urlscan.io logo urlscan.io
SecurityTrails logo

imgviu.com Open in urlscan Pro
172.67.213.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://imgview.net/0ovl2x75bqwq/AmourAngels-0002.jpg.html
Effective URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Submission: On October 30 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 32 domains to perform 89 HTTP transactions. The main IP is 172.67.213.117, located in United States and belongs to CLOUDFLARENET, US. The main domain is imgviu.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 5th 2021. Valid for: a year.
This is the only time imgviu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 176.123.6.189 200019 (ALEXHOST)
6 172.67.213.117 13335 (CLOUDFLAR...)
2 13.225.84.222 16509 (AMAZON-02)
3 109.206.162.83 50245 (SERVEREL-AS)
2 13.225.87.52 16509 (AMAZON-02)
1 157.240.20.35 32934 (FACEBOOK)
2 142.250.185.77 15169 (GOOGLE)
1 185.59.220.17 60068 (CDN77 ^_^)
10 213.174.135.25 39572 (ADVANCEDH...)
1 172.67.218.221 13335 (CLOUDFLAR...)
4 213.174.135.24 39572 (ADVANCEDH...)
6 104.17.167.186 13335 (CLOUDFLAR...)
2 213.133.127.134 24940 (HETZNER-AS)
4 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
1 1 162.55.139.130 24940 (HETZNER-AS)
1 1 109.206.163.64 50245 (SERVEREL-AS)
3 104.21.34.6 13335 (CLOUDFLAR...)
1 143.204.215.103 16509 (AMAZON-02)
1 104.16.88.20 13335 (CLOUDFLAR...)
2 109.206.161.77 50245 (SERVEREL-AS)
1 208.95.113.2 53334 (TUT-AS)
2 142.250.186.36 15169 (GOOGLE)
16 142.250.184.206 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
1 2 142.250.186.98 15169 (GOOGLE)
1 142.250.184.230 15169 (GOOGLE)
1 142.250.185.193 15169 (GOOGLE)
2 142.250.185.131 15169 (GOOGLE)
8 173.194.150.233 15169 (GOOGLE)
89 30
1    176.123.6.189 (Chisinau, Moldova)

ASN200019 (ALEXHOST, MD)
PTR: runawaystonework.us
imgview.net
6    172.67.213.117 (United States)

ASN13335 (CLOUDFLARENET, US)
imgviu.com
2    13.225.84.222 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-222.fra2.r.cloudfront.net
d1ev866ubw90c6.cloudfront.net
3    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
dendranthe4edm7um.com
ilusors.com
2    13.225.87.52 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-52.fra2.r.cloudfront.net
virlyrelatione.xyz
1    157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
2    142.250.185.77 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f13.1e100.net
accounts.google.com
1    185.59.220.17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-10.cdn77.com
www.antiadblocksystems.com
10    213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
d28a863f16.a6dbb52634.com
js.cabnnr.com
tn.voyeurhit.com
tn.hclips.com
tn.tubepornclassic.com
12007250.pix-cdn.org
1    172.67.218.221 (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
4    213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpadmngr.com
tn.hdzog.com
tn.txxx.tube
6    104.17.167.186 (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
6.adsco.re
2    213.133.127.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213-133-127-134.clients.your-server.de
wpunativesh.com
4    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
yivxfcvgluhf.l4.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
yivxfcvgluhf.n4.adsco.re
1    185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
yivxfcvgluhf.s4.adsco.re
1    162.55.139.130 (United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.130.139.55.162.clients.your-server.de
rtbbnr.com
1    109.206.163.64 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.163.64.serverel.net
tb.baimgfroggd.site
3    104.21.34.6 (United States)

ASN13335 (CLOUDFLARENET, US)
stream.vast.wtf
1    143.204.215.103 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-103.fra53.r.cloudfront.net
pleastindustress.xyz
1    104.16.88.20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    109.206.161.77 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.77.serverel.net
vs.videonet.online
1    208.95.113.2 (United States)

ASN53334 (TUT-AS, US)
antiadblocksystems.com
2    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
16    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
www.youtube.com
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
static.doubleclick.net
1    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
yt3.ggpht.com
2    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
www.gstatic.com
8    173.194.150.233 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s03-in-f9.1e100.net
r3---sn-2gb7sn7s.googlevideo.com
Apex Domain
Subdomains		 Transfer
16 youtube.com
www.youtube.com
730 KB
13 adsco.re
c.adsco.re
6.adsco.re
4.adsco.re
adsco.re
yivxfcvgluhf.l4.adsco.re
yivxfcvgluhf.n4.adsco.re
yivxfcvgluhf.s4.adsco.re
71 KB
8 googlevideo.com
r3---sn-2gb7sn7s.googlevideo.com
630 KB
6 imgviu.com
imgviu.com
81 KB
4 google.com
accounts.google.com
www.google.com
14 KB
3 doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
3 vast.wtf
stream.vast.wtf
8 KB
3 a6dbb52634.com
d28a863f16.a6dbb52634.com
37 KB
2 videonet.online
vs.videonet.online
457 B
2 hclips.com
tn.hclips.com
35 KB
2 hdzog.com
tn.hdzog.com
49 KB
2 voyeurhit.com
tn.voyeurhit.com
21 KB
2 wpunativesh.com
wpunativesh.com
3 KB
2 antiadblocksystems.com
www.antiadblocksystems.com
antiadblocksystems.com
10 KB
2 virlyrelatione.xyz
virlyrelatione.xyz
2 KB
2 dendranthe4edm7um.com
dendranthe4edm7um.com
29 KB
2 cloudfront.net
d1ev866ubw90c6.cloudfront.net
53 KB
1 ggpht.com
yt3.ggpht.com
5 KB
1 pix-cdn.org
12007250.pix-cdn.org
21 KB
1 jsdelivr.net
cdn.jsdelivr.net
21 KB
1 pleastindustress.xyz
pleastindustress.xyz
366 B
1 txxx.tube
tn.txxx.tube
22 KB
1 tubepornclassic.com
tn.tubepornclassic.com
13 KB
1 baimgfroggd.site
tb.baimgfroggd.site
602 B
1 rtbbnr.com
rtbbnr.com
295 B
1 cabnnr.com
js.cabnnr.com
16 KB
1 ilusors.com
ilusors.com
190 B
1 wpadmngr.com
js.wpadmngr.com
239 B
1 freychang.fun
freychang.fun
708 B
1 facebook.com
www.facebook.com
1 imgview.net
imgview.net
136 B
89 32
Domain Requested by
16 www.youtube.com www.google.com
www.youtube.com
8 r3---sn-2gb7sn7s.googlevideo.com www.youtube.com
6 imgviu.com imgviu.com
3 stream.vast.wtf js.cabnnr.com
cdn.jsdelivr.net
3 6.adsco.re imgviu.com
c.adsco.re
3 c.adsco.re www.antiadblocksystems.com
c.adsco.re
3 d28a863f16.a6dbb52634.com imgviu.com
d28a863f16.a6dbb52634.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google.com stream.vast.wtf
www.youtube.com
2 vs.videonet.online stream.vast.wtf
2 tn.hclips.com imgviu.com
2 tn.hdzog.com imgviu.com
2 tn.voyeurhit.com imgviu.com
2 adsco.re c.adsco.re
2 4.adsco.re imgviu.com
c.adsco.re
2 wpunativesh.com d28a863f16.a6dbb52634.com
2 accounts.google.com imgviu.com
2 virlyrelatione.xyz d1ev866ubw90c6.cloudfront.net
2 dendranthe4edm7um.com imgviu.com
dendranthe4edm7um.com
2 d1ev866ubw90c6.cloudfront.net imgviu.com
virlyrelatione.xyz
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 antiadblocksystems.com www.antiadblocksystems.com
1 12007250.pix-cdn.org stream.vast.wtf
1 cdn.jsdelivr.net stream.vast.wtf
1 pleastindustress.xyz imgviu.com
1 tn.txxx.tube imgviu.com
1 tn.tubepornclassic.com imgviu.com
1 tb.baimgfroggd.site 1 redirects
1 rtbbnr.com 1 redirects
1 yivxfcvgluhf.s4.adsco.re c.adsco.re
1 yivxfcvgluhf.n4.adsco.re c.adsco.re
1 yivxfcvgluhf.l4.adsco.re c.adsco.re
1 js.cabnnr.com d28a863f16.a6dbb52634.com
1 ilusors.com dendranthe4edm7um.com
1 js.wpadmngr.com d28a863f16.a6dbb52634.com
1 freychang.fun d1ev866ubw90c6.cloudfront.net
1 www.antiadblocksystems.com imgviu.com
1 www.facebook.com imgviu.com
1 imgview.net 1 redirects
89 42

This site contains links to these domains. Also see Links.

Domain
adsco.re
videovoyeurhit.com
videohdzog.com
videohclips.com
videotubepornclassic.com
videotxxx.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-05 -
2022-10-04		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
dendranthe4edm7um.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
virlyrelatione.xyz
Amazon		 2021-10-19 -
2022-11-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-08 -
2021-11-06		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
1431218181.rsc.cdn77.org
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
d28a863f16.a6dbb52634.com
R3		 2021-09-29 -
2021-12-28		 3 months crt.sh
js.wpadmngr.com
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
ilusors.com
R3		 2021-09-18 -
2021-12-17		 3 months crt.sh
js.cabnnr.com
R3		 2021-10-29 -
2022-01-27		 3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2021-09-06 -
2022-09-28		 a year crt.sh
native.wpu.sh
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
*.l4.adsco.re
R3		 2021-09-19 -
2021-12-18		 3 months crt.sh
*.n4.adsco.re
R3		 2021-10-19 -
2022-01-17		 3 months crt.sh
*.s4.adsco.re
R3		 2021-10-19 -
2022-01-17		 3 months crt.sh
tn.voyeurhit.com
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
tn.hdzog.com
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
tn.hclips.com
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
tn.tubepornclassic.com
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
tn.txxx.tube
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
pleastindustress.xyz
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
vs.videonet.online
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
12007250.pix-cdn.org
R3		 2021-10-02 -
2021-12-31		 3 months crt.sh
antiadblocksystems.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-19 -
2022-07-22		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-10-19 -
2021-12-28		 2 months crt.sh

This page contains 6 frames:

