xblog.tv Open in urlscan Pro
2606:4700:3033::ac43:bc59  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

• https://ntvpforever.com/in/show/?mid=145046064&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1245371274&sid=1876837127&cid=1945&price=0.0004&is_cpm=0&cpm=0&ecpm=0.003887803219365006&crid=10577&crtid=6cdf957019713cf2e72193b5f1b26161&tcid=0&out_id=1&ver=5.5.1&ver_c=&refdom=xblog.tv&hostname=auc-inpage-hz-0-a&site_id=3111757&spot_id=11757&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1644605754&created_at=2022-02-08&is_native=1&auction_queue=0&burl=&pop_winurl=&ip=217.64.151.69&testab=0&px_id=5111757&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=lq&url=https%3A%2F%2Fimg.cdn.house%2Fimg.php%3Fv%3D2%26id%3DeyJpY29uIjoiNjIwMTE3YTBhNjE1My5wbmciLCJ1aWQiOjIxMzAxLCJjaWQiOjEwNTc3LCJvcyI6MTQsImJyb3dzZXIiOjE4LCJjb3VudHJ5Ijo1Niwib3BlcmF0b3IiOjk5OTksInN1YkFjYyI6Nzg1OTU1MTk4LCJzdWJJZCI6MCwiYWR2VHlwZSI6MSwidHJhZmZpY0NoYW5uZWwiOjJ9&image_url=&skin_id=2&vertical_id=0&real_bid=0.0001882&pr=&user_keywords=&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=fed57b90-7698-4b34-b05b-9a3af23e68a0 HTTP 302
• https://img.cdn.house/img.php?v=2&id=eyJpY29uIjoiNjIwMTE3YTBhNjE1My5wbmciLCJ1aWQiOjIxMzAxLCJjaWQiOjEwNTc3LCJvcyI6MTQsImJyb3dzZXIiOjE4LCJjb3VudHJ5Ijo1Niwib3BlcmF0b3IiOjk5OTksInN1YkFjYyI6Nzg1OTU1MTk4LCJzdWJJZCI6MCwiYWR2VHlwZSI6MSwidHJhZmZpY0NoYW5uZWwiOjJ9

Request Chain 103

• https://ntvpforever.com/in/show/?mid=145046064&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1245371274&sid=1876837127&cid=1695&price=0&is_cpm=1&cpm=0.0199&ecpm=0.01884331&crid=&crtid=5405bc5c7899d4ea00dbff59672bb6e8&tcid=0&out_id=0&ver=5.5.1&ver_c=&refdom=xblog.tv&hostname=auc-inpage-hz-0-a&site_id=3111757&spot_id=11757&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1644432954&created_at=2022-02-08&is_native=1&auction_queue=0&burl=&pop_winurl=&ip=217.64.151.69&testab=0&px_id=3111757&adblock=0&auction_host=&mm=0&yc=0&render_type=mq&campaign_type=mq&url=https%3A%2F%2Fpn.tube911.com%2Fin%2Fin_page_shows%2F%3Fcipaci%3D3711%26cipai%3D1421%26url%3Dhttps%253A%252F%252F12112336.pix-cdn.org%252Fm%252Fp%252F0%252F284%252F284314%252Fconversions%252FcXXYZD6o-minify.jpg%26out_name%3D85625%257C17722%257Ccpm%257C0.0199%257C%2524%2B0.0199%26price%3D0.0199%26bid_price%3D0.0199%26pricebox_price%3D0.0199%26pricing_model%3Dcpm%26is_smart%3D%26domain%3Dxblog.tv%26sp%3D%5BSECOND_PRICE%5D%26country%3DDE%26utm2%3D145046064&image_url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F284%2F284317%2Fconversions%2FY9TT6qdU-minify.jpg&skin_id=2&vertical_id=0&real_bid=0.01884331&pr=&user_keywords=&format=default-slide-b_r-body&cpa=bcf7251d-0524-4413-aa76-aa4822346f7a HTTP 302
• https://pn.tube911.com/in/in_page_shows/?cipaci=3711&cipai=1421&url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F284%2F284314%2Fconversions%2FcXXYZD6o-minify.jpg&out_name=85625%7C17722%7Ccpm%7C0.0199%7C%24+0.0199&price=0.0199&bid_price=0.0199&pricebox_price=0.0199&pricing_model=cpm&is_smart=&domain=xblog.tv&sp=[SECOND_PRICE]&country=DE&utm2=145046064 HTTP 302
• https://12112336.pix-cdn.org/m/p/0/284/284314/conversions/cXXYZD6o-minify.jpg

Request Chain 104

• https://7003.winternewsnow.name/iSBGD4MyOwjaQ441vQvabnkIjNdc_d2GfPYSfpPIF5MWNcmcpdsA_MOIAIQ3LoabxtsBKqUigvztQLiwGeG4WxaXmKTcubudcAlxS7UuK39vsMwg5Yf_QiKGot_ABdfPjnXSDQ?kws=xblog%2Cerotic%2Ccelebrities%2Cinfluencers%2Cmodels%2Cdaily%2Cupdated&abl=0&fsb=0&pageUri=https%3A%2F%2Fxblog.tv%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%224%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Tue%20Feb%2008%202022%2018%3A55%3A53%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1 HTTP 307
• https://7003.winternewsnow.name/iSBGD4MyOwjaQ441vQvabnkIjNdc_d2GfPYSfpPIF5MWNcmcpdsA_MOIAIQ3LoabxtsBKqUigvztQLiwGeG4WxaXmKTcubudcAlxS7UuK39vsMwg5Yf_QiKGot_ABdfPjnXSDQ?kws=xblog%2Cerotic%2Ccelebrities%2Cinfluencers%2Cmodels%2Cdaily%2Cupdated&abl=0&fsb=0&pageUri=https%3A%2F%2Fxblog.tv%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%224%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Tue%20Feb%2008%202022%2018%3A55%3A53%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1&_h=pragma%3A+no-cache%0Acache-control%3A+no-cache%0Aaccept-language%3A+de-DE%2Cde%3Bq%3D0.9%0Aaccept%3A+%2A%2F%2A%0Aorigin%3A+https%3A%2F%2Fxblog.tv%0Asec-fetch-site%3A+cross-site%0Asec-fetch-mode%3A+cors%0Asec-fetch-dest%3A+empty%0Aaccept-encoding%3A+gzip%2C+deflate%2C+br%0A%0A

Request Chain 105

• https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxNTIzNjM4NDA2IiwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6MTE4NzUsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIn0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiMTE4NzUiLCJwYWdlIjoiaHR0cHM6Ly94YmxvZy50di8ifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiNzVmNjdkMDIwYTZjMmM0NTYxZDFjYTQ2NzAzNDViMGEifSwiZXh0Ijp7ImR0IjoxNjQ0MzQ2NTU2NzQ2fX0= HTTP 302
• https://rtbbnr.com/banner/in/show/?mid=1716219915&pid=0&site=11875&sc=DE&usage_type=DCH&subid=1523638406&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.039408284023669&ecpm=0.039408284023669&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=xblog.tv&hostname=auc-banner-hz-3&site_id=0&spot_id=11875&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2001:ac8:20:3d00:1011:33f4:4233:4148&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&min_cpm=0&ttl=&space_id=1695&banner_width=1&banner_height=1&url=%2F%2Ftcimp.zog.link%2Fin%2Fbanners%3Fkatds_ep%3DIG0BlG2x9mrWqIkjKXOtwyHH2pbug0PobSeaA68sj01mMHrfRcpLPWvjoNeyp0kG3RVRvFAe0vq9FPBQJZY1MqEK5lgyZQHgrtgyaEmVHlF7ZAAqODGeUXIHPu1G1AMDCbGuowo60bwLvCQ8HtmTwHiAxIWKZU-Pczx_POlRQvB5o4wxxIuNzEGsya-_UZZzbdmW0cV-wLtFPmI1Cq2iARegXBIj9IkE-xlEwJuy57GWTYcn-QUJZLUfx6aGPB-EL2EwTMYxrk6swAyzJnlA80QFVgbKjQ2lqjHvyb-dglGavFazAf3hHPaOC_EvWnU8Dk7NSuv9_Y5Mhb8fni9HYodxJ8IxoO4MJHqGeLf1cDy17rAv7FItREWOYQqoZ2EcR3MAi-rxOLeAZTsDqS8ZNePc783_4KFLuLWYqHpm78hsls4lMpacEI5JcEXHNSdxYMPYMi4nNgrqtCJqNmV7ZJpCymMPbQ&pr= HTTP 302
• https://tcimp.zog.link/in/banners?katds_ep=IG0BlG2x9mrWqIkjKXOtwyHH2pbug0PobSeaA68sj01mMHrfRcpLPWvjoNeyp0kG3RVRvFAe0vq9FPBQJZY1MqEK5lgyZQHgrtgyaEmVHlF7ZAAqODGeUXIHPu1G1AMDCbGuowo60bwLvCQ8HtmTwHiAxIWKZU-Pczx_POlRQvB5o4wxxIuNzEGsya-_UZZzbdmW0cV-wLtFPmI1Cq2iARegXBIj9IkE-xlEwJuy57GWTYcn-QUJZLUfx6aGPB-EL2EwTMYxrk6swAyzJnlA80QFVgbKjQ2lqjHvyb-dglGavFazAf3hHPaOC_EvWnU8Dk7NSuv9_Y5Mhb8fni9HYodxJ8IxoO4MJHqGeLf1cDy17rAv7FItREWOYQqoZ2EcR3MAi-rxOLeAZTsDqS8ZNePc783_4KFLuLWYqHpm78hsls4lMpacEI5JcEXHNSdxYMPYMi4nNgrqtCJqNmV7ZJpCymMPbQ HTTP 302
• https://tb.baimgfroggd.site/in/1816/?user_id=eb9d2febbe40555d02d3583ba9df566827bcca2c&bid=0.060340&katds_labels=&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14&ts=1644346556 HTTP 302
• https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1414646&sp=0.060340&spp=1000&se=impression&vi=hImRq5HqeCk&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644346556&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14

Request Chain 117

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
19 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response xblog.tv/	133 KB 32 KB	798ms 679ms	Document text/html	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.24 Resource Hash 320e7196eb7a126096eb4e03669e9454136bdbed6e84f3a2cca0eda0ba70b505 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 08 Feb 2022 18:55:51 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.4.24 link <https://xblog.tv/wp-json/>; rel="https://api.w.org/" vary Accept-Encoding,User-Agent cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Cl9m00yiC1YCh13pK5RiVSsDfE4FTfx6XLZ8sXRm86Uv0yqnAO%2B%2Fnaawk3hEMrT%2FxeyxthO2KTtKw5q3pgjmbPiEZTA5eu9w25nDmXMRuNMoabr62bWo6LqzvllNyfe0yYoug9cmA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6da71318fdb8216f-DUS content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.min.css xblog.tv/wp-includes/css/dist/block-library/	77 KB 11 KB	37ms 36ms	Stylesheet text/css	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xblog.tv/wp-includes/css/dist/block-library/style.min.css?ver=5.9 Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT content-encoding br cf-cache-status HIT last-modified Tue, 25 Jan 2022 20:53:18 GMT server cloudflare age 6685 etag W/"1357b-5d66e465c6d53-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20PbxP%2FVjcJCIxcK2pZKQOeV%2FnuLhGX4E9g8MKm3gOM629KocicTBoJik6OmwFpo7XLUWOoMPw8L1%2B%2FSn5UfolNDZiNsaIt3UUixIOZ7YAhrrPJZaEZK%2BtVgFZ0diDDAghoUefCBfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6da7131df917216f-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	pagenavi-css.css xblog.tv/wp-content/plugins/wp-pagenavi/	524 B 617 B	34ms 33ms	Stylesheet text/css	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xblog.tv/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f3fe039d240613055b3ab64f8f7862a63b0f7bd62178f8b3778e0b54fa70315 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT content-encoding br cf-cache-status HIT last-modified Sat, 01 Jan 2022 20:57:16 GMT server cloudflare age 6685 etag W/"20c-5d48b88573ec2-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwpSLvvV3qhGXl8C3De0dkxgCyqplBLee%2FRQPPBHc%2BGbQ1m601gegQyQgpZyLTaxOnM%2BJGezj2CxRUkSjlnnspEt4hWi179zUh7HZ0px%2Fger6%2Fc%2F2fa5FOtkKTziAWEWHAA5GTRKYA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6da7131df91d216f-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	38ms 16ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8ab6745de70cebc6209b53dd59820a04cbf7f480145c925860a2829ce24be3c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 08 Feb 2022 16:58:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 08 Feb 2022 18:55:52 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 08 Feb 2022 18:55:52 GMT
