5fe07b60c443b2b07f173220da1931c1e75d18034f80254a0bd7cb5ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65736
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:16 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Sat, 18 Sep 2021 08:57:34 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5e6ns7.googlevideo.com/ Frame DB5A 132 KB
132 KB 7ms
6ms XHR
video/mp4 173.194.182.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.182.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s30-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

fa0f0f56ef0b662ea960d16bb45137434feffbbbc2ed9fbe28351379546bc80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134693
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:21 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Sat, 18 Sep 2021 08:57:34 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5e6ns7.googlevideo.com/ Frame DB5A 129 KB
129 KB 7ms
6ms XHR
audio/webm 173.194.182.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6ns7.googlevideo.com/videoplayback?expire=1631977053&ei=_alFYcvnMZWegAet84P4Dw&ip=216.131.114.72&id=o-ADDWn5_JLPTO_i_8qUJ2oDIRJmLX_vEsQTKc_Ec790eu&itag=251&source=youtube&requiressl=yes&mh=x_&mm=31%2C26&mn=sn-4g5e6ns7%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=5&pl=24&initcwndbps=153750&vprv=1&mime=audio%2Fwebm&ns=EIIyjjJ-WHAvNMzE6y-xOgcG&gir=yes&clen=2468925&otfp=1&dur=149.501&lmt=1604777836441783&mt=1631954944&fvip=5&keepalive=yes&fexp=24001373%2C24007246&beids=23886212&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=pkM4AB9ORA8ojg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPt2rHOcS_5n-l2l0hb8LX3qASrxxJQZTOCnEnJrxHUNAiBpuN0QlCgbi0zZzctyqVNIdbx1AuiDauEV2sY9Vl4KJA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPdME54JE9njiw6S1E0soEhGZyWcHiw4ycmH5NmKABt0AiEAoWWlTndkAQVL7iWbAo0sN8JeLUfxBxi5t4trKzXhFX8%3D&alr=yes&cpn=TyqFP4_s7MiUPIeZ&cver=1.20210915.1.2&range=131790-263462&rn=6&rbuf=7726

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.182.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s30-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

5e5c38899d5895fd96e9bf2a6cf3ca7ec3c5c5c170f0a28887f103d03374f918

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131673
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:16 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
expires: Sat, 18 Sep 2021 08:57:34 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5e6ns7.googlevideo.com/ Frame DB5A 269 KB
269 KB 7ms
7ms XHR
video/mp4 173.194.182.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.182.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s30-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

9ef4cba1cd828a53c7852ffbf7c6bfb2c9bb0f761e43c7e1b36247399831c916

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275427
client-protocol: quic
last-modified: Sat, 07 Nov 2020 19:37:21 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube-nocookie.com
x-content-type-options: nosniff
expires: Sat, 18 Sep 2021 08:57:34 GMT

GET
H2 200 1 Show response
servicer.adskeeper.com/1178745/ 2 KB
1 KB 84ms
68ms Script
application/x-javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1178745/1?pv=5&src_id=ilstream.info&cbuster=1631955454279559519890&uniqId=149eb&niet=4g&nisd=false&jsv=es6&w=493&h=730&cols=1&ref=&cxurl=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&lu=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&sessionId=6145a9fe-15a45&pageView=1&pvid=17bf8200831b73953d5&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c6e3025718e00fcea78f2e1455c8e163ef79c10d329d4dfb1052bb15bc1f6b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095e156cf72794-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1 Show response
servicer.adskeeper.com/1178743/ 5 KB
2 KB 83ms
70ms Script
application/x-javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1178743/1?w=956&h=525&cols=3&pv=5&src_id=ilstream.info&cbuster=1631955454280363020029&uniqId=06624&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&lu=https%3A%2F%2Filstream.info%2Fwhite%2Fpavel-ir-ov%2FeoqKuoGvjpynb3o.html&sessionId=6145a9fe-15a45&pageView=0&pvid=17bf8200831b73953d5&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178743.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62084ee895ec6c30bab9d6e03ce0c03db648b2b0112ba34c8c9102241c7b344

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095e156cf62794-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp
s-img.adskeeper.com/g/8164868/492x328/0x183x565x376/ 21 KB
22 KB 68ms
21ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164868/492x328/0x183x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp?v=1631955454-zevWyQ1wkU1sjHUBqkKnyswtS5uClRuMoVpffzIe2G8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e492ce66701389be1427ccf0c669df569ea89a86db96f09319d656dad10d7e7