Primary Page: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Frame ID: 442F7C1F0CD653EA64B6A34B3A759C9B
Requests: 43 HTTP requests in this frame

Frame: https://virlyrelatione.xyz/VUZYWnk0JDs3RjR7OnwMJyplf0sTY2ocHWQjLmJPYzM6LUBlJW50GjkpLT4fJyk2Llc7Iyx/SxMNDDEBBAkdEw0cPG0/HwEpNBQ4A3A9Egk6AgAMFh8vFgI1EXMgH0gYPxQiDnB0Gg46BCAbGCgwCDILFjcXMDEwPHZ9aDsNdWE1MgFzOjxKbDcVDA4yJWsySwECETIzZ3cXFCptfhUMOGQJMjVKHSw7LBoBdwAVOjYhCBwVOyAZKhUTKBIoHzgHCRQqNi8WHBpkFg82EBYFL2wYAg8ROUpgLwEYSC0CHzYQFgINNDA4HxUASmUJPAsJLAg2KhIQETxiHxFrHhM0PA8oEEhlIRIJLD4OABswMBEVChsdd24+KCU/AjMaYRIbYhA0ERJtI2Y+YAo/EDYTaBU8BRsPCxk8LAIYZzJ9aDsMACsrKRYLYQIuMX4bNxIbJBBvEA8HbSIdOAw0Hj4xfj4ZNw8MG2JcZwQXCEgiBRA2ExF0IGMcOxwWPA5zLCs1FyV7GzEJNBY2Lh8EAhw
Frame ID: DAA15417986F4CD1CA2529ABECB12C27
Requests: 2 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: DF80ACC4C1F9F15DB65DA7CDAF0EE1E9
Requests: 5 HTTP requests in this frame

Frame: https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Frame ID: A62F808A710A436CC3DB197634934776
Requests: 5 HTTP requests in this frame

Frame: https://stream.vast.wtf/files/youtube/vpaid.js
Frame ID: DD530B231B0C706577933864960A3022
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: 2159790C410D8E868DEF014F7F6AAA75
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

imgviu.com - Earn money by sharing images

Page URL History Show full URLs

  1. https://imgview.net/0ovl2x75bqwq/AmourAngels-0002.jpg.html HTTP 302
    https://imgviu.com/0ovl2x75bqwq/AmourAngels-0002.jpg.html Page URL
  2. https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php Page URL

Page Statistics

89
Requests

97 %
HTTPS

0 %
IPv6

32
Domains

42
Subdomains

30
IPs

6
Countries

1907 kB
Transfer

4525 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://imgview.net/0ovl2x75bqwq/AmourAngels-0002.jpg.html HTTP 302
    https://imgviu.com/0ovl2x75bqwq/AmourAngels-0002.jpg.html Page URL
  2. https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://imgview.net/0ovl2x75bqwq/AmourAngels-0002.jpg.html HTTP 302
  • https://imgviu.com/0ovl2x75bqwq/AmourAngels-0002.jpg.html
Request Chain 34
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTc5MzY0MTMyMCIsInNwb3RfaWQiOjk1NTB9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6Ijk1NTAiLCJwYWdlIjoiaHR0cHM6Ly9pbWd2aXUuY29tL0dxNnFEQWsybnpRY2VhYXpPRWZTSUFmeG1mN1RteHpRN1EucGhwIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjQyYTVmMjM1MDQwNmI1YjM0YWZlNDlmZjUxN2VjYjNiIn0sImV4dCI6eyJkdCI6MTYzNTYwNjQxMTMxMn19 HTTP 302
  • https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=42a5f2350406b5b34afe49ff517ecb3b&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4= HTTP 302
  • https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Request Chain 62
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
AmourAngels-0002.jpg.html
imgviu.com/0ovl2x75bqwq/
Redirect Chain
  • https://imgview.net/0ovl2x75bqwq/AmourAngels-0002.jpg.html
  • https://imgviu.com/0ovl2x75bqwq/AmourAngels-0002.jpg.html
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imgviu.com/0ovl2x75bqwq/AmourAngels-0002.jpg.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.213.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
cefadcb58831cb0fc7bd5988cd1ebeae5ca86c639a373849c6110502c5a6a2c3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 30 Oct 2021 15:06:49 GMT
content-type
text/html
vary
Accept-Encoding
x-powered-by
PHP/5.4.16
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self';
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anxLwtUVtE6fWTFOPj5t%2FoSqWaJSBPfzwm0GufPdnQvFS7pj9QFx4BVNc2PaGsJqctzGD3fKp9XXZ8gJlKiygd2tdbX6P2QoUl1zFRi%2BCmVdyM5p4tORiBCCE113"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a658cbbbd6359eb-IAD
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx
date
Sat, 30 Oct 2021 15:06:49 GMT
content-type
text/html
location
https://imgviu.com/0ovl2x75bqwq/AmourAngels-0002.jpg.html
strict-transport-security
max-age=2592000; preload;
Primary Request Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
imgviu.com/ 		111 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Requested by
Host: imgviu.com
URL: https://imgviu.com/0ovl2x75bqwq/AmourAngels-0002.jpg.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.213.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
4656c2475b6b7e622d26f0e806cd45e57dce6f106dfeda52b026eef7edde386c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/0ovl2x75bqwq/AmourAngels-0002.jpg.html

Response headers

date
Sat, 30 Oct 2021 15:06:50 GMT
content-type
text/html
vary
Accept-Encoding
x-powered-by
PHP/5.4.16
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self';
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YazyCnwKAPrWkqeTwACwliYsKP8GouRTvvZpCFC%2FcEVbH1Xa2fcTpmlX0G0TvsTtJe45q6mGP55gApn0Xqm7lrX2VuvEUrq%2Btqo3wBAkTn2KQWibrU1piQKFjDif"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a658cbf3b1d59eb-IAD
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
main2.css
imgviu.com/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imgviu.com/css/main2.css?13
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7cb2ee62a78575d473a08d19b0df8a0ec3790f8f281ec79b4b068424fa2a24
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3142
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 30 Oct 2021 14:14:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ik9dz52sb%2BLuqNOHeV7JKMMa9jRVD0%2Frc2dvcg6YZFqxcRr9G1OOPVdXNA1SmCWt6ALPyRIxrtAXhHjixBllhrKR7ngE8e338rf%2FyT1Mt3eFoaxOp%2B9iQcBTuJo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=7200
cf-ray
6a658cc2bc785b28-IAD
expires
Sat, 30 Oct 2021 16:14:28 GMT
jquery-1.10.2.min.js
imgviu.com/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgviu.com/js/jquery-1.10.2.min.js
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2299
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 30 Oct 2021 14:28:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tB2%2FgALxN7MXDr7Zjg1D0eCyNRJhRIWYK0%2Fl4i%2BTflq4pzRZ20qPU9EAxoI7c9G%2FVCWYTE9PlaawENKjmnl8uGL8qsrZM9ZIYz2lbLLk4vRqlsKt5NAmLEYd5ypS"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=7200
cf-ray
6a658cc2bc7a5b28-IAD
expires
Sat, 30 Oct 2021 16:28:30 GMT
xupload.js
imgviu.com/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgviu.com/js/xupload.js?
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24b117668baa1c446d21372e6fdc04d3a49387071cd31a267b948b35891cb9f7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6575
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 30 Oct 2021 13:17:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ao40lQxjMuZoV02kN8ubsOGLAuwx2yds4EMgOHp5wiHqE6fszMquwTyuHM8ZVX8gN%2BkU%2Bh5wHD6Q4%2B012P5nCwdKAavPLKluIC1JRsiy43tL8IbWBb804WBnAh8v"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=7200
cf-ray
6a658cc2bc805b28-IAD
expires
Sat, 30 Oct 2021 15:17:15 GMT
jquery.cookie.js
imgviu.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imgviu.com/js/jquery.cookie.js
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.213.117 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbe6727aa5a99c8f0b4e25e71829246ad3bcacdc84a13e6b5b12c8ea6fafc78
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 30 Oct 2021 14:28:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8ymg2c70pvQNHVcQ7qibMvfvpq3NSwaFEN3Tge82nQa742YqzWvlT3vQca59Jd2QKUmNUoQoZpv4Gydwh4Ftacoq4nB99DRa7SgmxvgkThiMGrjVLcfb7xa6V0n"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=7200
cf-ray
6a658cc2bc825b28-IAD
expires
Sat, 30 Oct 2021 16:28:30 GMT
/
d1ev866ubw90c6.cloudfront.net/ 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ev866ubw90c6.cloudfront.net/?buved=866857
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-222.fra2.r.cloudfront.net
Software
/
Resource Hash
922055bf5bc1f090f5f0e4274950311e95e011011ead048a9539b217d68bd47d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Oct 2021 12:28:50 GMT
content-encoding
gzip
age
9480
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
FRA2-C2
content-length
53141
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-cf-id
ziUqptohaRl5XbJmozhJvA7TtrCkkpm-vMzuqOmXbFEA1_JDHZMwsw==
34520408.js
dendranthe4edm7um.com/aas/r45d/vki/1823481/ 		68 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dendranthe4edm7um.com/aas/r45d/vki/1823481/34520408.js
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f0897ae616bf008ef346565adbd2cbe148b21c13f28a49b30cd4b6042b0e197c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:50 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 11:40:30 GMT
server
nginx
etag
W/"616eaeae-111e6"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
utx
virlyrelatione.xyz/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://virlyrelatione.xyz/utx?cb=xP2L3btFIlbw&top=imgviu.com&tid=866857
Requested by
Host: d1ev866ubw90c6.cloudfront.net
URL: https://d1ev866ubw90c6.cloudfront.net/?buved=866857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Oct 2021 15:06:51 GMT
via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://imgviu.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
xZ2LxwJhYpcKoA8T_IrW3k8KVyR6YyfAW9CNEeT6mNzfzcj4NwOb1Q==
EDYTaBU8BRsPCxk8LAIYZzJ9aDsMACsrKRYLYQIuMX4bNxIbJBBvEA8HbSIdOAw0Hj4xfj4ZNw8MG2JcZwQXCEgiBRA2ExF0IGMcOxwWPA5zLCs1FyV7GzEJNBY2Lh8EAhw
virlyrelatione.xyz/VUZYWnk0JDs3RjR7OnwMJyplf0sTY2ocHWQjLmJPYzM6LUBlJW50GjkpLT4fJyk2Llc7Iyx/SxMNDDEBBAkdEw0cPG0/HwEpNBQ4A3A9Egk6AgAMFh8vFgI1EXMgH0gYPxQiDnB0Gg46BCAbGCgwCDILFjcXMDEwPHZ9aDsNdWE1MgFzOj... Frame DAA1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://virlyrelatione.xyz/VUZYWnk0JDs3RjR7OnwMJyplf0sTY2ocHWQjLmJPYzM6LUBlJW50GjkpLT4fJyk2Llc7Iyx/SxMNDDEBBAkdEw0cPG0/HwEpNBQ4A3A9Egk6AgAMFh8vFgI1EXMgH0gYPxQiDnB0Gg46BCAbGCgwCDILFjcXMDEwPHZ9aDsNdWE1MgFzOjxKbDcVDA4yJWsySwECETIzZ3cXFCptfhUMOGQJMjVKHSw7LBoBdwAVOjYhCBwVOyAZKhUTKBIoHzgHCRQqNi8WHBpkFg82EBYFL2wYAg8ROUpgLwEYSC0CHzYQFgINNDA4HxUASmUJPAsJLAg2KhIQETxiHxFrHhM0PA8oEEhlIRIJLD4OABswMBEVChsdd24+KCU/AjMaYRIbYhA0ERJtI2Y+YAo/EDYTaBU8BRsPCxk8LAIYZzJ9aDsMACsrKRYLYQIuMX4bNxIbJBBvEA8HbSIdOAw0Hj4xfj4ZNw8MG2JcZwQXCEgiBRA2ExF0IGMcOxwWPA5zLCs1FyV7GzEJNBY2Lh8EAhw
Requested by
Host: d1ev866ubw90c6.cloudfront.net
URL: https://d1ev866ubw90c6.cloudfront.net/?buved=866857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-52.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
4bfe5f553f514bf362d7a69433b26207bfd1c6277f775b92efa8d49808712c09