GET H2	200	style.css xblog.tv/wp-content/themes/twentytwelve/	35 KB 9 KB	32ms 32ms	Stylesheet text/css	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xblog.tv/wp-content/themes/twentytwelve/style.css?ver=5.9 Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6391f860614057ccea2e2ee7bea62e3d5a0f937edbdb3fa4d297df96e33c45f5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT content-encoding br cf-cache-status HIT last-modified Sat, 01 Jan 2022 20:58:37 GMT server cloudflare age 6684 etag W/"8d6d-5d48b8d2e8892-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzZPBaiwVJMjnE0jIeVMTtIvY423Jnyob72pd8Zf2%2BENUy4g1gCdRbrxmpOom8II0ribAwnY1mLioy9CBjPGKhSSmT5OYDYq%2Ffhkuoq5tK%2BViZlQiC0nMHnla23F2KVlOUz8TNz32Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6da7131df91f216f-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	203ms 33ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-90415805-17 Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e624367a5dbe460ae38719e5d70a0468ef98438cdeacded5446e8bb2ade74823 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35988 x-xss-protection 0 last-modified Tue, 08 Feb 2022 18:22:08 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 08 Feb 2022 18:55:52 GMT
GET H/1.1	403 Forbidden	07c7a06fcb4d9ff9f578a5cb4138754e.js pl16887576.trustedcpmrevenue.com/07/c7/a0/	0 0	1169ms 112ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pl16887576.trustedcpmrevenue.com/07/c7/a0/07c7a06fcb4d9ff9f578a5cb4138754e.js Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 08 Feb 2022 18:55:53 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H3	200	wp-emoji-release.min.js Show response xblog.tv/wp-includes/js/	18 KB 5 KB	32ms 31ms	Script application/javascript	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xblog.tv/wp-includes/js/wp-emoji-release.min.js?ver=5.9 Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT content-encoding br cf-cache-status HIT last-modified Sat, 01 Jan 2022 20:36:34 GMT server cloudflare age 5510 etag W/"4705-5d48b3e4911cb-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9dUqeec00ka%2Fi7X1eL9lGru0sBFWHBDm3fggJmR5yrucoc%2Fm5egCXEPu9%2FWUhTMS4hGrxHnFIMqRW5V0Pmmk6BxQLV7H6mgV3u8MLXPIbeaCezVspWu%2F%2B%2BwPYbNdUf099ZXfbLjbw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6da71320497c5a13-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	d8aa7988.js Show response fdelphaswcealifornica.com/aas/r45d/vki/1883527/	67 KB 27 KB	60ms 14ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://fdelphaswcealifornica.com/aas/r45d/vki/1883527/d8aa7988.js Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 8e5b3d6bd6da0d8e298796fd51fa62a011ef04ac607ffdebf493891e8479d213 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT content-encoding gzip last-modified Mon, 07 Feb 2022 13:58:02 GMT server nginx etag W/"6201256a-10d77" vary Accept-Encoding content-type application/javascript timing-allow-origin *
GET H2	200	61867 Show response 7003.winternewsnow.name/v3/a/pop/js/	15 KB 6 KB	68ms 15ms	Script application/javascript	88.208.59.103 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://7003.winternewsnow.name/v3/a/pop/js/61867 Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 88.208.59.103 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash 01b3aedb8ef7d0efbb1ec33b07d8f6dda79fcd7544e88fc1667f0c1fef1e7d5e Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT content-encoding gzip referrer-policy unsafe-url server nginx access-control-max-age 86400 accept-ch-lifetime 31536000 content-type application/javascript; charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory vary Accept-Encoding
GET H3	200	xblog.png xblog.tv/images/	74 KB 75 KB	29ms 28ms	Image image/png	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/images/xblog.png Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94dddffc991c5e4129459f49fcee7b63e631614cd0626956d675e9a958690773 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6597 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 76038 last-modified Sat, 01 Jan 2022 20:56:56 GMT server cloudflare etag "12906-5d48b8728f022" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPBF49nYbGJqL6fCs39z%2FvmS1zGam%2BVnEgjFsH1JP0M8eYr7nGUckZK9eluewUETAgdQGU2HvHI7bhmvW%2F2xCBF%2Fx4XkKb%2BU%2FvEf8iWDV%2F6P1FmwlmT6%2Bl8XzG%2FOoxkj832NTNuDdQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6da71320fbe25a13-MXP
GET H3	200	DSCF0006-4-308x410.jpg xblog.tv/wp-content/uploads/2022/02/	16 KB 17 KB	35ms 35ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/DSCF0006-4-308x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 664121968c366ca55f048da3d05280efdd9062031c1079e4f29edd32d5eca17a Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3680 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16590 last-modified Tue, 08 Feb 2022 15:01:02 GMT server cloudflare etag "40ce-5d782fc560398" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocJaMuSeBYogPvaao%2BjDPH2AXG3tMh3cfbEkF6FbQaMNQfulog5efJz2p3n6uZAWNhhLySCpi9I2vvHwH8csif2elLQKY4VMCTNCuyHGOWU77XkajNJj5sscpIlJ8joBYOtzHia27Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da713216d6e5a13-MXP
GET H3	200	fullgallery.png xblog.tv/images/	7 KB 8 KB	31ms 31ms	Image image/png	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/images/fullgallery.png Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a47e165d9a1b39dcefd5c62e88de6987f06837ec4340da971bb2ef321cb02a35 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6597 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7503 last-modified Sat, 01 Jan 2022 20:56:59 GMT server cloudflare etag "1d4f-5d48b874d930a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkBgVBS1YdEeyyGGGO88CvTKKEoB5661fLg%2FRT3GfYN9lnOdmNj%2BDP80tbi%2FKF%2BrgMm1C1vjjNFojdAXB3UdIrbuhS5GidCWZFhbnSzrZjq84XZF1ZmQjkJFeN0r4UTHOW%2Bd8hLsZA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6da71321ae285a13-MXP
GET H3	200	sunset.jpg xblog.tv/images/	91 KB 92 KB	27ms 26ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/images/sunset.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16693f9adb09d97c236432312a587083edef5393871f523fef78ad3355650c2f Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6597 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 93695 last-modified Sun, 23 Jan 2022 17:16:56 GMT server cloudflare etag "16dff-5d64304e08e42" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czHRg5KphzgjTi7uG5gp1agtz15mhXm4n3%2F1Xyk%2Fwy9aOZOjJSOitjVhXcjs6hsP0N9UFaMl%2FxINabHTUEkaG6n0pH5ReouamDi3WOhT92zRY11DWX57UZ6fKp0sqPpfoVP2NZHzcA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71321decc5a13-MXP
GET H3	200	sexychanbanner.png xblog.tv/images/thumbs/	205 KB 206 KB	26ms 26ms	Image image/png	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/images/thumbs/sexychanbanner.png Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0515887247adad3db61ce8e2d5a73c4af1f319f4975dcc9323d555aaf2fba2da Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6597 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 210041 last-modified Thu, 20 Jan 2022 17:16:31 GMT server cloudflare etag "33479-5d606a9dff4b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ffDhEqWUrY8d0hXLsZmGFQKaUXALa4IWxlNqutOkiVhEAxizmTWTGDGuViEiECw2n6gbKhLBahmlE%2B5L7jaetRT1Seya6HDN9NAksIm2WpCNMPUuDsqLrIGqCSEcdZH%2F53O7BLs2uA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6da713222fa25a13-MXP
GET H3	200	fashionthumb.png xblog.tv/images/thumbs/	196 KB 196 KB	29ms 29ms	Image image/png	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/images/thumbs/fashionthumb.png Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea086970075ac01fabc037e3e4993b2e332be30810a69c7729018d9dbbe4dcd5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3677 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 200422 last-modified Sun, 02 Jan 2022 07:03:48 GMT server cloudflare etag "30ee6-5d4940177efbb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFHA7PKypTvgqRYCFpe0K9kPpjz5S5agmEuIAv%2B%2Fc3vO%2B9WlbeVMKlfzGoCbiQ48VQajTkICgb1%2FHT%2FQqnfdUvFjdcotMzXDn31QSO3y5n8ozbz0YYLmXxtnIaodrSa9SrxXgHuatA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6da7132288ac5a13-MXP