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:24:16 GMT
x-mg-request-uuid: 39214fe6-a541-437c-be7a-a94bac13b4a9
age: 165
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095e16382d2780-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21824
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.adskeeper.com/g/8164865/492x328/0x0x900x600/ 21 KB
22 KB 70ms
23ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1631955454-v9EDc3kpSYU242DVIBBh7jeWXQThZ4LX4SW-610SRQk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:33:59 GMT
x-mg-request-uuid: 961b1108-f54b-4945-84d8-5e3cafe87f0d
age: 165
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095e1638302780-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21960
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.adskeeper.com/g/8164912/492x328/0x0x1081x720/ 12 KB
13 KB 319ms
276ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164912/492x328/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1631955454-qNXc1EZyt0J7svL6h4elNFBoqrWzXllxpnMuI8xMIU4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d290daa6e15ba87ab2163d78a8d1f73ab6e9dd6d9c3e6c165eec487b0beaae05

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:42:46 GMT
x-mg-request-uuid: 56bd9719-d06b-4567-9087-8b46e44354bc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095e1638362780-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12780
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp
s-img.adskeeper.com/g/8193502/492x328/0x299x1080x720/ 18 KB
19 KB 457ms
413ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8193502/492x328/0x299x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp?v=1631955454-oNglh0POFT9aXKLrzUmv4qig7mRETKFe7Q_lvXt7EcI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f33bb4e2acd2db79c3e8288db0eb912f5bbd7b266be30129723f37766fb5ff6

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 11:02:37 GMT
x-mg-request-uuid: 1430843a-6591-4f48-a5d4-4e375889d6f9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095e1638332780-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18914
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.adskeeper.com/g/8193504/492x328/88x0x631x420/ 15 KB
15 KB 454ms
411ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8193504/492x328/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1631955454-JSLFH8U7e1NXGzzZUtwq_yEC2ODoQq1gCZB_1oJqiDs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4aa768a275ab1427a036acb14f473bc076b7ed611b4c593528d2eede9e9aaf

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:52:22 GMT
x-mg-request-uuid: 495af5d4-d7e3-4cac-a338-d07df84de817
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095e1638342780-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14996
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.adskeeper.com/g/8164883/492x328/0x0x492x328/ 12 KB
12 KB 314ms
271ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164883/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1631955454-LhML4brQP5N6hfkxv2SpCeQ8iAWHYqsYrD-0ykOasFE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a63c2e07501d472fb7b360f00b8eae5dc9908378b75f54a1169916801e09cf45

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:44:01 GMT
x-mg-request-uuid: f5d6c648-59d2-4230-937f-70489c8b4381
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095e1638312780-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12446
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2U2MGYyYTJiM2ExNTQ2NDhjMjhkNjM5MDgzNTNhYzFjLmpwZWc.webp
s-img.adskeeper.com/g/8193496/492x328/0x0x720x480/ 13 KB
13 KB 319ms
278ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8193496/492x328/0x0x720x480/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2U2MGYyYTJiM2ExNTQ2NDhjMjhkNjM5MDgzNTNhYzFjLmpwZWc.webp?v=1631955454-H4sAeXY8lZH5LBYo9LUrjpjoVEqvak0FrkQaW835bxE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1a3eb086f19661c31348ffb3432d75984aaf2a0a3902b445cd3cab8d5ff8eb

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:49:04 GMT
x-mg-request-uuid: 88ea0895-fa79-46a1-b818-3d330d96a941
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095e16282b2780-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13610
server: cloudflare

GET
H2 200 i.js Show response
cm.adskeeper.com/ 19 B
197 B 123ms
109ms Script
application/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1631955454406269642465
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:34 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 63424bbb-a21a-464c-bd70-4cc25855df99
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69095e162de52794-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame D415 19 B
127 B 122ms
122ms Script
application/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1631955454424382721520
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:34 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 5c4d49db-8625-4159-9111-14c779840a36
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 69095e162def2794-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp
s-img.adskeeper.com/g/8164868/492x328/0x183x565x376/ 21 KB
22 KB 49ms
30ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164868/492x328/0x183x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2Y0MmZhZmE0MzUyZGMwMmM4MDYzMTdmYzUzNTU1Yjc2LmpwZw.webp?v=1631955454-zevWyQ1wkU1sjHUBqkKnyswtS5uClRuMoVpffzIe2G8
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e492ce66701389be1427ccf0c669df569ea89a86db96f09319d656dad10d7e7