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/

Response headers

content-type
text/html
content-length
1232
date
Sat, 30 Oct 2021 15:06:51 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
o0Cv2dqMiF-0y7V6lWR65paA4Tt2dfd2N7rXiOQaJVU4q4OCCTkI4w==
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.77 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.77 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
paper-full.min.js
www.antiadblocksystems.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.antiadblocksystems.com/paper-full.min.js
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-10.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e8809c3ee26a47d6c7aa7320e2963bee4d0f419c1c215ff1b5a254baec1981a7

Request headers

Referer
https://imgviu.com/
Origin
https://imgviu.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
br
x-77-cache
HIT
x-cache
HIT
x-age
105454
alt-svc
quic="185.59.220.16:443"; ma=2592000; v="44,43,39"
x-77-nzt
Abk73BCJpTjv7psBAA==
x-accel-expires
@1636105757
server
CDN77-Turbo
x-77-nzt-ray
cHCTSsxCQpw=
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
link
<https://antiadblocksystems.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires
Fri, 05 Nov 2021 09:49:17 GMT
7728eddcb9629869bcae425ace91785b.js
d28a863f16.a6dbb52634.com/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d28a863f16.a6dbb52634.com/7728eddcb9629869bcae425ace91785b.js
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
99efa94f95887196c5d36a4092fdbcfa58af90696ceca363d4b6f4bff6fa6e8e

Request headers

Referer
https://imgviu.com/
Origin
https://imgviu.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 13:42:02 GMT
server
nginx/1.18.0
etag
W/"616ecb2a-1014d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 30 Oct 2021 16:06:51 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
/
freychang.fun/ 		16 B
708 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b
Requested by
Host: d1ev866ubw90c6.cloudfront.net
URL: https://d1ev866ubw90c6.cloudfront.net/?buved=866857
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbdfdb8b1d8790d129fe77af828546bdfd6db1dc454ad60e791ba4920e5982d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://imgviu.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAyXFLnH2nNLbNiWfL3Wit55SISi08w%2F0XBjsH%2FFSabCo7eOPbtndMekej85IE4mZQRKxJ6JoMkS0VKjhznyGBXEsxVcLUfea1UOM7dd2ApLOrOuBM0SwUs0t9SVMeQ%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6a658cc78e0e5782-IAD
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1823481
dendranthe4edm7um.com/get/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dendranthe4edm7um.com/get/1823481?zoneid=1823481&jp=_clc7txdovmcwoz6ar961dm&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=0&sp=0
Requested by
Host: dendranthe4edm7um.com
URL: https://dendranthe4edm7um.com/aas/r45d/vki/1823481/34520408.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
54a63a7769085f8bf9fd9f962d5426dff7fcb2bb6a3dbc4e9138980a064f0b44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
3204
d28a863f16.a6dbb52634.com/8a194f43617103a6e9f26aca40f1b1fa/ 		2 KB
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d28a863f16.a6dbb52634.com/8a194f43617103a6e9f26aca40f1b1fa/3204
Requested by
Host: d28a863f16.a6dbb52634.com
URL: https://d28a863f16.a6dbb52634.com/7728eddcb9629869bcae425ace91785b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4240b4eb92ccb4e691c352ed5201c0bb3701513f4f34d7dd8549342eb01af39c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
gzip
server
nginx/1.18.0
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
expires
Sat, 30 Oct 2021 16:06:51 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/ 		0
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: d28a863f16.a6dbb52634.com
URL: https://d28a863f16.a6dbb52634.com/7728eddcb9629869bcae425ace91785b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 30 Oct 2021 16:06:51 GMT
cache-control
max-age=3600
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
KTkxQOEItIz5efTolNAV6eHpoDXVoJiNXLD5xE1MyLxw+TCQfCBQeNjQobQhkIi0+X39oKT5bf39qMVwgc3h2TDIhJ21ONS88MVA1Ojo3HjcvcT1XOCcgPFlnfAplFnJrfmAQNSciNFc1PWliCCw6aWIIc35iYB1xDGliCDUnImYMZ30OdQpyNnpkEWd8fD-FIMiI...
d1ev866ubw90c6.cloudfront.net/ Frame DAA1 		771 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ev866ubw90c6.cloudfront.net/KTkxQOEItIz5efTolNAV6eHpoDXVoJiNXLD5xE1MyLxw+TCQfCBQeNjQobQhkIi0+X39oKT5bf39qMVwgc3h2TDIhJ21ONS88MVA1Ojo3HjcvcT1XOCcgPFlnfAplFnJrfmAQNSciNFc1PWliCCw6aWIIc35iYB1xDGliCDUnImYMZ30OdQpyNnpkEWd8fD-FIMiIpJ10gJSUkHXAIeWMPbH16dQpyZic4TC8iaWJ7Z3x8PFEpK2liCCUrLztXa2t+YFsqPCM9XWd8CmkNbH5iZA5xdmJlDGd8fCNZJC8+OR1wCHljD2x9enZNfw
Requested by
Host: virlyrelatione.xyz
URL: https://virlyrelatione.xyz/VUZYWnk0JDs3RjR7OnwMJyplf0sTY2ocHWQjLmJPYzM6LUBlJW50GjkpLT4fJyk2Llc7Iyx/SxMNDDEBBAkdEw0cPG0/HwEpNBQ4A3A9Egk6AgAMFh8vFgI1EXMgH0gYPxQiDnB0Gg46BCAbGCgwCDILFjcXMDEwPHZ9aDsNdWE1MgFzOjxKbDcVDA4yJWsySwECETIzZ3cXFCptfhUMOGQJMjVKHSw7LBoBdwAVOjYhCBwVOyAZKhUTKBIoHzgHCRQqNi8WHBpkFg82EBYFL2wYAg8ROUpgLwEYSC0CHzYQFgINNDA4HxUASmUJPAsJLAg2KhIQETxiHxFrHhM0PA8oEEhlIRIJLD4OABswMBEVChsdd24+KCU/AjMaYRIbYhA0ERJtI2Y+YAo/EDYTaBU8BRsPCxk8LAIYZzJ9aDsMACsrKRYLYQIuMX4bNxIbJBBvEA8HbSIdOAw0Hj4xfj4ZNw8MG2JcZwQXCEgiBRA2ExF0IGMcOxwWPA5zLCs1FyV7GzEJNBY2Lh8EAhw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.222 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-222.fra2.r.cloudfront.net
Software
/
Resource Hash
00aaf377eef9e5d3ba23da3adfcbda7b868eed32c4694f0b572a3399799155cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://virlyrelatione.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
561
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-cf-id
1Eea6GJqSIkdpraNm7UHVbsg9ywkm6TXtjxkjsFAShRdbloHUxQ5yw==
/
ilusors.com/ssp/req/1823481/ 		7 B
190 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ilusors.com/ssp/req/1823481/?pb=9d2c27c1cfdba113c22c697995afa3751635613611&psp=obj_Ao2_5ZjIDTAsA1vILqfkKKY-lXzp5dYsl6Nr8aMO9tHgdCFPVr_xILNpcs3bfDiHDvQD37fA00pGh7tGC31LX8dkM3lTMp6EhDmhut5yu8BoenMlrp1UkO9m3y6M2YmU6tBVOcy8eW45ddbzYEklhu4uy89DdFNkAopvM4EafHQoMjmUwEpj5BX6_kXjrtaVKBWHz_ZCGvi4PmdLeNECbArVx5prHMaZbBVkCrf0nMaTdLCbf_gt3QchhC5g6OMA48wD0MQ8Lf2mFv9CZO8u5io6_-4nclIR-LC9wZLm3x6uZLnDGeLcL0Ka6D9B_KLevTs0N7PnhxtlRHSvygQ6qFIUGFwwrd-jXEhfwKqitcjgEbg9cfRdSyIyvGI3dBlkzZfBQ0wkHvGGqAK-njbKRPQwPnhQm2pz7z5sTYZClvlQYt3C7aZS422Ke884g1o_GsrG1RrS2-pJPGe6UX9R_Lm5O4rBLN2_ZKkkVwSsr-v1ci5rhQh8YRON8uF4NDnjnjx-wI_SRRuyBp8EFErNiAG1sWU5JymQuQR1cQXgjqYYNUAi1WiZfPDpoDLWZFwbY7_SM6X-Nz2Nt0W0L6qQYrPqvjiVSH2w8-BPJQIy4UE-B3dx1odeZQCPEioIvMmFZ93ELcvN5yRdcVrH0ud1oJ55MgW2gbVD1ZwfghltDmHSKkmwF37PjvVTD5sPZlpp3-Y76X2ZgB5ntzlYhxY=&cb=_clvbyr0v2qon0o5zepebei&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24
Requested by
Host: dendranthe4edm7um.com
URL: https://dendranthe4edm7um.com/aas/r45d/vki/1823481/34520408.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
server
nginx
timing-allow-origin
*
content-length
7
content-type
text/javascript
27b67dc0296b5e2bf9e9f39140ed56ad.js
d28a863f16.a6dbb52634.com/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d28a863f16.a6dbb52634.com/27b67dc0296b5e2bf9e9f39140ed56ad.js
Requested by
Host: d28a863f16.a6dbb52634.com
URL: https://d28a863f16.a6dbb52634.com/7728eddcb9629869bcae425ace91785b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d821e26847d8c47a1d3238dbdd2c1dfd5794b72c10c29365f34730eec688be9a