GET H3	200	tokyothumb.png xblog.tv/images/thumbs/	171 KB 171 KB	33ms 33ms	Image image/png	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/images/thumbs/tokyothumb.png Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fb4d0e63896500b7fba6fcb69e328bcd1042a9d4054e254a2b85f95b35f0a6b Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 453 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 174877 last-modified Sun, 02 Jan 2022 06:12:09 GMT server cloudflare etag "2ab1d-5d49348bf9f26" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I16lNh5XWVAS2nKfLor3LKSDKlV58wPI84uwVaT7mJX8vM3Y2gJResxkch1nxqwEmR9rL60jEQ1ETGQR77ZdUZUxBDG4O6q%2FiYblmcCWKA4T9LNY6Yz3AnCFmEuX4OmvU7hVnPCDMw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6da71322d9c55a13-MXP
GET H3	200	idolsthumb.png xblog.tv/images/thumbs/	211 KB 211 KB	46ms 46ms	Image image/png	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/images/thumbs/idolsthumb.png Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af80d13b3b1bce7cca4ccb79cbf4bc9befc05d2fca542a88a0bdade3e9ed0ef4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 453 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 215565 last-modified Sun, 09 Jan 2022 23:36:28 GMT server cloudflare etag "34a0d-5d52eb06fdb23" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLNZ16q9Cf8VOv7GO5VQQ5PHtEcejudjRrkxGfZRvfJ2KI4THk3XrYnIxS62eGVWtCJHaZR%2FKKquXFjEBuvDS72mGW5vIE%2F8bcHiMMMRkw4R2OWtc%2FYzCF%2Fe%2FpnnrGbXiG7LB8Vjdg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6da713232aa95a13-MXP
GET H3	200	amateurthumb.png xblog.tv/images/thumbs/	201 KB 201 KB	34ms 34ms	Image image/png	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/images/thumbs/amateurthumb.png Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5cd51605b6689e1605250a80dd00dd827235723dc16ab2860f866a33ad338873 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3677 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 205567 last-modified Sun, 02 Jan 2022 06:33:15 GMT server cloudflare etag "322ff-5d493943a0e1d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67QYB0J9LlmlXKFCh6GPRyqXTZuzWeHgZc7wJ3IIcFcN8anUR8aIjguqGQb0IMWQDgonG0VQCdArgjV64AeT8A580RVJ2VkLdf6aKoM23lE4wN8wPewpa%2BcyGDzLhQjyenJfQjlsfw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6da713239c0c5a13-MXP
GET H3	200	xblog2.png xblog.tv/images/	9 KB 10 KB	32ms 32ms	Image image/png	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/images/xblog2.png Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d4cd1a356d1476fe632c87a0b33c9c8f758d4886771512df0bdd397f317bcb3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6597 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9222 last-modified Sat, 01 Jan 2022 20:56:57 GMT server cloudflare etag "2406-5d48b873b3002" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObFpihZd3hYsEbpK3KWUR8xBcEvo2C2bik3HHfdRq8YB46CnErgOqwfez9tP6Nmj6X9RJ%2BY1aFeU3tC0DuyNnXgJU5SM2YGtVwuKpPiv17lGxWELlF7U5CZcLL%2FmHeKjGyhjqRc1hA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6da71323fd315a13-MXP
GET H3	200	email-decode.min.js Show response xblog.tv/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	33ms 32ms	Script application/javascript	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xblog.tv/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 08 Feb 2022 10:43:21 GMT server cloudflare etag W/"62024949-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpTw4TOxx9FLLKAspI0H%2FuLY1raqlAzlKE8rvOvTH9jjn4aS2Yc%2Fy%2FuGNx7BQ0AvsP64RMXEeV6Xeh9%2FaK2M1ZzjPFEeNUG7MLNw%2F%2BV80USxGtuYWpAWhHjSS4EdgOqxtt3%2FjnWPGA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6da7131e8bc45a13-MXP vary Accept-Encoding expires Thu, 10 Feb 2022 18:55:52 GMT
GET H3	200	navigation.js Show response xblog.tv/wp-content/themes/twentytwelve/js/	863 B 916 B	35ms 34ms	Script application/javascript	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xblog.tv/wp-content/themes/twentytwelve/js/navigation.js?ver=1.0 Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12701b18ff59a06aa1985d1c02d5c36c29f1f4d6926e7f1e32785155f5f2ea53 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:52 GMT content-encoding br cf-cache-status HIT last-modified Sat, 01 Jan 2022 20:57:54 GMT server cloudflare age 5510 etag W/"35f-5d48b8a9dac52-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZPkXtO7M7Qi66D%2FAeCPovCYVV%2Bq711pJxGZyCKyyasZhSntuGkRQE40dS73Ve1klGqRVYVk0dadP1y6XkAJforjLxXDSj8jauUjg97FCTvj5%2BAFv5Zk%2Fd7zOoLO%2BfB48jqVKYn%2FFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6da7131ecc965a13-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	gitgraph.min.js Show response www.premiumvertising.com/	30 KB 9 KB	57ms 14ms	Script application/x-javascript	2a02:6ea0:c700::2 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://www.premiumvertising.com/gitgraph.min.js Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 3c1142a2ae20ee38f2ba3e201da2804149159564dc285f2ff3bb5dda68701e2f Request headers Referer https://xblog.tv/ Origin https://xblog.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-77-pop frankfurtDE date Tue, 08 Feb 2022 18:55:53 GMT content-encoding br x-77-cache HIT x-cache HIT x-age 196838 alt-svc quic="195.181.175.47:443"; ma=2592000; v="44,43,39" x-77-nzt AcO1ry+7rzH/5gADAA== x-accel-expires @1644754515 server CDN77-Turbo x-77-nzt-ray vtTTJK3aUm8= content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=604800 link <https://premiumvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect expires Sun, 13 Feb 2022 12:15:15 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	28ms 6ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-90415805-17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 3061 date Tue, 08 Feb 2022 18:04:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 08 Feb 2022 20:04:52 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	42ms 25ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1207538348&t=pageview&_s=1&dl=https%3A%2F%2Fxblog.tv%2F&ul=en-us&de=UTF-8&dt=XBlog%20-%20Erotic%20celebrities%2C%20influencers%20and%20models%2C%20daily%20updated!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=481389140&gjid=1945121105&cid=1781832694.1644346553&tid=UA-90415805-17&_gid=2079820963.1644346553&_r=1&gtm=2ou220&z=757187270 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://xblog.tv/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 08 Feb 2022 18:55:53 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://xblog.tv cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adp1v3.js Show response cdn1.adcdnx.com/s/	90 KB 34 KB	131ms 53ms	Script text/html	172.66.42.219 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn1.adcdnx.com/s/adp1v3.js Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.42.219 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c78d501cca8ae87720b4af08112fdf223e21291fc69d76dbccccd2c901ee3f1d Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 08 Feb 2022 17:47:21 GMT server cloudflare age 4112 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html;charset=UTF-8 cache-control max-age=7200 cf-ray 6da71325bbc9694f-FRA
GET H2	200	login.php www.facebook.com/	0 0	158ms 114ms	Image text/html	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	backgroundwet.png xblog.tv/wp-content/uploads/2022/01/	3 KB 3 KB	49ms 49ms	Image image/png	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/01/backgroundwet.png Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05613216a3c529a104e7f3b94f2c5ff6028116f5e94fdf9fc5b92d0d46d33f85 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3224 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2896 last-modified Sat, 01 Jan 2022 21:00:31 GMT server cloudflare etag "b50-5d48b93f3d339" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9HaazapTRBl8jstVzetXxu0IYkggDUX%2FTfSuSUlTDwrMMmm%2BCsisc1zo4YRJE4sKTuYWMt7%2BMUeIjLgnMt92lnl%2FYoK%2FTy21XBsCpSVV%2BbBF9REtGCrnHTd93ia06%2FsbY49400qMQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6da713258a265a13-MXP
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v27/	44 KB 44 KB	63ms 12ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xblog.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 04 Feb 2022 09:58:52 GMT x-content-type-options nosniff age 377821 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44656 x-xss-protection 0 last-modified Thu, 28 Oct 2021 00:30:43 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 04 Feb 2023 09:58:52 GMT
GET H3	200	DSCF0031-4-308x410.jpg xblog.tv/wp-content/uploads/2022/02/	17 KB 18 KB	44ms 44ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/DSCF0031-4-308x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6203336106b298e7e666152fe80ad7cd7c891b48c76e3c1da86bbdd56feb1738 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3681 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17388 last-modified Tue, 08 Feb 2022 15:01:52 GMT server cloudflare etag "43ec-5d782ff4ee0d8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNSwH6OopytA%2Fv2ZYdomE2vZgx9z0zHI9JdU2r1%2BReMAlvXL1rv7DyL%2FOd8fCRjaK%2FM%2FHioLwSIqUH2SYMGyRzUtf8lLoON69GEnXttgNRSiuH3uI9IFF59iTzmAffemRQWrJvhkrw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325ba975a13-MXP