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:24:16 GMT
x-mg-request-uuid: 39214fe6-a541-437c-be7a-a94bac13b4a9
age: 165
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095e168efa277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21824
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.adskeeper.com/g/8164865/492x328/0x0x900x600/ 21 KB
22 KB 41ms
22ms Image
image/webp 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1631955454-v9EDc3kpSYU242DVIBBh7jeWXQThZ4LX4SW-610SRQk
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/r/u/rufun.info.1178745.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0

Request headers

Referer: https://ilstream.info/
Origin: https://ilstream.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 08:57:34 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:33:59 GMT
x-mg-request-uuid: 961b1108-f54b-4945-84d8-5e3cafe87f0d
age: 165
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 69095e168efb277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21960
server: cloudflare

GET
H3 200 c
c.adskeeper.com/ 43 B
441 B 70ms
70ms Image
image/gif 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=488|362|8|nkdWIrsmMPHCdBWQ4N8oomJtOmPy5VdToevhrC8wqBZjKwxMPWFLJ_S-iHjYC-0E&fw=1&extjs=66044&v=488|345|8|nkdWIrsmMPHCdBWQ4N8ool_CoCNXT2fz9-CTTG3Kbcop_ANhv7vrnpk767uXnumY&cid=1178745&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=76f37403-185e-11ec-8fab-2cea7f875b01&tt=Direct&psid=ilstream.info&iv=11&pageImp=1&pvid=17bf8200831b73953d5&muid=l8iy7J5xL5V1&cbuster=1631955455647225054755&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:35 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4dc662f7-8fb8-4efd-9102-90dfe56976b6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095e1ddb644125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 c
c.adskeeper.com/ 43 B
441 B 67ms
67ms Image
image/gif 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=309|243|40|TG-Fvlcf1uBTfr1Cl45R5F_CoCNXT2fz9-CTTG3KbcpFi6G4IxpcIhTZsxz3FWSL&fw=1&extjs=66044&cid=1178743&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=76f3f8a6-185e-11ec-9d9d-d0946675f626&tt=Direct&psid=ilstream.info&iv=11&pageImp=0&pvid=17bf8200831b73953d5&muid=l8iy7J5xL5V1&cbuster=163195545574774026739&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:35 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 80f6984e-895d-4f61-a3db-0a20a4fc959c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095e1e7c614125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