Request headers

Referer
https://imgviu.com/
Origin
https://imgviu.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 15:02:55 GMT
server
nginx/1.18.0
etag
W/"6164521f-78ea"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 30 Oct 2021 16:06:51 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
build.js
js.cabnnr.com/banner-admanager/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cabnnr.com/banner-admanager/build.js
Requested by
Host: d28a863f16.a6dbb52634.com
URL: https://d28a863f16.a6dbb52634.com/7728eddcb9629869bcae425ace91785b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cb69ebef736d09eb8e46d48b3ffb05ac7b1223085825f4159ce62a8d68770021

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 08:56:00 GMT
server
nginx/1.18.0
etag
W/"6167f0a0-adb5"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 30 Oct 2021 16:06:51 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
/
c.adsco.re/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: www.antiadblocksystems.com
URL: https://www.antiadblocksystems.com/paper-full.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.167.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
813970
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6a658cc6ec1a716f-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 15:06:51 GMT
multy
wpunativesh.com/in/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wpunativesh.com/in/multy?spot_size=4&spot_id=4746&subid=141093496&label=1&session_id=2701f94b-46d1-42e7-bbb5-a423644a2f69&cpa=c3b4d64e-0e3e-43c1-a0cf-62f1a68b6e4a&ver=5.1.1&adblock=0&ad_type=native&iw=241&ih=241
Requested by
Host: d28a863f16.a6dbb52634.com
URL: https://d28a863f16.a6dbb52634.com/27b67dc0296b5e2bf9e9f39140ed56ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.133.127.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213-133-127-134.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash
9322e45b0091c56d834f4c0face9068f6bccde08e51258fa07028018a9f82b88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 30 Oct 2021 15:05:57 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
server
nginx/1.16.0
content-length
1153
content-type
application/json; charset=utf-8
multy
wpunativesh.com/in/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wpunativesh.com/in/multy?spot_size=4&spot_id=4745&subid=1199097409&label=1&session_id=3797d009-ca75-4b12-98a5-a37dcf5acc24&cpa=57b94c96-b881-45b6-abca-2911e73cb9e5&ver=5.1.1&adblock=0&ad_type=native&iw=241&ih=241
Requested by
Host: d28a863f16.a6dbb52634.com
URL: https://d28a863f16.a6dbb52634.com/27b67dc0296b5e2bf9e9f39140ed56ad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.133.127.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213-133-127-134.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash
d8a9d0ec818fc49487e0d67201503fd4e0892afff0860555c701ecf20e30f7bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 30 Oct 2021 15:05:57 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
server
nginx/1.16.0
content-length
1601
content-type
application/json; charset=utf-8
/
6.adsco.re/ 		0
384 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.167.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imgviu.com/
Origin
https://imgviu.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://imgviu.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6a658cc74861874d-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
/
4.adsco.re/ 		0
458 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imgviu.com/
Origin
https://imgviu.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 30 Oct 2021 15:06:51 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://imgviu.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
p
adsco.re/ 		0
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imgviu.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 30 Oct 2021 15:06:51 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK lon223
Access-Control-Allow-Origin
https://imgviu.com
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/ 		48 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
64c447eb593f3991a5e1898ea297f4f4ca2433f94b9d1663a17953bd658cf5b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 30 Oct 2021 15:06:51 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://imgviu.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.167.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://imgviu.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6a658cc74860874d-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
/
yivxfcvgluhf.l4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yivxfcvgluhf.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imgviu.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 30 Oct 2021 15:06:51 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
yivxfcvgluhf.n4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yivxfcvgluhf.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imgviu.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 30 Oct 2021 15:06:51 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
yivxfcvgluhf.s4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yivxfcvgluhf.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imgviu.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 30 Oct 2021 15:06:52 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame DF80 		62 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.167.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-type
text/html
cache-control
public, max-age=2678400
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires
Tue, 30 Nov 2021 15:06:51 GMT
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
cf-cache-status
HIT
age
813970
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6a658cc75d7e21ab-DUS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
banner
stream.vast.wtf/youtube/ Frame A62F
Redirect Chain
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTc5MzY0MTMyMCI...
  • https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=42a5f2350406b5b34afe49ff517ecb3b&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4=
  • https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.34.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee28cb927860a7c631dee907cf755234c9e09d8fe8572c1545a635f7a8cd6c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-type
text/html; charset=utf-8
access-control-allow-credentials
true
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2QQ3a0ViGWsMWZc%2BD02Ru9p%2FmzLaT8%2F118rbD5Foxf%2BNhI9%2F0y%2BNPiC%2FeSMfYhp2427xmA6oJEC3nChj%2B57h5RRgOJZF%2FfrnaJ8YLFP%2F1mZtufe1brlso5IB%2BQmD%2BHLoZE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a658cc96c7f40b1-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx/1.17.2
date
Sat, 30 Oct 2021 15:06:51 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
pragma
no-cache
vary
*
cache-control
no-cache, no-store, must-revalidate
/
6.adsco.re/ Frame DF80 		0
363 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.167.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://c.adsco.re
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6a658cc89ee4716f-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
/
4.adsco.re/ Frame DF80 		0
0
/
c.adsco.re/ Frame DF80 		62 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.167.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
813970
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6a658cc89f0a21ab-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 15:06:51 GMT
/
6.adsco.re/ Frame DF80 		0
0
6.jpg
tn.voyeurhit.com/contents/videos_screenshots/31000/31491/240x180/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.voyeurhit.com/contents/videos_screenshots/31000/31491/240x180/6.jpg
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
18f0d3bf1b6a886e13f737544451d2e91a3338f0c1fee34203634eb5bdd26909

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
last-modified
Mon, 04 Aug 2014 14:55:12 GMT
server
nginx/1.18.0
etag
"53df9ed0-2d4f"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 15:06:51 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
11599
x-proxy-cache
HIT
1.jpg
tn.hdzog.com/contents/videos_screenshots/2144000/2144695/300x169/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.hdzog.com/contents/videos_screenshots/2144000/2144695/300x169/1.jpg
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7363052bdf84cb83f00981e3bc26c780a7894aea597624eb4f4c7a59f76c0649

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
last-modified
Fri, 01 Oct 2021 02:29:16 GMT
server
nginx/1.18.0
etag
"6156727c-6995"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 15:06:51 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
27029
x-proxy-cache
HIT
1.jpg
tn.hdzog.com/contents/videos_screenshots/2144000/2144583/300x169/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.hdzog.com/contents/videos_screenshots/2144000/2144583/300x169/1.jpg
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d22a320d49ef4f061b01a2b02534239ca91527537ca3f8ebd47f1735f142564e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
last-modified
Thu, 30 Sep 2021 19:34:23 GMT
server
nginx/1.18.0
etag
"6156113f-5a55"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 15:06:51 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
23125
x-proxy-cache
HIT
5.jpg
tn.hclips.com/contents/videos_screenshots/247000/247599/240x180/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.hclips.com/contents/videos_screenshots/247000/247599/240x180/5.jpg
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9566c3356ea3ae7172e0a612f9c78bc6cafb9a57f6d2ffdd3ffcdbf6e583c8fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
last-modified
Wed, 22 Apr 2015 18:41:31 GMT
server
nginx/1.18.0
etag
"5537eb5b-4750"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 15:06:51 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
18256
x-proxy-cache
HIT
12.jpg
tn.tubepornclassic.com/contents/videos_screenshots/147000/147113/240x180/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.tubepornclassic.com/contents/videos_screenshots/147000/147113/240x180/12.jpg
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
827fc465991de7b6b3bca6e680baf85ffec8ec10eee53b96a32284614e210f1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
last-modified
Tue, 27 Sep 2016 09:15:58 GMT
server
nginx/1.16.1
etag
"57ea38ce-32b0"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 15:06:51 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
12976
x-proxy-cache
HIT
1.jpg
tn.hclips.com/contents/videos_screenshots/7896000/7896269/240x180/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.hclips.com/contents/videos_screenshots/7896000/7896269/240x180/1.jpg
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
59160a1106ddd6b4894b48724b99ec4fa45fac9b67c3558111ac49a67d42d82b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
last-modified
Sat, 14 Aug 2021 04:51:10 GMT
server
nginx/1.18.0
etag
"61174bbe-4121"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 15:06:51 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
16673
x-proxy-cache
HIT
3.jpg
tn.txxx.tube/contents/videos_screenshots/5715000/5715847/288x162/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.txxx.tube/contents/videos_screenshots/5715000/5715847/288x162/3.jpg
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9f6bba3004dd1b4962e09e7a1253a7a14ca6b5095bef59627d8d8e7da31b0d5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
last-modified
Thu, 07 Mar 2019 08:55:40 GMT
server
nginx/1.18.0
etag
"5c80dc8c-577f"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 15:06:51 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
22399
x-proxy-cache
HIT
8.jpg
tn.voyeurhit.com/contents/videos_screenshots/31000/31489/240x180/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.voyeurhit.com/contents/videos_screenshots/31000/31489/240x180/8.jpg
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
68a6719f190e999bf1118b7618a53b1ddf63799321dab7848f9cfd2baf85edb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
last-modified
Mon, 04 Aug 2014 14:53:02 GMT
server
nginx/1.18.0
etag
"53df9e4e-2383"
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 28 Jan 2022 15:06:51 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
9091
x-proxy-cache
HIT
popunder.gif
pleastindustress.xyz/ 		35 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pleastindustress.xyz/popunder.gif
Requested by
Host: imgviu.com
URL: https://imgviu.com/Gq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-103.fra53.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
H_LhKZQAWaqF0FVaESTIsjioyYTdSiz7rgoebangHVveNsP4hCcg2g==
vast-player.min.js
cdn.jsdelivr.net/npm/vast-player@latest/dist/ Frame A62F 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vast-player@latest/dist/vast-player.min.js
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c97607147b09e31e70026e23eb61dc4917b5655e4b03ee103cb50d62f6616a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
22768
x-jsd-version
0.2.10
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19158-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"101a3-kqflBbwdvbQ4APoFNu3h5vzUaKQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a658cc9da407174-DUS
/
vs.videonet.online/sts/ Frame A62F 		2 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vs.videonet.online/sts/?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&type=impression
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.206.161.77 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.161.77.serverel.net
Software
nginx/1.20.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 30 Oct 2021 15:06:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
2
content-type
application/json
vast
stream.vast.wtf/youtube/ Frame A62F 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.vast.wtf/youtube/vast?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/vast-player@latest/dist/vast-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.34.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
233a46b4aea360246d52cf8d1010220ba69991541e80a6f45b5c990019bc9bbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a658ccacd4f40e1-CDG
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVUOWAzGKzloCVkjTmh6EcI94rhU9iFzdYV%2BIecVPBPOCJYvvPMaXZ0MsjzjZGQNytYmQ9j%2Byfmt5Ur%2BokXu%2BZtH0z7siDnQips%2FMp9DSPco7m7IvSeKra1%2B42Gc6RGaLoM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/xml
access-control-allow-origin
*
access-control-allow-credentials
true
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tbz.jpg
12007250.pix-cdn.org/native/tmp/ Frame A62F 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12007250.pix-cdn.org/native/tmp/tbz.jpg
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0a500f83955139786d6ad6b9c95cbe603dceb315cf5c87005cfcf3fe2b199c2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2427970
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20782
last-modified
Thu, 30 Sep 2021 13:59:58 GMT
server
nginx/1.18.0
etag
"6155c2de-512e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSD2UV6yMHx512wNGqmLHJ6E1Zn5smuVtEW%2F4AjOA1qkZpFuNMEIXjv%2BYBOQuqzl2xs19MdRCNCEQW3UDrukRg%2FhqoKb8197MpPkgj7tCO3X4ICX9kBFph4lliqH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6a58abd259646d91-MUC
x-proxy-cache
HIT
expires
Sat, 30 Oct 2021 16:06:51 GMT
p
adsco.re/ 		168 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
ad0096bf81f8bac1f7cf6b9f672fcb756748d30c27e807e6deb9d2cf81a84d89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