GET H3	200	DSCF0058-4-308x410.jpg xblog.tv/wp-content/uploads/2022/02/	18 KB 18 KB	46ms 45ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/DSCF0058-4-308x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec2728c09879d0f0d4b213ec4075abad7f4ffd193e6634a8ff5a540957dd99aa Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3681 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18129 last-modified Tue, 08 Feb 2022 15:02:45 GMT server cloudflare etag "46d1-5d7830277e250" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZ%2BN5rzcv%2BH164j1dOeWlLCa4i%2FBlh2VrtkkcTBiPVBNMk%2Bjzwb%2F9FA6vqnxCkHfmjFoSA8WO44cRZPB%2Blo%2Bcdng9ocQoakr%2BddPrf3Ygj2eL8Q%2B83o1CFWV1Zt9M0zMZ80wSba3lQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325ba9c5a13-MXP
GET H3	200	DSCF0068-4-308x410.jpg xblog.tv/wp-content/uploads/2022/02/	18 KB 19 KB	48ms 47ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/DSCF0068-4-308x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42952098dd12bee00ec548318dbf86f0ca516da5e7c1009e6c7380f790d335cd Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3681 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18581 last-modified Tue, 08 Feb 2022 15:03:05 GMT server cloudflare etag "4895-5d78303a88698" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vw%2BSf8xWA4PZV62mGE1%2BY613AxhUyGLshl%2Fm1aDKT7%2BtKTthhbK7cUp7CXwQ0K6lnLQi93HQcJx3tJ2S1nHDL1JkQFsOrju4MRGarumSHNvbIR4BR7Elq1qobNxW2TC8Xl5mR3k1CA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325ba9e5a13-MXP
GET H3	200	fm-09-16-025-273x410.jpg xblog.tv/wp-content/uploads/2022/02/	23 KB 24 KB	50ms 48ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/fm-09-16-025-273x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bd0d8388492567e3e6fd642b0b1d8d8d0a9c6051333f77497366f8bd52908e1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 474 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 23780 last-modified Tue, 08 Feb 2022 10:22:14 GMT server cloudflare etag "5ce4-5d77f17437322" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bi%2Be0cPJBxnpWEr6Yw9IHCd%2BA1KqVi2Gi9EeNOjXOb7mVFpWZwYxEtouKOwjkn%2BUbibvDGK1yF8tugCFWgOe2XBAhIztu4SF7KqtKikzVI1oH2VvswpuMkVBWpRnmO1dio%2BqOHNtOA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325baa35a13-MXP
GET H3	200	fm-09-16-037-273x410.jpg xblog.tv/wp-content/uploads/2022/02/	21 KB 22 KB	52ms 50ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/fm-09-16-037-273x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c321627fd423822ca7c455452cd97b85138a65d0db08bcdd5455e78926a18f04 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 474 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 21859 last-modified Tue, 08 Feb 2022 10:22:29 GMT server cloudflare etag "5563-5d77f18272c02" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqOB7OSrNwU%2FekXh9kOzeSRUedn2j6UCBX6eneoMWbPvUvdc3P9X5RwA2eHz8d1j7ZFtdz6qWiSSTtxtJybPidrALCBqttNfpBiJlot9%2Bbs8cPTNeJHBKNq17q%2BLtC0VUlh3JmIzHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325baa85a13-MXP
GET H3	200	fm-09-16-060-273x410.jpg xblog.tv/wp-content/uploads/2022/02/	16 KB 17 KB	73ms 71ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/fm-09-16-060-273x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67f31e57b45a0171fef889c8341eaa5e724adb9545fe52ca596a032693bdf1f1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 474 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16860 last-modified Tue, 08 Feb 2022 10:23:01 GMT server cloudflare etag "41dc-5d77f1a11d562" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNmoRayEz7GTqwQEhnnKJfsKT%2F%2BMVMqmSa%2F5OvI8DrrrJp86PrDdBjF8a8Fd%2FYI6d%2BHsVqUj9R%2FzAS%2FNDIxKK8%2B6fVH%2Bv3NfXabO3ejRq2ALLYmZV9Z9klBrlRcqQhLaDOZdVkv9MQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325baaa5a13-MXP
GET H3	200	fm-09-16-082-273x410.jpg xblog.tv/wp-content/uploads/2022/02/	21 KB 22 KB	55ms 53ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/fm-09-16-082-273x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14c7911088d1f095eb43e012444d8376fa65615dc493ec5f7c38ba3b17e12f0a Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 464 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 21581 last-modified Tue, 08 Feb 2022 10:25:27 GMT server cloudflare etag "544d-5d77f22ba91c2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bs%2FilW7dQ3BUMX5uL2TTJK%2Fa6xhB7zH5tv5NIvYX9rpCJQWVHLQh9PHSaQ1%2FYSG3euOOzE8Ci7FWUQzZLRcQjsp59Vf6HkgIYnlNlv9oakjDE1WUe7zqn3Lg1s%2BQK5Kr6GzmRdXB9Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325bab05a13-MXP
GET H3	200	sd-009-067-272x410.jpg xblog.tv/wp-content/uploads/2022/02/	18 KB 19 KB	72ms 70ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/sd-009-067-272x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9027dd24a5fcdfe8dcb02a3e60c382f7c54563398436515892c77bacf0a1dfaf Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 473 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18789 last-modified Tue, 08 Feb 2022 10:24:55 GMT server cloudflare etag "4965-5d77f20dcd112" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2B%2Fh2suIApOXBlPD3Dd1QkoKPO%2BZ4L4HbTDdBkFzhNx3sHRILdxhQgmdMZNC9BUFqyGu3lrAc7DL4W2sVIfY11VWtZMjo0crQrzhk%2FjIqWe1o17ZwYG2IJYwl2z3t292nVoM7mPsw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325bab45a13-MXP
GET H3	200	sd-009-064-272x410.jpg xblog.tv/wp-content/uploads/2022/02/	21 KB 21 KB	55ms 54ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/sd-009-064-272x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90b0498130a137a75e5a1d4e181269c160e4b1772c1b06a527ef2757aae53269 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 473 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 21243 last-modified Tue, 08 Feb 2022 10:24:40 GMT server cloudflare etag "52fb-5d77f1ffc3ce2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8O%2FRyyrVCOkmpgyvSeB9O9iYSUD1VPkPOipccrsev3ZTrSLaK51ZhIW03vtjRWtzmjzVf0aE8HUMh91ZoP%2BC5P042wkcBCal7HbeA2cfKFO5GUJ4qBnYFHNzuc4WdpdWNSIOqjRuVQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325bab75a13-MXP
GET H3	200	sd-009-062-272x410.jpg xblog.tv/wp-content/uploads/2022/02/	18 KB 18 KB	70ms 68ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/sd-009-062-272x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 982ad7804e2a7a34c713590700281a66d049b98c80c5aeb9aa444ea6dfd9bf95 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 464 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18049 last-modified Tue, 08 Feb 2022 10:24:36 GMT server cloudflare etag "4681-5d77f1fbf0502" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoNGy2hkvNgeDZgOv7O4AI6o2lsrtFZIuj3dM7QgSpCb7bJsarFw%2BfasJiUEZHW3hCNcD%2BbwteFyOhIMhWPbf5sWpt8W0%2BSWseO2bklyuthddBmLvelRW3e%2BnwMBRNh3CZH5udQMDw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325bab95a13-MXP
GET H3	200	sd-009-052-272x410.jpg xblog.tv/wp-content/uploads/2022/02/	19 KB 19 KB	57ms 56ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/sd-009-052-272x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6059a5b2ba22c5c077c63d254f9f8994e75f250b4b9262e3d371c00bdfc61997 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 464 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 19360 last-modified Tue, 08 Feb 2022 10:24:21 GMT server cloudflare etag "4ba0-5d77f1ed81002" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHkcrVbQn2zYcqu9fhItXs3ZJlxW0CYZfkSI%2BG3HTvVuGtD%2BrOsvGHtzBA5Di543CxMcEbqSPufaWfXosj49SOcLqeXHjzXOx8bxHcIfPAn%2B2FXghmT6a3Q08aPvKssRqS0goaxItw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325babd5a13-MXP
GET H3	200	sd-009-039-272x410.jpg xblog.tv/wp-content/uploads/2022/02/	16 KB 17 KB	100ms 98ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/sd-009-039-272x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2815b56dd85fe2a1e8355bcd8ff3c6e57513a5e68e1049e235623bf748504464 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 464 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16583 last-modified Tue, 08 Feb 2022 10:24:06 GMT server cloudflare etag "40c7-5d77f1df14dca" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKBg1T1AlAl%2FQpQTCD9Nq5A8feYMjEKXkT9v6S43Gw%2BCFs39vSAK2JUpStFnLfLjLrWQj30UKoHiJUIeGjdeRKbF0%2Bf1BhrftDckDn24KK1yKp8H0%2BGXfJMAri%2FRkzjNYr%2F9UQW%2BGQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325babe5a13-MXP
GET H3	200	sd-009-015-272x410.jpg xblog.tv/wp-content/uploads/2022/02/	21 KB 22 KB	58ms 57ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/sd-009-015-272x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03919d44cdc2bcb8b7d2cbbf7a8e69113eafc33ddb65bc4cb5b0d48302b41e78 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 463 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 21707 last-modified Tue, 08 Feb 2022 10:23:27 GMT server cloudflare etag "54cb-5d77f1b9defba" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyshXPksf%2FMJ9b9Y7RTZucY9ukU6EHlOScx%2B8PWPK1ACtvLDzcITxFRIejB6MpklCdOtz%2BCOi14%2B4iVkhXOVN10jUQ8DI0J2qnxDLmnHginYCQ4rUakff2QdsxLzYYuZ5wBWoGdHxQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325bac35a13-MXP