POST
H3 200 log_event Show response
www.youtube-nocookie.com/youtubei/v1/ Frame DB5A 28 B
50 B 20ms
20ms XHR
application/json 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/AWTYMwXkF9E?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Filstream.info&widgetid=1
X-YouTube-Client-Version: 1.20210915.1.2
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsyTUxZMHd2LU1zYyj905aKBg%3D%3D
X-YouTube-Ad-Signals: dt=1631955453628&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C956%2C538&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 18 Sep 2021 08:57:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H3 200 c
c.adskeeper.com/ 43 B
441 B 70ms
70ms Image
image/gif 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?pv=3&v=309|243|8|TG-Fvlcf1uBTfr1Cl45R5NQC6VbM_FdjTq1CeAv4mKEuLxPfg-MTxYnj9JrtKXrK&extjs=66044&v=309|243|40|TG-Fvlcf1uBTfr1Cl45R5CIf_cKFORIM5TEgV3ry05_UPncSV0WzhxdQSx28JVuK&v=309|243|8|TG-Fvlcf1uBTfr1Cl45R5I43lJs2Q_pjQAtby5ubFMYuU2bsK5q04Um-iLxGd6sW&cid=1178743&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=76f3f8a6-185e-11ec-9d9d-d0946675f626&tt=Direct&psid=ilstream.info&iv=11&pageImp=0&pvid=17bf8200831b73953d5&muid=l8iy7J5xL5V1&cbuster=163195545584783659678&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:35 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: eea4fd11-716c-4c36-8152-ea373719618b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095e1f1d3d4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 c
c.adskeeper.com/ 43 B
441 B 72ms
71ms Image
image/gif 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?pv=3&v=309|243|8|TG-Fvlcf1uBTfr1Cl45R5GSLU_fyDef2plIdLp-Fy0qFKDK-rSYaolvO8Eiuk9O8&extjs=66044&v=309|243|8|TG-Fvlcf1uBTfr1Cl45R5CBTe88ScYki9dheDPlC2lLfCn7XdhGEqbppIRrjloqY&cid=1178743&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=76f3f8a6-185e-11ec-9d9d-d0946675f626&tt=Direct&psid=ilstream.info&iv=11&pageImp=0&pvid=17bf8200831b73953d5&muid=l8iy7J5xL5V1&cbuster=1631955455950212234878&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ilstream.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 08:57:36 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 30067d32-2959-47e0-a2d7-8f642246eeab
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 69095e1fbdfd4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ilstream.info/	1970-01-20 21:19:15	Name: watched Value: %5B%22AWTYMwXkF9E%22%5D
ilstream.info/	1970-01-20 21:19:15	Name: wn Value: AWTYMwXkF9E
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: eS_fgc8PHik
.youtube.com/	1970-01-20 01:38:27	Name: VISITOR_INFO1_LIVE Value: WyP3kgkiOP4
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l8ixV2Pwg0V1
.mgid.com/	1970-01-19 21:19:17	Name: __cf_bm Value: r1P0eB_2ZUsrHA9Mys7t7nrPPB_AMSJjqmOCfnX.II4-1631955453-0-ASqtHrcZmklclZNYPDNYok/+YOELKVIIXSBJkoQtRzJ9EZNrE7cIqGf9UPAhPMGIdFK4fMlfos9il7Dd6Wcxqlg=
ilstream.info/	1970-01-25 07:39:25	Name: szm_log_id68 Value: K1AJQk8JEQkeSRgZGEocHBxPTxIfHhgZCVaL
ilstream.info/	1970-01-31 11:05:55	Name: muidn Value: l8ixV2Pwg0V1
.adskeeper.com/	1970-01-25 20:31:23	Name: muidn Value: l8iy7J5xL5V1
c.siteswithcontent.com/	1970-01-25 20:31:23	Name: muidn Value: l8iy7ZgaLAV1
servicer.adskeeper.com/	1970-01-19 21:19:16	Name: __mglb Value: b77c90ace61932b85ead847cc0fcb78b
ilstream.info/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%7D%2C%22C1178745%22%3A%7B%22page%22%3A1%2C%22time%22%3A1631955454376%7D%2C%22C1178743%22%3A%7B%22page%22%3A1%2C%22time%22%3A1631955454380%7D%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://web.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.adskeeper.com
c.mgid.com
c.siteswithcontent.com
cdn.siteswithcontent.com
cdnjs.cloudflare.com
cm.adskeeper.com
connect.facebook.net
fonts.gstatic.com
i.ytimg.com
ilstream.info
jsc.adskeeper.com
m.uttclimber.com
maxcdn.bootstrapcdn.com
r5---sn-4g5e6ns7.googlevideo.com
s-img.adskeeper.com
servicer.adskeeper.com
stackpath.bootstrapcdn.com
web.facebook.com
www.google.com
www.gstatic.com
www.youtube-nocookie.com
www.youtube.com
yt3.ggpht.com
104.16.18.94
104.18.10.207
104.18.11.207
104.18.16.65
104.19.134.78
104.21.46.67
104.21.69.41
142.250.181.225
142.250.181.238
142.250.181.246
142.250.184.234
142.250.185.100
142.250.186.99
142.250.74.195
173.194.182.74
185.156.202.210
31.13.92.10
31.13.92.14
64.58.116.134
00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8