AS-P-G
OK
Date
Sat, 30 Oct 2021 15:06:51 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK lon223
Access-Control-Allow-Origin
https://imgviu.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
vpaid.js
stream.vast.wtf/files/youtube/ Frame DD53 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stream.vast.wtf/files/youtube/vpaid.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/vast-player@latest/dist/vast-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.34.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6004cbbdfd65a4a6059250ea0595c41799d38cc264a567f22db8e90e87915b26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:52 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
630
cf-polished
origSize=24046
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 14:31:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAzNfsSYeAHk5UDtER5IT8soDVUBRQYUoD2ZS1MFwLshpen4%2B4cEzizaePhos2kFdj%2BURrMGltPucna8%2BTRdrjpRRj6ranjubZNmkQMGM3ToytrHuq5xc6Z4pKgHgVX1dIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6a658ccb2e1340e1-CDG
cf-bgj
minify
w.htm
antiadblocksystems.com/ 		44 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://antiadblocksystems.com/w.htm?_=BAYAYX1fiwFhfV-LgAGBAsAAIFusDmdTZ0-B0TiwpIeCDSzZIRkzaTdctLRZ0LX5QwA1wQBIMEYCIQCyXWmnTfwQT0sySq0bolMgOmOOsqYYhEhMk4BfTI1jggIhAMGMhUweRmaSC_XnbpVBTCQQFAdsokJXooYJ51kq7Wj4&v=4&BxeYyGUr=4360223&minBid=&enVqbAmi=0,0&GfwXsQYk=&eIUHDXha=https%3A%2F%2Fimgviu.com%2F0ovl2x75bqwq%2FAmourAngels-0002.jpg.html&s=1600,1200,1,1600,1200,0
Requested by
Host: www.antiadblocksystems.com
URL: https://www.antiadblocksystems.com/paper-full.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.95.113.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imgviu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 30 Oct 2021 15:06:52 GMT
popads-ec
ASB
asf
9
content-length
44
content-type
text/javascript;charset=UTF-8
url
www.google.com/ Frame 2159 		603 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/i1AO_zduB5Y%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/files/youtube/vpaid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
gws /
Resource Hash
1bf500eecb48605f0404447f417aeab13b18027d92a930d0ef2f96b225f161c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/

Response headers

location
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
cache-control
private
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
bfcache-opt-in
unload
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
date
Sat, 30 Oct 2021 15:06:52 GMT
server
gws
content-length
603
x-xss-protection
0
expires
Sat, 30 Oct 2021 15:06:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i1AO_zduB5Y
www.youtube.com/embed/ Frame 2159 		58 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/i1AO_zduB5Y%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
abb0f151d2e2ad1541fa3caba64b9563a9a17521ac337f32e295e0f6f97af0bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 30 Oct 2021 15:06:52 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/9216d1f7/ Frame 2159 		334 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
4031dea4a8a48b0efd5836f07da70d2f72a3fcd76d50f2d411b3ccec4e980b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 08:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
23685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46958
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 30 Oct 2022 08:32:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2159 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 04:18:33 GMT
x-content-type-options
nosniff
age
125299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 29 Oct 2022 04:18:33 GMT
www-embed-player.js
www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/ Frame 2159 		208 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
831b502b7f9c15c2cd3ee726d68d5e1b0a7637b2fd1c01f190af2cf43c56d902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
253098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69750
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:34 GMT
base.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 2159 		2 MB
513 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
4c797355fdbc5008cb1c2db5648cd47acc0c8f6f92dfac3e6a8e903667761c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:50:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
253005
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
525254
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:50:07 GMT
fetch-polyfill.js
www.youtube.com/s/player/9216d1f7/fetch-polyfill.vflset/ Frame 2159 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 10:27:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
16785
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 30 Oct 2022 10:27:07 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 2159
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
469e5a423e739b32dc2273229718cd6b4d07069d6e85a5c9c521befc88c33401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Oct 2021 15:06:52 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2159 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 14:58:00 GMT
x-content-type-options
nosniff
age
532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Oct 2021 15:13:00 GMT
LJlvQt2qhcyMJ1jQNfnZysjqHy-Gk7r0wWR5pkYPS98.js
www.google.com/js/th/ Frame 2159 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/LJlvQt2qhcyMJ1jQNfnZysjqHy-Gk7r0wWR5pkYPS98.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
2c996f42ddaa85cc8c2758d035f9d9cac8ea1f2f8693baf4c16479a6460f4bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 19:24:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
70965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13289
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 29 Oct 2022 19:24:08 GMT
embed.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 2159 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
38fd2fa1c9bb4724854dc55617ab234182eeca455e3b72fdc9f1e6ddca9ffd1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
252921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7348
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:51:32 GMT
player
www.youtube.com/youtubei/v1/ Frame 2159 		45 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
5e1fd1e4b65ed8750a83aaf1e6ade6301f9b7694a1284f4f6bc1fc9afbcdcbe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20211026.01.00
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-Goog-Visitor-Id
CgtPelpNRjlUcW5YMCiMv_WLBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 30 Oct 2021 15:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17720
x-xss-protection
0
expires
Sat, 30 Oct 2021 15:06:53 GMT
truncated
/ Frame 2159 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
mODD9cm8_vOKMOqSpYfNY0V4pHd0I1fy9KIweKXdZaCBpVBJ4FBLbTO3vJ_GLJP8NyXzQPZveg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 2159 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/mODD9cm8_vOKMOqSpYfNY0V4pHd0I1fy9KIweKXdZaCBpVBJ4FBLbTO3vJ_GLJP8NyXzQPZveg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
fife /
Resource Hash
f4204bd2f6323770b66668c5537da6a338ad7170bc55b8109e7313ddf2f298ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:04:12 GMT
x-content-type-options
nosniff
age
161
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4669
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 31 Oct 2021 15:04:12 GMT
truncated
/ Frame 2159 		181 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
generate_204
www.youtube.com/ Frame 2159 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?ul6clw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
qoe
www.youtube.com/api/stats/ Frame 2159 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=140&cpn=hNWI5zSNwDppwf3P&ei=jV99Yba6AZ6ix_AP38Sd2A0&el=embedded&docid=i1AO_zduB5Y&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24064555%2C24080738%2C24082662%2C24101841%2C24116772&cl=405751832&live=live&seq=1&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211026.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.011:B,0.169:S,0.176:S,0.176:S&cmt=0.011:0.000,0.169:0.000,0.176:0.000&afs=0.176:140::i&vfs=0.176:243:243::r&view=0.176:1:1&bwe=0.176:130000&bat=0.176:1:1&vis=0.176:0&bh=0.176:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 30 Oct 2021 15:06:53 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
remote.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 2159 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
ffb35efd480af56d9f533db9624e16256a9ffe66621e6d34fb8689510d70381a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:50:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
253006
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29616
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:50:07 GMT
endscreen.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 2159 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
62aa72673edf214afa30a41de2055d1973084395fbd809fc84490140ac286cb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:50:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
253006
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7227
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:50:07 GMT
heartbeat.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 2159 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/heartbeat.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
7e1030b6b9919efdf0a19b5a3cb9a307b426366addcd6bbf77a4bcf7b88f1d85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 17:47:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
249561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9137
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 17:47:32 GMT
next
www.youtube.com/youtubei/v1/ Frame 2159 		64 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
48703b0f20256ef0638d8ba3c7868324b31172b6c75bf89a6a0f12883d93f8f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20211026.01.00
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-Goog-Visitor-Id
CgtPelpNRjlUcW5YMCiMv_WLBg%3D%3D
Content-Type
application/json