GET H3	200	fm-09-15-008-273x410.jpg xblog.tv/wp-content/uploads/2022/02/	22 KB 23 KB	72ms 71ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/fm-09-15-008-273x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d422f88bd4c3f9056da698c1f3a63a8929c5c4ab126e50e99c091f3baf8c0169 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 470 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 22935 last-modified Tue, 08 Feb 2022 10:15:06 GMT server cloudflare etag "5997-5d77efdc0fa5a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuOHMRivZ2WvcvN2VleYJE9swlRNPmkUNStjAcdQEfdnCvBSTBSJJJA5N3o4Dqt7k7B5%2BdI6%2BWNZVys9F6UVoqJp8rQgGkc%2FPKoK2es%2FZC8I5ItCemQoO7AyQYNGml%2BeyKIHl5G92Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325bac65a13-MXP
GET H3	200	fm-09-15-003-273x410.jpg xblog.tv/wp-content/uploads/2022/02/	28 KB 28 KB	60ms 59ms	Image image/jpeg	2606:4700:3033::ac43:bc59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xblog.tv/wp-content/uploads/2022/02/fm-09-15-003-273x410.jpg Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:bc59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 772284218392a2009ccf4f22eef25d48d2baef27a60ff32dc12861b6c09abad1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 470 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 28499 last-modified Tue, 08 Feb 2022 10:15:00 GMT server cloudflare etag "6f53-5d77efd5c645a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bf2W%2BHWGDBhZq0EKDgrb%2BzeGQIzVKwXTbC0kryMfHvYDuAityqjSFdh2ek9up0KcS76m6JMSweI93wjtOW6Cm%2Fb4RT7dhPDnbuTuKkyjI0nDZDYLvKEOBXfqDCMApAqbJuAITggs6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 6da71325bac85a13-MXP
POST H2	200	solid.gif fdelphaswcealifornica.com/	43 B 145 B	15ms 14ms	Ping image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://fdelphaswcealifornica.com/solid.gif?z=1883527 Requested by Host: fdelphaswcealifornica.com URL: https://fdelphaswcealifornica.com/aas/r45d/vki/1883527/d8aa7988.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers Referer https://xblog.tv/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 08 Feb 2022 18:55:53 GMT x-route-id stats.tag.loaded server nginx timing-allow-origin * content-length 43 content-type image/gif
GET H/1.1	200 OK	ocounter.php Show response freehostedscripts.net/	183 B 1 KB	347ms 290ms	Script application/javascript	188.114.97.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freehostedscripts.net/ocounter.php?site=5661086&e1=&e2=&r=&m=0&wh=1600%20x%201200&a=1&pn=https://xblog.tv/ Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.3.10-1ubuntu3.26 Resource Hash d7aede6db11b0ce0685d86efa49c0b339ee9970759309785518992bbaf090b08 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 08 Feb 2022 18:55:53 GMT Content-Encoding br CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/5.3.10-1ubuntu3.26 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma no-cache last-modified Tue, 08 Feb 2022 18:55:53 GMT Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCXEpvIsfhOEiUhyXxSkSCLfD%2BGGoVA0fjQBjf2bmGh3Fa8DmZL1h41viAfksKQJcam8gIC1HC%2B95MRXwbJaKd8qLXkqFq6zl2d24KN4%2BXHyNk06cLUSvkxhA7p3akodI6xzzoJOVOA%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 CF-RAY 6da7132638b89174-FRA expires Tue, 01 Jan 2000 00:00:00 GMT
GET H2	200	213625dc1e4d87bb8be458a456aa4588.js Show response 7eeb1771b0.86b16730f8.com/	80 KB 29 KB	136ms 7ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://7eeb1771b0.86b16730f8.com/213625dc1e4d87bb8be458a456aa4588.js Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 8365ad50a44341d8858863fec236793a9b4074461b61cae8aaa25343b47d7ce3 Request headers Referer https://xblog.tv/ Origin https://xblog.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding gzip last-modified Tue, 08 Feb 2022 09:44:38 GMT server nginx/1.18.0 etag W/"62023b86-13e4c" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Tue, 08 Feb 2022 19:00:53 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	/ Show response c.adsco.re/	62 KB 22 KB	126ms 36ms	Script text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: www.premiumvertising.com URL: https://www.premiumvertising.com/gitgraph.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding br cf-cache-status HIT server cloudflare age 5846221 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 6da713269b903762-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 11 Mar 2022 18:55:53 GMT
GET H2	200	1883527 Show response fdelphaswcealifornica.com/get/	3 KB 2 KB	22ms 22ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://fdelphaswcealifornica.com/get/1883527?zoneid=1883527&jp=_clexkwp1j4yd5iur0lzugn&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=0&sp=0 Requested by Host: fdelphaswcealifornica.com URL: https://fdelphaswcealifornica.com/aas/r45d/vki/1883527/d8aa7988.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash e62a111f46059e3aa14495a038d65b8e6f4d24d27c82b235cf997b6605056269 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-encoding gzip date Tue, 08 Feb 2022 18:55:53 GMT x-route-id config server nginx timing-allow-origin * vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	rci Show response wxhiojortldjyegtkx.bid/	1 B 583 B	229ms 197ms	XHR text/html	104.21.35.164 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wxhiojortldjyegtkx.bid/rci Requested by Host: cdn1.adcdnx.com URL: https://cdn1.adcdnx.com/s/adp1v3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.35.164 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 08 Feb 2022 18:55:53 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/html;charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j43hNgzkMEkzefm9bBfhLe9BHs0oETQj%2FlaaCbVLxVAvlQgi2%2B52Y%2BSysIomir297O0DIvzJU0yHaRAH9h81ncF3bCZKV6ri%2F7e5Ae4lKNy8Hxkw2iJqBq4WCoAX8bt17TN8iZO3MWWi"}],"group":"cf-nel","max_age":604800} cache-control no-transform,no-cache cf-ray 6da713267c0a9259-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1
GET H2	200	/ Show response baradoot.com/ssp/req/1883527/	7 B 207 B	65ms 12ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://baradoot.com/ssp/req/1883527/?pb=e934cb3b77da627e0dc193f842697a781644353753&psp=fDiC4kFkkWmnEeUZwZagj-O5r3LgK9NOBTXzj4MA5g_2bSQwaxPfgkeWfFu4PaYg2urpa8QTEfKC8qkHMroehPyJtOpk8cq8WiwyupnOj2ivko3e8oszxJfGKzHCYFG_ZEOT9Z7eAQSSBO1jIOkUFnwoPX_l0cBGy8y5dX8JDxQJX4IduQu2EhCAbaGzlXk-dZEf_hOYW66AyWyK6mW9EoX6LWz6QlXE2qaYG9ftG08cyT6NxYi0MT1JS3JIsP_GRun4tmzLyYH_LqRia7Uh-QK_PcjYBbYKXsdxwQ0mkV9k6Q-XhgBfuor4jQcr3F60W7ZYhVjpHkZnZfk0y07pdp0J9fpZ0iXynvCK7Ya3A7gaMIP3k5Qt5oeE2BjJLQwQfDdmqDx9vSsj_4AtzryGpVJkcLp9QcSD6JSxG2DGPAaqJoQYG2dHPmpQ5ZXZ2ktx90WXkiDnKr9-8ykqHO9AtV4XY7rSFsjIoFfXio-VzUjMUQ==&cb=_clcf5m6gn3nk39rytcz6l5&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24 Requested by Host: fdelphaswcealifornica.com URL: https://fdelphaswcealifornica.com/aas/r45d/vki/1883527/d8aa7988.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT x-route-id ssp.bet server nginx timing-allow-origin * content-length 7 content-type text/javascript
GET H2	200	/ 6.adsco.re/	0 417 B	123ms 39ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xblog.tv/ Origin https://xblog.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://xblog.tv access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 6da713275e8f5995-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	/ 4.adsco.re/	0 455 B	137ms 23ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xblog.tv/ Origin https://xblog.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 08 Feb 2022 18:55:53 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://xblog.tv Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
POST H/1.1	200 OK	p Show response adsco.re/	0 417 B	101ms 34ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xblog.tv/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 08 Feb 2022 18:55:53 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK lon223 Access-Control-Allow-Origin https://xblog.tv Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 4.adsco.re/	46 B 455 B	106ms 31ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 48d49a8a7e3accb815b7022a98c3b46b487b518f4cb79b68c08b3d7320e827ee Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 08 Feb 2022 18:55:53 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://xblog.tv Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H2	200	/ Show response 6.adsco.re/	69 B 111 B	108ms 40ms	XHR text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e983807829f5fed1f39c726f475ede61d17722f8a50b07d7dbc623e25bb2446 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding br server cloudflare access-control-allow-headers Content-Type expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin https://xblog.tv access-control-max-age 2592000 cache-control private, max-age=10 cf-ray 6da713275e8a5995-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H/1.1	200 OK	/ nomtstpefxld.l4.adsco.re/	0 464 B	104ms 29ms	Ping text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://nomtstpefxld.l4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS adscore.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xblog.tv/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 08 Feb 2022 18:55:53 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ nomtstpefxld.n4.adsco.re/	0 464 B	366ms 85ms	Ping text/html	38.132.109.186 M247