05113649e84b6ff5771ebf9b554b2f8d606c5be8052bf1c6c4a22b49725bb992
058a7472842e1ca6c12d9b7de2b4635142fbbac7207d20dd0492726f6adb2a8b
1045f21eee60c3c0d34e2d24263b806fa7f0c0ebe90e9ac9280bfc9fe4e1d059
15f82c1390578d6d20727a3bb7191dc62d07b221005c34f191eddae4cfe0e21b
16de1d7645521d4b2909a9590e266c6a19dd4992b357f984d05b8e0683245bae
1d6e388ad48519846741274d10d2662309fb82c2adc6b1ea391f9bee3aaf8ed3
2a244cfcd7d67dd422fba41c17c4252a001190606e1efb773f1051a5043bc289
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e1a3eb086f19661c31348ffb3432d75984aaf2a0a3902b445cd3cab8d5ff8eb
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085
3ad01e3bb6314005136e71b9414ac0da20dc2db3a8713b09b2339374b9fb278d
3bc5826348d69567babd3982a7f4e222e0f351e04697f7db76db98c1eb799cdf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae
4c64b0de0962926c3545e374f17fe916a24fa3ab6dab9a6c758838b75641e568
4ca7b6283bd174a943d3fbf538df9d916e02d73646add68894d2f61b4623892d
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
56b03a276b2da8a5e427be32efc4e3f91143080c21ca7823b96e1e42cff01e41
5e492ce66701389be1427ccf0c669df569ea89a86db96f09319d656dad10d7e7
5e5c38899d5895fd96e9bf2a6cf3ca7ec3c5c5c170f0a28887f103d03374f918
62761d0cd40a9eeecb3d39dd4f289e55f1edf39e056b76431843fb640963ddcd
676ef4edd50a39df0808976793adc82efb41cfb7e36ed71347d1b1b1190fc704
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68efeceb8392be2f1278a76b4874deff83a26946a7a3920664515bc8d640b865
7099a2273add53eb39c829e4f35d6847aa949fc597badfdef4cf00602cc01f2c
7292eb9edd795d5a433f06c4aef2af9c336418460cedfa236e6a8352cf4c38bb
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c39fd92933f7cb0661d25530b6b0d5903add1a013f1e06280944d3650ef82c9
82902f5fe07b60c443b2b07f173220da1931c1e75d18034f80254a0bd7cb5ad4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8c6e3025718e00fcea78f2e1455c8e163ef79c10d329d4dfb1052bb15bc1f6b9
8f33bb4e2acd2db79c3e8288db0eb912f5bbd7b266be30129723f37766fb5ff6
9040a139631211e17470f010dbf75c22df174e015f73164cd7ccce019a132a1b
90f1f45d771dfef8c69431ba04b4769be131e5827d6e300209ed63a3ce16eb10
9380db06efa10536a95bba1e9f8b7df70339b871021cc3ef796945f5be9c3880
9733e858008006b7e46a95acfc298981e1a5d90fdd34a0ed4a6aa0f666626d5c
9ef4cba1cd828a53c7852ffbf7c6bfb2c9bb0f761e43c7e1b36247399831c916
a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739
a63c2e07501d472fb7b360f00b8eae5dc9908378b75f54a1169916801e09cf45
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa72f2b960b4d2d368349c238463a5dcc3e804f813b7fae82b94ae3706eec5cf
ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b219c775b483ef8b92a2310b53c5066f2ccc661bf8126194efc49fa2febbe40d
b8eb2bf2f39489b9b48af06dbc64ca88ca3c636abb94e23ae03393382cecd13d
c5136612bacf8f9163d8d08f77628940d92f721da35e182842d6bd8fe9bea84e
c535531235b9cb6a3d4e684904a348aa30319f985c3f2a2529c26a2eb4eec6fb
c62084ee895ec6c30bab9d6e03ce0c03db648b2b0112ba34c8c9102241c7b344
d290daa6e15ba87ab2163d78a8d1f73ab6e9dd6d9c3e6c165eec487b0beaae05
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de40074dd713e5f1b426cf8366fd75b17c4a760273c18700286c10eedb068855
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e03d66de0457bb93f80e7a9152f6a360e09d85511fa69c1a6b5a270789c09edd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e691825311d319d1006d0a8bc28127d3f2fb8d1fd24348a3fff0c9432afc4fc2
e82f2631c70f95ca2d3bf77c4bc297be6ef137c222bd83edd0bd9b4952cf5ecb
eb0c369f8b2315b43d6f5c753d8ac7b1c384a1487896321aad3ebac069516d5a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c
f4280d9998706a70f7fdd274c2d98aa0de09d1db42405fe0a503f002830231b5
f848cee8b7545f1f85e0cc3971853d2d66fe7125d5a3ef6174000a283b10cde3
fa0f0f56ef0b662ea960d16bb45137434feffbbbc2ed9fbe28351379546bc80d
fdae48ba51745b7da714401b6acf73fecd4158fb9b9db199254489773bc5413a
fe223f59e5627f875e9650f0a1f015d47097d7970809e21fae82dd00df561b87
fe4aa768a275ab1427a036acb14f473bc076b7ed611b4c593528d2eede9e9aaf

ilstream.info Open in urlscan Pro 104.21.46.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

100 %HTTPS

0 %IPv6

17 Domains

24 Subdomains

20 IPs

4 Countries

2352 kBTransfer

5237 kBSize

12 Cookies

8 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ilstream.info Open in urlscan Pro
104.21.46.67 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

100 %
HTTPS

0 %
IPv6

17
Domains

24
Subdomains

20
IPs

4
Countries

2352 kB
Transfer

5237 kB
Size

12
Cookies

80 HTTP transactions
2 data transactions