Response headers

date
Sat, 30 Oct 2021 15:06:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5572
x-xss-protection
0
expires
Sat, 30 Oct 2021 15:06:53 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2159 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 15:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Oct 2021 15:06:53 GMT
videoplayback
r3---sn-2gb7sn7s.googlevideo.com/ Frame 2159 		97 KB
99 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-2gb7sn7s.googlevideo.com/videoplayback?expire=1635628013&ei=jV99Yba6AZ6ix_AP38Sd2A0&ip=216.131.111.132&id=i1AO_zduB5Y.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=CM&mm=44%2C26&mn=sn-2gb7sn7s%2Csn-4g5lznez&ms=lva%2Conr&mv=m&mvi=3&pl=24&initcwndbps=116250&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=id6OhXRA7Ez3NaySfQbQKWkG&gir=yes&mt=1635606272&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=HpTCheRng6oZ1w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhAP64RsE6crWway3WE1OZEJdJ7IJRe6MqNOPRhBfH_EZ6AiEA-OQmoGrVi001NVGku-2qIKkkXsz-YwZ8TCBqAvVNAwE%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgaJMfH1FSVC8yMWRuPDpPLZiXU6raLMG0JqXApLS7rboCIQDQWHFOXZfIHyWXXMMZ1c__OglLS6-lNj8WGK7NaPBDJA%3D%3D&alr=yes&cpn=hNWI5zSNwDppwf3P&cver=1.20211026.01.00&headm=4&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.194.150.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s03-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
d6d982c2c6d09f20e8b6d6a47cf400cc7437c372997f771659477edcdeb4c2b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-Sequence-Num
85
Date
Sat, 30 Oct 2021 15:06:53 GMT
X-Content-Type-Options
nosniff
X-Segment-Lmt
1635605966371438
X-Bandwidth-Est
1460096
X-Bandwidth-App-Limited
false
Cross-Origin-Resource-Policy
cross-origin
X-Bandwidth-Est2
492128
Connection
keep-alive
X-Walltime-Ms
1635606413341
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
99739
X-Bandwidth-Est3
949852
Pragma
no-cache
X-Bandwidth-Est-Comp
492128
Last-Modified
Sat, 30 Oct 2021 14:59:26 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
https://www.youtube.com
X-Head-Time-Sec
445
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Head-Seqnum
89
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Head-Time-Millis
445000
X-Bandwidth-Est-App-Limited
false
Expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r3---sn-2gb7sn7s.googlevideo.com/ Frame 2159 		81 KB
83 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-2gb7sn7s.googlevideo.com/videoplayback?expire=1635628013&ei=jV99Yba6AZ6ix_AP38Sd2A0&ip=216.131.111.132&id=i1AO_zduB5Y.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=CM&mm=44%2C26&mn=sn-2gb7sn7s%2Csn-4g5lznez&ms=lva%2Conr&mv=m&mvi=3&pl=24&initcwndbps=116250&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=id6OhXRA7Ez3NaySfQbQKWkG&gir=yes&mt=1635606272&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=HpTCheRng6oZ1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAJ24gbHonraLw1KN4DkrCvaGL89NXQIugkVCnengBIJ5AiB82k4rh3IP3iBlibujKAhbmyefdy2uK4yFwjCFYCUY3Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgaJMfH1FSVC8yMWRuPDpPLZiXU6raLMG0JqXApLS7rboCIQDQWHFOXZfIHyWXXMMZ1c__OglLS6-lNj8WGK7NaPBDJA%3D%3D&alr=yes&cpn=hNWI5zSNwDppwf3P&cver=1.20211026.01.00&headm=4&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.194.150.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s03-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
2ee35b9fbbdc11fdcd5f99c7af83429a674d22757d2342f3c82dd507f031c5dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-Sequence-Num
85
Date
Sat, 30 Oct 2021 15:06:53 GMT
X-Content-Type-Options
nosniff
X-Segment-Lmt
1635605966371434
X-Bandwidth-Est
1227212
X-Bandwidth-App-Limited
false
Cross-Origin-Resource-Policy
cross-origin
X-Bandwidth-Est2
400746
Connection
keep-alive
X-Walltime-Ms
1635606413341
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
83361
X-Bandwidth-Est3
743985
Pragma
no-cache
X-Bandwidth-Est-Comp
400746
Last-Modified
Sat, 30 Oct 2021 14:59:26 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/mp4
Access-Control-Allow-Origin
https://www.youtube.com
X-Head-Time-Sec
445
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Head-Seqnum
89
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Head-Time-Millis
445000
X-Bandwidth-Est-App-Limited
false
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/eureka/clank/95/ Frame 2159 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/95/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 11:48:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15249
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 23:31:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Sun, 31 Oct 2021 11:48:52 GMT
videoplayback
r3---sn-2gb7sn7s.googlevideo.com/ Frame 2159 		81 KB
81 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-2gb7sn7s.googlevideo.com/videoplayback?expire=1635628013&ei=jV99Yba6AZ6ix_AP38Sd2A0&ip=216.131.111.132&id=i1AO_zduB5Y.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=CM&mm=44%2C26&mn=sn-2gb7sn7s%2Csn-4g5lznez&ms=lva%2Conr&mv=m&mvi=3&pl=24&initcwndbps=116250&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=id6OhXRA7Ez3NaySfQbQKWkG&gir=yes&mt=1635606272&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=HpTCheRng6oZ1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAJ24gbHonraLw1KN4DkrCvaGL89NXQIugkVCnengBIJ5AiB82k4rh3IP3iBlibujKAhbmyefdy2uK4yFwjCFYCUY3Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgaJMfH1FSVC8yMWRuPDpPLZiXU6raLMG0JqXApLS7rboCIQDQWHFOXZfIHyWXXMMZ1c__OglLS6-lNj8WGK7NaPBDJA%3D%3D&alr=yes&cpn=hNWI5zSNwDppwf3P&cver=1.20211026.01.00&sq=86&rn=3&rbuf=4910
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.150.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s03-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
9521baeb4d141fc44ed5f0a7288878010fc627ebc6a8ec6092b777a07e6c2036
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-sequence-num
86
date
Sat, 30 Oct 2021 15:06:53 GMT
x-content-type-options
nosniff
x-segment-lmt
1635605966371448
x-bandwidth-app-limited
false
cross-origin-resource-policy
cross-origin
x-bandwidth-est2
330940
x-walltime-ms
1635606413428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82714
x-bandwidth-est3
743985
x-bandwidth-est-comp
330940
client-protocol
quic
last-modified
Sat, 30 Oct 2021 14:59:26 GMT
server
gvs 1.0
vary
Origin
content-type
audio/mp4
access-control-allow-origin
https://www.youtube.com
x-head-time-sec
445
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
x-head-seqnum
89
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-head-time-millis
445000
x-bandwidth-est-app-limited
false
expires
Sat, 30 Oct 2021 15:06:53 GMT
videoplayback
r3---sn-2gb7sn7s.googlevideo.com/ Frame 2159 		55 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-2gb7sn7s.googlevideo.com/videoplayback?expire=1635628013&ei=jV99Yba6AZ6ix_AP38Sd2A0&ip=216.131.111.132&id=i1AO_zduB5Y.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=CM&mm=44%2C26&mn=sn-2gb7sn7s%2Csn-4g5lznez&ms=lva%2Conr&mv=m&mvi=3&pl=24&initcwndbps=116250&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=id6OhXRA7Ez3NaySfQbQKWkG&gir=yes&mt=1635606272&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=HpTCheRng6oZ1w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhAP64RsE6crWway3WE1OZEJdJ7IJRe6MqNOPRhBfH_EZ6AiEA-OQmoGrVi001NVGku-2qIKkkXsz-YwZ8TCBqAvVNAwE%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgaJMfH1FSVC8yMWRuPDpPLZiXU6raLMG0JqXApLS7rboCIQDQWHFOXZfIHyWXXMMZ1c__OglLS6-lNj8WGK7NaPBDJA%3D%3D&alr=yes&cpn=hNWI5zSNwDppwf3P&cver=1.20211026.01.00&sq=86&rn=4&rbuf=4900
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.150.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s03-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
6f5156258b56f2ed3f14de7ed0c238260171cd87cb72d4e64cbb97981ab4823a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-sequence-num
86
date
Sat, 30 Oct 2021 15:06:53 GMT
x-content-type-options
nosniff
x-segment-lmt
1635605966371452
x-bandwidth-app-limited
false
cross-origin-resource-policy
cross-origin
x-bandwidth-est2
330940
x-walltime-ms
1635606413428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56439
x-bandwidth-est3
925591
x-bandwidth-est-comp
330940
client-protocol
quic
last-modified
Sat, 30 Oct 2021 14:59:26 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
x-head-time-sec
445
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
x-head-seqnum
89
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-head-time-millis
445000
x-bandwidth-est-app-limited
false
expires
Sat, 30 Oct 2021 15:06:53 GMT
playback
www.youtube.com/api/stats/ Frame 2159 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=hNWI5zSNwDppwf3P&docid=i1AO_zduB5Y&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&cmt=425.1&ei=jV99Yba6AZ6ix_AP38Sd2A0&fmt=243&fs=0&rt=0.486&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.google.com%2F&lact=520&live=live&cl=405751832&mos=1&vm=CAEQABgEOjJBS1JhaHdDSWoyd3NZaC1pczU0Wm1YekdXMEZnR1pyNzZ0aS16M1ZkdGRqUlpERmdkQWJLQVBta0tES0V0eGhJSG5qaVBCVHliV1M0NEJ4YjNUU1R6bU5CVE5aTF91bTRLS0I0MzlHN1JCMDdQOE5XVVpQVmRYTlB2a0tQUWY0&volume=100&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211026.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=5&hl=de_DE&cr=DE&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24064555%2C24080738%2C24082662%2C24101841%2C24116772&rtn=5&afmt=140&lio=1635605960.668&size=1%3A1&inview=0&muted=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Oct 2021 15:06:53 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame 2159 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=i1AO_zduB5Y&cpn=hNWI5zSNwDppwf3P&ei=jV99Yba6AZ6ix_AP38Sd2A0&ptk=youtube_none&pltype=contentugclive
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Oct 2021 15:06:53 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r3---sn-2gb7sn7s.googlevideo.com/ Frame 2159 		89 KB
89 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-2gb7sn7s.googlevideo.com/videoplayback?expire=1635628013&ei=jV99Yba6AZ6ix_AP38Sd2A0&ip=216.131.111.132&id=i1AO_zduB5Y.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=CM&mm=44%2C26&mn=sn-2gb7sn7s%2Csn-4g5lznez&ms=lva%2Conr&mv=m&mvi=3&pl=24&initcwndbps=116250&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=id6OhXRA7Ez3NaySfQbQKWkG&gir=yes&mt=1635606272&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=HpTCheRng6oZ1w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhAP64RsE6crWway3WE1OZEJdJ7IJRe6MqNOPRhBfH_EZ6AiEA-OQmoGrVi001NVGku-2qIKkkXsz-YwZ8TCBqAvVNAwE%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgaJMfH1FSVC8yMWRuPDpPLZiXU6raLMG0JqXApLS7rboCIQDQWHFOXZfIHyWXXMMZ1c__OglLS6-lNj8WGK7NaPBDJA%3D%3D&alr=yes&cpn=hNWI5zSNwDppwf3P&cver=1.20211026.01.00&sq=87&rn=5&rbuf=9900
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.150.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s03-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
a91a379752ff4e018476599227b259c2eedbb07e9d4dca0a99d43b11fea385ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-sequence-num
87
date
Sat, 30 Oct 2021 15:06:53 GMT
x-content-type-options
nosniff
x-segment-lmt
1635605966371466
x-bandwidth-app-limited
false
cross-origin-resource-policy
cross-origin
x-bandwidth-est2
4347584
x-walltime-ms
1635606413485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91200
x-bandwidth-est3
925591
x-bandwidth-est-comp
4347584
client-protocol
quic
last-modified
Sat, 30 Oct 2021 14:59:26 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
x-head-time-sec
445
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
x-head-seqnum
89
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-head-time-millis
445000
x-bandwidth-est-app-limited
false
expires
Sat, 30 Oct 2021 15:06:53 GMT
videoplayback
r3---sn-2gb7sn7s.googlevideo.com/ Frame 2159 		81 KB
81 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-2gb7sn7s.googlevideo.com/videoplayback?expire=1635628013&ei=jV99Yba6AZ6ix_AP38Sd2A0&ip=216.131.111.132&id=i1AO_zduB5Y.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=CM&mm=44%2C26&mn=sn-2gb7sn7s%2Csn-4g5lznez&ms=lva%2Conr&mv=m&mvi=3&pl=24&initcwndbps=116250&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=id6OhXRA7Ez3NaySfQbQKWkG&gir=yes&mt=1635606272&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=HpTCheRng6oZ1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAJ24gbHonraLw1KN4DkrCvaGL89NXQIugkVCnengBIJ5AiB82k4rh3IP3iBlibujKAhbmyefdy2uK4yFwjCFYCUY3Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgaJMfH1FSVC8yMWRuPDpPLZiXU6raLMG0JqXApLS7rboCIQDQWHFOXZfIHyWXXMMZ1c__OglLS6-lNj8WGK7NaPBDJA%3D%3D&alr=yes&cpn=hNWI5zSNwDppwf3P&cver=1.20211026.01.00&sq=87&rn=6&rbuf=9903
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.150.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s03-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
dfb131f3b85a1ad6ac9ce0e50627d69c9f38703d8b81def02af5d565202efc0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-sequence-num
87
date
Sat, 30 Oct 2021 15:06:53 GMT
x-content-type-options
nosniff
x-segment-lmt
1635605966371462
x-bandwidth-app-limited
false
cross-origin-resource-policy
cross-origin
x-bandwidth-est2
4347584
x-walltime-ms
1635606413512
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83178
x-bandwidth-est3
743985
x-bandwidth-est-comp
4347584
client-protocol
quic
last-modified
Sat, 30 Oct 2021 14:59:26 GMT
server
gvs 1.0
vary
Origin
content-type
audio/mp4
access-control-allow-origin
https://www.youtube.com
x-head-time-sec
445
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
x-head-seqnum
89
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-head-time-millis
445000
x-bandwidth-est-app-limited
false
expires
Sat, 30 Oct 2021 15:06:53 GMT
/
vs.videonet.online/sts/ Frame DD53 		2 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vs.videonet.online/sts/?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&type=view
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/files/youtube/vpaid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.206.161.77 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.161.77.serverel.net
Software
nginx/1.20.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 30 Oct 2021 15:06:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
2
content-type
application/json
log_event
www.youtube.com/youtubei/v1/ Frame 2159 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/i1AO_zduB5Y?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-YouTube-Client-Version
1.20211026.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtPelpNRjlUcW5YMCiMv_WLBg%3D%3D
X-YouTube-Ad-Signals
dt=1635606412512&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1%2C1&vis=1&wgl=true&ca_type=image&bid=ANyPxKrc1MTLbPLBv9O_b1oHCHnTRJbo5s2Yq6vAC5d5KZniQlevjRxCNctI4CyK5JQXWO1DsCbOThbogK-IPNmXWwovMTaS-Q