General Check archive.org Show headers Download Go to Full URL https://nomtstpefxld.n4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 38.132.109.186 New York, United States, ASN9009 (M247, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xblog.tv/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 08 Feb 2022 18:55:53 GMT Last-Modified Mon, 30 Jul 2018 15:32:42 GMT ETag "5b5f2f9a-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
POST H/1.1	200 OK	/ nomtstpefxld.s4.adsco.re/	0 464 B	1397ms 167ms	Ping text/html	185.200.116.90 M247
General Check archive.org Show headers Download Go to Full URL https://nomtstpefxld.s4.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB), Reverse DNS no-mans-land.m247.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xblog.tv/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 08 Feb 2022 18:55:54 GMT Last-Modified Mon, 30 Jul 2018 15:38:01 GMT ETag "5b5f30d9-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H3	200	/ Show response c.adsco.re/ Frame 597F	62 KB 22 KB	104ms 40ms	Document text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-type text/html cache-control public, max-age=2678400 link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch expires Fri, 11 Mar 2022 18:55:53 GMT etag W/"2Ma3006J78KgzL0RD+7gUg==" cf-cache-status HIT age 6309548 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 6da713275e2ee8f7-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		/ 6.adsco.re/ Frame 597F	0 0
GET H/1.1	200 OK	/ 4.adsco.re/ Frame 597F	0 457 B	25ms 24ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://4.adsco.re/ Requested by Host: xblog.tv URL: https://xblog.tv/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c.adsco.re/ Origin https://c.adsco.re Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Tue, 08 Feb 2022 18:55:53 GMT Content-Encoding gzip Access-Control-Max-Age 2592000 Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://c.adsco.re Cache-Control private, max-age=5 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Headers Content-Type
GET H2	200	5368 Show response 7eeb1771b0.86b16730f8.com/22b683e45eb8b78058f9ff6485863c7d/	3 KB 1 KB	8ms 7ms	XHR application/json	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://7eeb1771b0.86b16730f8.com/22b683e45eb8b78058f9ff6485863c7d/5368 Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/213625dc1e4d87bb8be458a456aa4588.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash f3c0d5f7472eae9492e637622b9b11ac0ab1e0356ac970d73057950217db5cbf Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding gzip server nginx/1.18.0 content-type application/json access-control-allow-origin * expires Tue, 08 Feb 2022 19:00:53 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	wp-banners.js Show response js.wpadmngr.com/npc/sdk/	0 238 B	35ms 6ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpadmngr.com/npc/sdk/wp-banners.js Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/213625dc1e4d87bb8be458a456aa4588.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT last-modified Fri, 20 Aug 2021 15:14:31 GMT server nginx/1.18.0 etag "611fc6d7-0" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Tue, 08 Feb 2022 19:00:53 GMT cache-control max-age=300 accept-ranges bytes content-length 0 x-proxy-cache HIT
GET H3	200	/ Show response c.adsco.re/ Frame 597F	62 KB 22 KB	43ms 43ms	XHR text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://c.adsco.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding br cf-cache-status HIT server cloudflare age 6309548 etag W/"2Ma3006J78KgzL0RD+7gUg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html link <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch cache-control public, max-age=2678400 cf-ray 6da71327ff7ce8f7-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 11 Mar 2022 18:55:53 GMT
GET		/ 4.adsco.re/ Frame 597F	0 0
GET H2	200	track Show response 5ad970a7c3.86b16730f8.com/in/	0 199 B	137ms 16ms	XHR text/plain	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://5ad970a7c3.86b16730f8.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI5MDM4NDEwMDIyNzI1NjkzMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMTUuMCIsInRhZ19pZCI6NTM2OCwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowfQ== Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/213625dc1e4d87bb8be458a456aa4588.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 08 Feb 2022 18:55:53 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers * content-length 0
GET H2	200	6bd1a678011c5d309210b533d84a4f72.js Show response 7eeb1771b0.86b16730f8.com/	40 KB 14 KB	9ms 9ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://7eeb1771b0.86b16730f8.com/6bd1a678011c5d309210b533d84a4f72.js Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/213625dc1e4d87bb8be458a456aa4588.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 4376870644c48376d2c1ccce827699473478736228d83f0e52834f241594ae32 Request headers Referer https://xblog.tv/ Origin https://xblog.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding gzip last-modified Wed, 02 Feb 2022 06:09:05 GMT server nginx/1.18.0 etag W/"61fa2001-a1da" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Tue, 08 Feb 2022 19:00:53 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	c98a66caec9aa0c4e9d0d2d993aed504.js Show response 7eeb1771b0.86b16730f8.com/	39 KB 14 KB	10ms 10ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://7eeb1771b0.86b16730f8.com/c98a66caec9aa0c4e9d0d2d993aed504.js Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/213625dc1e4d87bb8be458a456aa4588.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 79f71c0bc04552661a5069cb22f1f176e4544c625123d3b122d10feede98d675 Request headers Referer https://xblog.tv/ Origin https://xblog.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding gzip last-modified Fri, 04 Feb 2022 11:53:00 GMT server nginx/1.18.0 etag W/"61fd139c-9cf0" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Tue, 08 Feb 2022 19:00:53 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	5129a836c111efd72de8257c4ed706a6.js Show response 7eeb1771b0.86b16730f8.com/	24 KB 6 KB	20ms 6ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://7eeb1771b0.86b16730f8.com/5129a836c111efd72de8257c4ed706a6.js Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/213625dc1e4d87bb8be458a456aa4588.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e24ee213782f6ed0de472f2a8b9374799b9a79643d466133d7a10a81383aa039 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding gzip last-modified Wed, 02 Feb 2022 07:44:44 GMT server nginx/1.18.0 etag W/"61fa366c-6155" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Tue, 08 Feb 2022 19:00:53 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	build.m.js Show response js.cabnnr.com/banner-admanager/	27 KB 10 KB	35ms 9ms	Script application/javascript	45.133.44.25 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://js.cabnnr.com/banner-admanager/build.m.js Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/213625dc1e4d87bb8be458a456aa4588.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash 30ede1cc228043f44ef4cecd2425dc96d593c947fb150be39b5382c9f943f94b Request headers Referer https://xblog.tv/ Origin https://xblog.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding gzip last-modified Fri, 04 Feb 2022 11:43:04 GMT server nginx/1.18.0 etag W/"61fd1148-6aa1" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Tue, 08 Feb 2022 19:00:53 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	945dc8e840cb2afccab594d2aae53a2c.js Show response 7eeb1771b0.86b16730f8.com/	89 KB 28 KB	11ms 10ms	Script application/javascript	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://7eeb1771b0.86b16730f8.com/945dc8e840cb2afccab594d2aae53a2c.js Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/213625dc1e4d87bb8be458a456aa4588.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 59f5dd4074b0d19575dda056dde0973134d0301a3e7e78c9a52e06d698183a88 Request headers Referer https://xblog.tv/ Origin https://xblog.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:53 GMT content-encoding gzip last-modified Mon, 07 Feb 2022 13:11:41 GMT server nginx/1.18.0 etag W/"62011a8d-162f7" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Tue, 08 Feb 2022 19:00:53 GMT cache-control max-age=300 x-proxy-cache HIT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1207538348&t=timing&_s=2&dl=https%3A%2F%2Fxblog.tv%2F&ul=en-us&de=UTF-8&dt=XBlog%20-%20Erotic%20celebrities%2C%20influencers%20and%20models%2C%20daily%20updated!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2619&pdt=150&dns=44&rrt=0&srt=679&tcp=73&dit=2199&clt=2199&_gst=1311&_gbt=2016&_cst=968&_cbt=1307&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1781832694.1644346553&tid=UA-90415805-17&_gid=2079820963.1644346553&gtm=2ou220&z=2004655710 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 08 Feb 2022 08:06:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 38968 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	multy Show response 1f5aa5ef25.86b16730f8.com/in/	7 KB 7 KB	242ms 124ms	XHR application/json	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://1f5aa5ef25.86b16730f8.com/in/multy?spot_size=4&spot_id=2574&subid=1075472806&label=1&session_id=00903051-cb0f-4a83-916d-dd517e2c7d58&cpa=1e67f8eb-a67f-4469-b939-fc982b3bfbbb&ver=6.1.0&adblock=0&ad_type=native&iw=225&ih=65&iframe=0&mm=0&pr=&utm_source=&utm_medium=&utm_campaign=&utm_content=&campaign= Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/6bd1a678011c5d309210b533d84a4f72.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.0 / Resource Hash c378fcb4c7daa56b50e1b25edb9c099bd87573a228f9e4503e50c86fd4defa08 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers access-control-allow-origin * pragma no-cache date Tue, 08 Feb 2022 18:55:53 GMT cache-control no-cache, no-store, must-revalidate, no-transform server nginx/1.16.0 content-length 6858 content-type application/json; charset=utf-8
POST H2	200	/ Show response puwpush.com/get/	997 B 1 KB	641ms 612ms	Fetch application/json	2a01:4f8:c0:2306::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://puwpush.com/get/ Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/c98a66caec9aa0c4e9d0d2d993aed504.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:2306::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.16.0 / Resource Hash 18f505a68e14f0795b229760b6d450ddf6fe4bea4646d5304fbb193d1155ec8e Request headers Referer https://xblog.tv/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 08 Feb 2022 18:55:54 GMT server nginx/1.16.0 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers * content-length 997
GET H2	200	dip Show response nereserv.com/in/	0 193 B	42ms 10ms	XHR text/plain	168.119.25.22 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?site=native-push&wl=1&event_id=1f0bc9a4-888c-4cc6-b53a-0285b526cd4a&subid=1245371274&sid=1876837127&spot_id=11757&created_at=2022-02-08&timezone=0&ver=5.5.1&is_native=1 Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/945dc8e840cb2afccab594d2aae53a2c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.22.25.119.168.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 08 Feb 2022 18:55:53 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers * content-length 0
GET H2	200	multy Show response ntvpinp.com/in/	6 KB 6 KB	801ms 775ms	XHR application/json	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ntvpinp.com/in/multy?wl=1&event_id=1f0bc9a4-888c-4cc6-b53a-0285b526cd4a&subid=1245371274&sid=1876837127&spot_id=11757&created_at=2022-02-08&timezone=0&ver=5.5.1&is_native=1&tcid=0&site=native-push&screen_resolution=1600x1200&format=default-slide-b_r-body&adblock=0&testab=0&timezone_olson=Etc%2FUnknown&after_video=0&tu=1&mm=0&default=1 Requested by Host: 7eeb1771b0.86b16730f8.com URL: https://7eeb1771b0.86b16730f8.com/945dc8e840cb2afccab594d2aae53a2c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 041bccb23707fc8057eb8e757cf0d5b79d171647f149a379ebaa604a2c574ba6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 08 Feb 2022 18:55:54 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers * content-length 5980
POST H/1.1	200 OK	p Show response adsco.re/	363 B 859 B	44ms 43ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash cfef45c142db3f29dfcb46cf0c117c5654c6bcf664823c59a3505944979ed290 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers AS-P-G OK Date Tue, 08 Feb 2022 18:55:53 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-H OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK lon223 Access-Control-Allow-Origin https://xblog.tv Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET H2	201	/ 1f5aa5ef25.86b16730f8.com/in/show/	0 82 B	35ms 20ms	Image text/plain	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://1f5aa5ef25.86b16730f8.com/in/show/?&cid=742&session_id=00903051-cb0f-4a83-916d-dd517e2c7d58&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImFkX3Bvc2l0aW9uIjoxLCJhZF90eXBlIjoibmF0aXZlIiwiYXVjdGlvbl9pZCI6ODE1NzQ3MDEwLCJicm93c2VyX2ZhbWlseSI6IkNocm9tZSIsImJyb3dzZXJfbmFtZSI6IkNocm9tZSA5NyIsImNhbXBhaWduX2lkIjo3NDIsImNvdW50cnkiOiJERSIsImNwYyI6MCwiY3BtIjowLjAwNywiY3JlYXRpdmVfaWQiOiI4OGY0NWRmNThmNWMxMjRlZmQzNmI4MzBiYTE4M2E4OCIsImVjcG0iOjAuMDA2Nzg0Mzk5OTk5OTk5OTk5NSwiZXh0X2NyZWF0aXZlX2lkIjoiMjI3NzEyOSIsImZyb21fc3RvcmFnZSI6ZmFsc2UsImlhdCI6MTY0NDM0NjQ4NC4wOTQ3ODUyLCJpcCI6IjIxNy42NC4xNTEuNjkiLCJpc19jcG0iOjEsIm9zX2ZhbWlseSI6IndpbmRvd3MiLCJvc190eXBlIjoiY29tcHV0ZXIiLCJyZXNwb25zZV9zaXplIjowLCJybiI6MSwic2Vzc2lvbl9pZCI6IjAwOTAzMDUxLWNiMGYtNGE4My05MTZkLWRkNTE3ZTJjN2Q1OCIsInNpdGUiOiJ4YmxvZy50diIsInNvdXJjZV9pZCI6MTA3NTQ3MjgwNiwic3BvdF9pZCI6MjU3NCwic3BvdF9zaXplIjo0LCJzdWIiOiJhdWN0aW9uLW5hdGl2ZS1wcm9kIiwidXJsIjoiIiwidXNhZ2VfdHlwZSI6IkRDSCIsInVzZXJfaWQiOjI3NTY3NDk2ODQsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9zb3VyY2UiOiIiLCJ2ZXIiOiI2LjEuMCJ9.1H5mLvvvM9cYjkdHDOJAAo-hXahgCos3YQ5pOhp6qe8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers access-control-allow-origin * date Tue, 08 Feb 2022 18:55:54 GMT server nginx/1.16.0 content-length 0
GET H2	200	p.gif pxl.tsyndicate.com/api/v1/p/	35 B 133 B	40ms 12ms	Image image/gif	136.243.43.25 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SEGUNHhI4YLETQOXNQRA2INWiUoWGjhRgcOMi0oJEjBo0WOXDckBGSDI4YMGDcIGOGhowcIhSOcTPn4AwZNhSGqTPGIcoaN2jcgJFSpggxacj8jBF0aFEYR8OQsXMwJY4ZNRTCqSPGqoyKOgfCgXMQh42cCufAMahjRg4ZJHHAUFgGD50va9uKkOH06Jg2Zd3GIElD68CWB9EqFOPGzUEZcW_EgKmwjZuGOmjE8Lj1cmbCKsXWkcMGcg0bN2wMVVhHhkM0dOjAmaPjxQs6csascZHGjZk3L8yEMWNDjJkYYi7mIBODIwywIWGIcR7DRgwzN97iyDHj4w8yZeykGVPmC508cMr0gDKESx2VOd_M6XHFN5k3d-aASPk-vnE58pujDDl6GAKNANsowz_obBgjDDnkSIPAHhjM6cHAwkjjDDe-UKoH7wqrwUIb5kiDDvPQmI-OHuiYow6y2MjDhTHeaINE4ORoIwwW3eAxDTsWhK_BqdZ6Ay8fFezBiR-DJHGqHoIggoYvfKQDyDJaCMMxIf9bo4w87nhDDjLoI7HGOViEwYWizmSDvDU-HCKNKGJwgooq7DyiChicSCOGNJ4gAo01mKAiihqaOJSOJ6g4Y4Ym0oChBi2IOAOPJogIYgYtjsgChibUWCOKoqLIYo42ijgDByfcsCMIKobIQQ40mqAhjeKWCKKKMwxtoUMh7viijirEIIIJJJI4Cr82HHIRRjhkpNHGv3g8aIvIuthKN6uynFShN-DgFiFvDzvuoDVVOmwMONr4QlyfdEh3JYXksEOwGegSoQx2m5WXzYREqKOONBwiY7OTxiBDJDNUEkMGGCYSSaUcROLXDBxeuqGMo9IQjC_CXFjNhaZiEDmm1sJwqIk39EiDDTbCeKEGNkFAwT438NMPhDv5S3cHEHBeDWg8VksBhCBiLOOKMsRY4sSZZ7jBhRlssHkJJKhoggkWQHjzSxCO4HeNN44-MMEyXshh6jUrgsuFyUCYgjgI04h66qr_ilcEIoo4aswvxti776PYGNxvhcKz4ws5yjANoaBqaCpjlerl8KC1aUhcvC_EkMOszRdv442ldJABJc1FICNAq8C1SbNt38AjD8gSz-MxHXKrowy17HUoQDp4HLOFOtw4kSMcXCBjjBuW3Tu8L5ZvXiE6_LWOBhpmqAiiGahv4zWEVst--xpmwEGinchgvIy1vrA2fOy1t4H7uhYPgw0CXbw2K20HEmOv8AynDmwwyFYMh66ZtGtxcvjRG1ongjGABgZ9UEBAAA%3D%3D&r=1&s=ac525b0a0919a4d6c2da57c7bae10cc3edc5f44cac0f18b63725509fabb843b31644346553&w=t Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.43.25 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.25.43.243.136.clients.your-server.de Software nginx / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:54 GMT server nginx x-robots-tag noindex, nofollow content-length 35 content-type image/gif; charset=utf-8
GET H2	200	main.jpg lcdn.tsyndicate.com/images/6/8/12d191127bd5c376606cd1b041e9633fd01811/	108 KB 108 KB	67ms 11ms	Image image/jpeg	67.27.158.121 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/6/8/12d191127bd5c376606cd1b041e9633fd01811/main.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.158.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash f80d16c30f10378f0b6cf4e8621370fb6461dc2b15567f54c20540fc64ab08ea Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:54 GMT content-encoding gzip last-modified Tue, 13 Oct 2020 14:39:05 GMT server nginx age 28260448 etag W/"5f85bc09-1b1fb" vary Accept-Encoding content-type image/jpeg accept-ranges bytes x-robots-tag noindex, nofollow content-length 110630
GET H2	200	11.jpg tn.voyeurhit.com/contents/videos_screenshots/31000/31484/240x180/	11 KB 11 KB	47ms 7ms	Image image/jpeg	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tn.voyeurhit.com/contents/videos_screenshots/31000/31484/240x180/11.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 36c5f1179ed0197ba050a760f6f039ede3a3ff04edbe8696ae9ae2caefd7d048 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:54 GMT last-modified Mon, 04 Aug 2014 14:48:12 GMT server nginx/1.18.0 etag "53df9d2c-2b33" content-type image/jpeg access-control-allow-origin * expires Mon, 09 May 2022 18:55:54 GMT cache-control max-age=7776000 accept-ranges bytes content-length 11059 x-proxy-cache HIT
GET H2	200	3.jpg tn.voyeurhit.com/contents/videos_screenshots/31000/31511/240x180/	12 KB 12 KB	53ms 12ms	Image image/jpeg	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tn.voyeurhit.com/contents/videos_screenshots/31000/31511/240x180/3.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 264e16fa5aafefe1e2d22c62b4783af1e30217602c9881e4d3b12ce954403a26 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:54 GMT last-modified Mon, 04 Aug 2014 15:47:04 GMT server nginx/1.18.0 etag "53dfaaf8-2faa" content-type image/jpeg access-control-allow-origin * expires Mon, 09 May 2022 18:55:54 GMT cache-control max-age=7776000 accept-ranges bytes content-length 12202 x-proxy-cache HIT