Response headers

date
Sat, 30 Oct 2021 15:06:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 30 Oct 2021 15:06:55 GMT
videoplayback
r3---sn-2gb7sn7s.googlevideo.com/ Frame 2159 		60 KB
60 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-2gb7sn7s.googlevideo.com/videoplayback?expire=1635628013&ei=jV99Yba6AZ6ix_AP38Sd2A0&ip=216.131.111.132&id=i1AO_zduB5Y.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=CM&mm=44%2C26&mn=sn-2gb7sn7s%2Csn-4g5lznez&ms=lva%2Conr&mv=m&mvi=3&pl=24&initcwndbps=116250&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=id6OhXRA7Ez3NaySfQbQKWkG&gir=yes&mt=1635606272&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=HpTCheRng6oZ1w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRgIhAP64RsE6crWway3WE1OZEJdJ7IJRe6MqNOPRhBfH_EZ6AiEA-OQmoGrVi001NVGku-2qIKkkXsz-YwZ8TCBqAvVNAwE%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgaJMfH1FSVC8yMWRuPDpPLZiXU6raLMG0JqXApLS7rboCIQDQWHFOXZfIHyWXXMMZ1c__OglLS6-lNj8WGK7NaPBDJA%3D%3D&alr=yes&cpn=hNWI5zSNwDppwf3P&cver=1.20211026.01.00&sq=88&rn=7&rbuf=11440
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.150.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s03-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
1554fe250cd33b61469eea527b7ef97fe494c8f8ed32080c4c12f8b7cb15f8f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-sequence-num
88
date
Sat, 30 Oct 2021 15:06:56 GMT
x-content-type-options
nosniff
x-segment-lmt
1635605966371480
x-bandwidth-app-limited
false
cross-origin-resource-policy
cross-origin
x-bandwidth-est2
4347584
x-walltime-ms
1635606416933
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61834
x-bandwidth-est3
925591
x-bandwidth-est-comp
4347584
client-protocol
quic
last-modified
Sat, 30 Oct 2021 14:59:26 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
x-head-time-sec
450
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21297
access-control-allow-credentials
true
x-head-seqnum
90
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-head-time-millis
450000
x-bandwidth-est-app-limited
false
expires
Sat, 30 Oct 2021 15:06:56 GMT
videoplayback
r3---sn-2gb7sn7s.googlevideo.com/ Frame 2159 		82 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-2gb7sn7s.googlevideo.com/videoplayback?expire=1635628013&ei=jV99Yba6AZ6ix_AP38Sd2A0&ip=216.131.111.132&id=i1AO_zduB5Y.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=CM&mm=44%2C26&mn=sn-2gb7sn7s%2Csn-4g5lznez&ms=lva%2Conr&mv=m&mvi=3&pl=24&initcwndbps=116250&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=id6OhXRA7Ez3NaySfQbQKWkG&gir=yes&mt=1635606272&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=HpTCheRng6oZ1w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAJ24gbHonraLw1KN4DkrCvaGL89NXQIugkVCnengBIJ5AiB82k4rh3IP3iBlibujKAhbmyefdy2uK4yFwjCFYCUY3Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgaJMfH1FSVC8yMWRuPDpPLZiXU6raLMG0JqXApLS7rboCIQDQWHFOXZfIHyWXXMMZ1c__OglLS6-lNj8WGK7NaPBDJA%3D%3D&alr=yes&cpn=hNWI5zSNwDppwf3P&cver=1.20211026.01.00&sq=88&rn=8&rbuf=11435
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.150.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
prg03s03-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
dc9b83ee4aeacf009b67ada83b5b389e1a7e5a22361acc8ac8bea6e64e503b73
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-sequence-num
88
date
Sat, 30 Oct 2021 15:06:56 GMT
x-content-type-options
nosniff
x-segment-lmt
1635605966371476
x-bandwidth-app-limited
false
cross-origin-resource-policy
cross-origin
x-bandwidth-est2
4347584
x-walltime-ms
1635606416956
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83633
x-bandwidth-est3
743985
x-bandwidth-est-comp
4347584
client-protocol
quic
last-modified
Sat, 30 Oct 2021 14:59:26 GMT
server
gvs 1.0
vary
Origin
content-type
audio/mp4
access-control-allow-origin
https://www.youtube.com
x-head-time-sec
450
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21297
access-control-allow-credentials
true
x-head-seqnum
90
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-head-time-millis
450000
x-bandwidth-est-app-limited
false
expires
Sat, 30 Oct 2021 15:06:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
4.adsco.re
URL
https://4.adsco.re/
Domain
6.adsco.re
URL
https://6.adsco.re/

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery number| show_fname_chars string| upload_type undefined| form_action undefined| x function| $$ function| openStatusWindow function| StartUpload function| StartUploadZIP function| openStatusWindowZIP function| StartUploadBox function| checkExt function| checkSize function| getFileSize function| fixLength function| MultiSelector function| getFormAction function| setFormAction function| InitUploadSelector function| findPos function| changeUploadType function| jah function| submitCommentsForm function| scaleImg function| OpenWin function| player_start function| copy function| convertSize number| LAST_CORRECT_EVENT_TIME number| _3602530322 function| O6HH function| W6HH function| g6HH function| D6HH function| D4zz undefined| c5H number| a5H number| B8dddd function| umM6 string| m function| _uwmom function| _vizroqw object| _pop object| jQuery110209703209136787105 function| T number| b number| asJN@2jn number| l5pppp function| T677 function| w91 function| e677 undefined| handleException function| R3ff function| _clc7txdovmcwoz6ar961dm object| detectZoom object| iframe object| where object| win object| _pao object| __adFormats object| __formatsGetters object| AdManager object| a3klsam function| _clvbyr0v2qon0o5zepebei function| onClickTrigger boolean| zfgloadedpopup number| iinf function| createCANativeAd object| regeneratorRuntime function| __banner-init object| $jscomp function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako string| txt number| a function| ed number| t string| property number| r number| g string| bt

12 Cookies

Domain/Path Name / Value
imgviu.com/ Name: randno
Value: bm8tcmVm
dendranthe4edm7um.com/ Name: UID
Value: 2110301006a51116bb25c84eddb3cc102ed4
imgviu.com/ Name:
Value: __test
imgviu.com/ Name: __PPU___PPU_SESSION_URL
Value: %2FGq6qDAk2nzQceaazOEfSIAfxmf7TmxzQ7Q.php
ilusors.com/ Name: UID
Value: 211030100695200430d51d4288b3d067f7ba
imgviu.com/ Name: a
Value: EWkNo50BG77hMvbFkdJrOsOASWvBUQ6m
tb.baimgfroggd.site/ Name: 1739.991100
Value: 1
imgviu.com/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAYAYX1fiwFhfV-LgAGBAsAAIFusDmdTZ0-B0TiwpIeCDSzZIRkzaTdctLRZ0LX5QwA1wQBIMEYCIQCyXWmnTfwQT0sySq0bolMgOmOOsqYYhEhMk4BfTI1jggIhAMGMhUweRmaSC_XnbpVBTCQQFAdsokJXooYJ51kq7Wj4
imgviu.com/ Name: _popprepop
Value: 1
.youtube.com/ Name: YSC
Value: yx8lfDHUWtY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: OzZMF9TqnX0
.doubleclick.net/ Name: IDE
Value: AHWqTUnuIToxx_K6M1ktKigfOpLTyOLOaz7Tfi2fJQLg4j6PSoymTFu82R43xUDn

1 Console Messages

Source Level URL
Text
deprecation warning URL: https://stream.vast.wtf/youtube/banner?vi=i1AO_zduB5Y&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2Fi1AO_zduB5Y%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0008&oid=991100&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw(Line 33)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12007250.pix-cdn.org
4.adsco.re
6.adsco.re
accounts.google.com
adsco.re
antiadblocksystems.com
c.adsco.re
cdn.jsdelivr.net
d1ev866ubw90c6.cloudfront.net
d28a863f16.a6dbb52634.com
dendranthe4edm7um.com
fonts.gstatic.com
freychang.fun
googleads.g.doubleclick.net
ilusors.com
imgview.net
imgviu.com
js.cabnnr.com
js.wpadmngr.com
pleastindustress.xyz
r3---sn-2gb7sn7s.googlevideo.com
rtbbnr.com
static.doubleclick.net
stream.vast.wtf
tb.baimgfroggd.site
tn.hclips.com
tn.hdzog.com
tn.tubepornclassic.com
tn.txxx.tube
tn.voyeurhit.com
virlyrelatione.xyz
vs.videonet.online
wpunativesh.com
www.antiadblocksystems.com
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
yivxfcvgluhf.l4.adsco.re
yivxfcvgluhf.n4.adsco.re
yivxfcvgluhf.s4.adsco.re
yt3.ggpht.com
4.adsco.re
6.adsco.re
104.16.88.20
104.17.167.186
104.21.34.6
109.206.161.77
109.206.162.83
109.206.163.64
13.225.84.222
13.225.87.52
142.250.184.206
142.250.184.230
142.250.185.131
142.250.185.193
142.250.185.67
142.250.185.77
142.250.186.36
142.250.186.98
143.204.215.103
157.240.20.35
162.252.214.5
162.55.139.130
172.67.213.117
172.67.218.221
173.194.150.233
176.123.6.189
185.200.116.90
185.200.118.90
185.59.220.17
208.95.113.2
213.133.127.134
213.174.135.24
213.174.135.25
38.132.109.186
00aaf377eef9e5d3ba23da3adfcbda7b868eed32c4694f0b572a3399799155cf
0a500f83955139786d6ad6b9c95cbe603dceb315cf5c87005cfcf3fe2b199c2e
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
1554fe250cd33b61469eea527b7ef97fe494c8f8ed32080c4c12f8b7cb15f8f1
18f0d3bf1b6a886e13f737544451d2e91a3338f0c1fee34203634eb5bdd26909
1bf500eecb48605f0404447f417aeab13b18027d92a930d0ef2f96b225f161c9
1e7cb2ee62a78575d473a08d19b0df8a0ec3790f8f281ec79b4b068424fa2a24
233a46b4aea360246d52cf8d1010220ba69991541e80a6f45b5c990019bc9bbc
24b117668baa1c446d21372e6fdc04d3a49387071cd31a267b948b35891cb9f7
2c996f42ddaa85cc8c2758d035f9d9cac8ea1f2f8693baf4c16479a6460f4bdf
2ee35b9fbbdc11fdcd5f99c7af83429a674d22757d2342f3c82dd507f031c5dd
38fd2fa1c9bb4724854dc55617ab234182eeca455e3b72fdc9f1e6ddca9ffd1a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4031dea4a8a48b0efd5836f07da70d2f72a3fcd76d50f2d411b3ccec4e980b28
4240b4eb92ccb4e691c352ed5201c0bb3701513f4f34d7dd8549342eb01af39c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4656c2475b6b7e622d26f0e806cd45e57dce6f106dfeda52b026eef7edde386c
469e5a423e739b32dc2273229718cd6b4d07069d6e85a5c9c521befc88c33401
48703b0f20256ef0638d8ba3c7868324b31172b6c75bf89a6a0f12883d93f8f8
4bfe5f553f514bf362d7a69433b26207bfd1c6277f775b92efa8d49808712c09
4c797355fdbc5008cb1c2db5648cd47acc0c8f6f92dfac3e6a8e903667761c0f
54a63a7769085f8bf9fd9f962d5426dff7fcb2bb6a3dbc4e9138980a064f0b44
59160a1106ddd6b4894b48724b99ec4fa45fac9b67c3558111ac49a67d42d82b
5e1fd1e4b65ed8750a83aaf1e6ade6301f9b7694a1284f4f6bc1fc9afbcdcbe8
6004cbbdfd65a4a6059250ea0595c41799d38cc264a567f22db8e90e87915b26
62aa72673edf214afa30a41de2055d1973084395fbd809fc84490140ac286cb4
64c447eb593f3991a5e1898ea297f4f4ca2433f94b9d1663a17953bd658cf5b2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68a6719f190e999bf1118b7618a53b1ddf63799321dab7848f9cfd2baf85edb2
6f5156258b56f2ed3f14de7ed0c238260171cd87cb72d4e64cbb97981ab4823a
7363052bdf84cb83f00981e3bc26c780a7894aea597624eb4f4c7a59f76c0649
7c97607147b09e31e70026e23eb61dc4917b5655e4b03ee103cb50d62f6616a9
7e1030b6b9919efdf0a19b5a3cb9a307b426366addcd6bbf77a4bcf7b88f1d85
7ee28cb927860a7c631dee907cf755234c9e09d8fe8572c1545a635f7a8cd6c9
827fc465991de7b6b3bca6e680baf85ffec8ec10eee53b96a32284614e210f1a
831b502b7f9c15c2cd3ee726d68d5e1b0a7637b2fd1c01f190af2cf43c56d902
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8dbe6727aa5a99c8f0b4e25e71829246ad3bcacdc84a13e6b5b12c8ea6fafc78
922055bf5bc1f090f5f0e4274950311e95e011011ead048a9539b217d68bd47d
9322e45b0091c56d834f4c0face9068f6bccde08e51258fa07028018a9f82b88
9521baeb4d141fc44ed5f0a7288878010fc627ebc6a8ec6092b777a07e6c2036
9566c3356ea3ae7172e0a612f9c78bc6cafb9a57f6d2ffdd3ffcdbf6e583c8fc
99efa94f95887196c5d36a4092fdbcfa58af90696ceca363d4b6f4bff6fa6e8e
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9f6bba3004dd1b4962e09e7a1253a7a14ca6b5095bef59627d8d8e7da31b0d5a
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a91a379752ff4e018476599227b259c2eedbb07e9d4dca0a99d43b11fea385ef
abb0f151d2e2ad1541fa3caba64b9563a9a17521ac337f32e295e0f6f97af0bd
ad0096bf81f8bac1f7cf6b9f672fcb756748d30c27e807e6deb9d2cf81a84d89
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
cb69ebef736d09eb8e46d48b3ffb05ac7b1223085825f4159ce62a8d68770021
cbdfdb8b1d8790d129fe77af828546bdfd6db1dc454ad60e791ba4920e5982d0
cefadcb58831cb0fc7bd5988cd1ebeae5ca86c639a373849c6110502c5a6a2c3
d22a320d49ef4f061b01a2b02534239ca91527537ca3f8ebd47f1735f142564e
d6d982c2c6d09f20e8b6d6a47cf400cc7437c372997f771659477edcdeb4c2b0
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d821e26847d8c47a1d3238dbdd2c1dfd5794b72c10c29365f34730eec688be9a
d8a9d0ec818fc49487e0d67201503fd4e0892afff0860555c701ecf20e30f7bd
dc9b83ee4aeacf009b67ada83b5b389e1a7e5a22361acc8ac8bea6e64e503b73
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dfb131f3b85a1ad6ac9ce0e50627d69c9f38703d8b81def02af5d565202efc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8809c3ee26a47d6c7aa7320e2963bee4d0f419c1c215ff1b5a254baec1981a7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738
f0897ae616bf008ef346565adbd2cbe148b21c13f28a49b30cd4b6042b0e197c
f4204bd2f6323770b66668c5537da6a338ad7170bc55b8109e7313ddf2f298ec
ffb35efd480af56d9f533db9624e16256a9ffe66621e6d34fb8689510d70381a