GET H2	200	1.jpg tn.hdzog.com/contents/videos_screenshots/2122000/2122787/300x169/	24 KB 24 KB	57ms 6ms	Image image/jpeg	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tn.hdzog.com/contents/videos_screenshots/2122000/2122787/300x169/1.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash e1930243c8613f6593ecf0f1558f33a4e44b91aef65ee31306a7915f95faacd5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:54 GMT last-modified Thu, 05 Aug 2021 10:36:06 GMT server nginx/1.18.0 etag "610bbf16-5f71" content-type image/jpeg access-control-allow-origin * expires Mon, 09 May 2022 18:55:54 GMT cache-control max-age=7776000 accept-ranges bytes content-length 24433 x-proxy-cache HIT
GET H2	200	POAd.htm Show response premiumvertising.com/	44 B 140 B	182ms 130ms	Script text/javascript	162.252.214.11 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://premiumvertising.com/POAd.htm?_=BAoAYgK8uQFiAry5gAGBAsAAIOp_FtoMaPmu5L4Lgt9R2Un1mTh4VzlAENiIjmAYWwshwQBHMEUCIQCZ1kFbZ3si2alFN8kQ80VrqLQBGXWEhopA0JGnuAZCJgIgYAoXGZezKJfhSiVup63Pqi2JfBDv-cEao9GdrjZhbOHCACCtoBXYl48r-Rz-nO1ibGj70nsGvC_-gjYWvmVdOKm3qMQAECABCsgAID0AEBEz9EIzQUjFABBec85CNPOfGbC8TuKNlfNdwwBHMEUCIQCI7GT0YzmIOBkIKiYzCfnnh-C84t-t7y7TSiU5myvpJAIgaCkpCQ2EsehJ7Q5brAAgxukck2FKEdU2FNDLsJt5Ofo&v=4&XZJtlcnT=4721366&minBid=&lXBwaFyO=0:1,0&OqhwpgEU=&yuRhmFCV=&s=1600,1200,1,1600,1200,0 Requested by Host: www.premiumvertising.com URL: https://www.premiumvertising.com/gitgraph.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.252.214.11 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers access-control-allow-origin * date Tue, 08 Feb 2022 18:55:54 GMT popads-ec ASB asf 9 content-length 44 content-type text/javascript;charset=UTF-8
GET H2	200	img.php img.cdn.house/ Redirect Chain https://ntvpforever.com/in/show/?mid=145046064&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1245371274&sid=1876837127&cid=1945&price=0.0004&is_cpm=0&cpm=0&ecpm=0.003887803219365006&crid=... https://img.cdn.house/img.php?v=2&id=eyJpY29uIjoiNjIwMTE3YTBhNjE1My5wbmciLCJ1aWQiOjIxMzAxLCJjaWQiOjEwNTc3LCJvcyI6MTQsImJyb3dzZXIiOjE4LCJjb3VudHJ5Ijo1Niwib3BlcmF0b3IiOjk5OTksInN1YkFjYyI6Nzg1OTU1MTk4...	6 KB 6 KB	57ms 11ms	Image image/webp	88.99.166.214 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.cdn.house/img.php?v=2&id=eyJpY29uIjoiNjIwMTE3YTBhNjE1My5wbmciLCJ1aWQiOjIxMzAxLCJjaWQiOjEwNTc3LCJvcyI6MTQsImJyb3dzZXIiOjE4LCJjb3VudHJ5Ijo1Niwib3BlcmF0b3IiOjk5OTksInN1YkFjYyI6Nzg1OTU1MTk4LCJzdWJJZCI6MCwiYWR2VHlwZSI6MSwidHJhZmZpY0NoYW5uZWwiOjJ9 Protocol H2 Server 88.99.166.214 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.214.166.99.88.clients.your-server.de Software nginx / Resource Hash 4a35673065dd709e223696066bde65ca1faa1d304f02958ec398abf6aba90faa Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:54 GMT cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 last-modified Mon, 07 Feb 2022 13:26:03 GMT server nginx accept-ranges bytes content-length 5954 content-type image/webp Redirect headers pragma no-cache date Tue, 08 Feb 2022 18:55:54 GMT server nginx/1.18.0 access-control-allow-origin * vary Origin access-control-allow-methods * location https://img.cdn.house/img.php?v=2&id=eyJpY29uIjoiNjIwMTE3YTBhNjE1My5wbmciLCJ1aWQiOjIxMzAxLCJjaWQiOjEwNTc3LCJvcyI6MTQsImJyb3dzZXIiOjE4LCJjb3VudHJ5Ijo1Niwib3BlcmF0b3IiOjk5OTksInN1YkFjYyI6Nzg1OTU1MTk4LCJzdWJJZCI6MCwiYWR2VHlwZSI6MSwidHJhZmZpY0NoYW5uZWwiOjJ9 cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers * content-length 0
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6dacaa045e8c49aa1c688ba2cb6e436a0b180a96971d8ca842f7948cc7d2ca08 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame FE1C	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	Y9TT6qdU-minify.jpg 12112336.pix-cdn.org/m/p/0/284/284317/conversions/ Frame FE1C	10 KB 10 KB	42ms 7ms	Image image/jpeg	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://12112336.pix-cdn.org/m/p/0/284/284317/conversions/Y9TT6qdU-minify.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.12.2 / Resource Hash 5d8ad6b4a4770bdfcfa78c1ce44f3a9d6418428d051b32346aecb361072ad9c0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 08 Feb 2022 18:55:54 GMT last-modified Thu, 03 Feb 2022 09:08:32 GMT server nginx/1.12.2 etag "61fb9b90-2742" content-type image/jpeg expires 0 cache-control no-cache, no-store, must-revalidate accept-ranges bytes content-length 10050 x-proxy-cache HIT
GET DATA	200 OK	truncated / Frame FE1C	483 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	cXXYZD6o-minify.jpg 12112336.pix-cdn.org/m/p/0/284/284314/conversions/ Frame FE1C Redirect Chain https://ntvpforever.com/in/show/?mid=145046064&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1245371274&sid=1876837127&cid=1695&price=0&is_cpm=1&cpm=0.0199&ecpm=0.01884331&crid=&crtid=540... https://pn.tube911.com/in/in_page_shows/?cipaci=3711&cipai=1421&url=https%3A%2F%2F12112336.pix-cdn.org%2Fm%2Fp%2F0%2F284%2F284314%2Fconversions%2FcXXYZD6o-minify.jpg&out_name=85625%7C17722%7Ccpm%7C... https://12112336.pix-cdn.org/m/p/0/284/284314/conversions/cXXYZD6o-minify.jpg	2 KB 3 KB	6ms 6ms	Image image/jpeg	45.133.44.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://12112336.pix-cdn.org/m/p/0/284/284314/conversions/cXXYZD6o-minify.jpg Protocol H2 Server 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.12.2 / Resource Hash 945e224614dc229c56c67eeb56d0f3ee7c089ddfe9455ff8c9a594e1ef560df0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 08 Feb 2022 18:55:54 GMT last-modified Thu, 03 Feb 2022 09:08:18 GMT server nginx/1.12.2 etag "61fb9b82-987" content-type image/jpeg expires 0 cache-control no-cache, no-store, must-revalidate accept-ranges bytes content-length 2439 x-proxy-cache HIT Redirect headers location https://12112336.pix-cdn.org/m/p/0/284/284314/conversions/cXXYZD6o-minify.jpg date Tue, 08 Feb 2022 18:55:53 GMT access-control-allow-credentials true server nginx/1.20.1 access-control-allow-origin * content-length 0 content-type application/json
GET H2	200	iSBGD4MyOwjaQ441vQvabnkIjNdc_d2GfPYSfpPIF5MWNcmcpdsA_MOIAIQ3LoabxtsBKqUigvztQLiwGeG4WxaXmKTcubudcAlxS7UuK39vsMwg5Yf_QiKGot_ABdfPjnXSDQ Show response 7003.winternewsnow.name/ Redirect Chain https://7003.winternewsnow.name/iSBGD4MyOwjaQ441vQvabnkIjNdc_d2GfPYSfpPIF5MWNcmcpdsA_MOIAIQ3LoabxtsBKqUigvztQLiwGeG4WxaXmKTcubudcAlxS7UuK39vsMwg5Yf_QiKGot_ABdfPjnXSDQ?kws=xblog%2Cerotic%2Ccelebriti... https://7003.winternewsnow.name/iSBGD4MyOwjaQ441vQvabnkIjNdc_d2GfPYSfpPIF5MWNcmcpdsA_MOIAIQ3LoabxtsBKqUigvztQLiwGeG4WxaXmKTcubudcAlxS7UuK39vsMwg5Yf_QiKGot_ABdfPjnXSDQ?kws=xblog%2Cerotic%2Ccelebriti...	1 KB 2 KB	39ms 39ms	XHR text/plain	88.208.59.103 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://7003.winternewsnow.name/iSBGD4MyOwjaQ441vQvabnkIjNdc_d2GfPYSfpPIF5MWNcmcpdsA_MOIAIQ3LoabxtsBKqUigvztQLiwGeG4WxaXmKTcubudcAlxS7UuK39vsMwg5Yf_QiKGot_ABdfPjnXSDQ?kws=xblog%2Cerotic%2Ccelebrities%2Cinfluencers%2Cmodels%2Cdaily%2Cupdated&abl=0&fsb=0&pageUri=https%3A%2F%2Fxblog.tv%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%224%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Tue%20Feb%2008%202022%2018%3A55%3A53%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1&_h=pragma%3A+no-cache%0Acache-control%3A+no-cache%0Aaccept-language%3A+de-DE%2Cde%3Bq%3D0.9%0Aaccept%3A+%2A%2F%2A%0Aorigin%3A+https%3A%2F%2Fxblog.tv%0Asec-fetch-site%3A+cross-site%0Asec-fetch-mode%3A+cors%0Asec-fetch-dest%3A+empty%0Aaccept-encoding%3A+gzip%2C+deflate%2C+br%0A%0A Protocol H2 Server 88.208.59.103 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash cf637b937d76245535e729b3132f940663316998ad2e77a5b73b524c9cdbea75 Request headers Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:56 GMT content-encoding gzip p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-max-age 86400 pragma no-cache referrer-policy unsafe-url last-modified Tue, 08 Feb 2022 18:55:56 UTC server nginx vary Accept-Encoding accept-ch-lifetime 31536000 content-type text/plain; charset=UTF-8 access-control-allow-origin https://xblog.tv cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory expires Tue, 08 Feb 2022 18:55:56 UTC Redirect headers date Tue, 08 Feb 2022 18:55:56 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-length 0 pragma no-cache referrer-policy unsafe-url last-modified Tue, 08 Feb 2022 18:55:56 UTC server nginx location /iSBGD4MyOwjaQ441vQvabnkIjNdc_d2GfPYSfpPIF5MWNcmcpdsA_MOIAIQ3LoabxtsBKqUigvztQLiwGeG4WxaXmKTcubudcAlxS7UuK39vsMwg5Yf_QiKGot_ABdfPjnXSDQ?kws=xblog%2Cerotic%2Ccelebrities%2Cinfluencers%2Cmodels%2Cdaily%2Cupdated&abl=0&fsb=0&pageUri=https%3A%2F%2Fxblog.tv%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%224%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Tue%20Feb%2008%202022%2018%3A55%3A53%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1&_h=pragma%3A+no-cache%0Acache-control%3A+no-cache%0Aaccept-language%3A+de-DE%2Cde%3Bq%3D0.9%0Aaccept%3A+%2A%2F%2A%0Aorigin%3A+https%3A%2F%2Fxblog.tv%0Asec-fetch-site%3A+cross-site%0Asec-fetch-mode%3A+cors%0Asec-fetch-dest%3A+empty%0Aaccept-encoding%3A+gzip%2C+deflate%2C+br%0A%0A access-control-max-age 86400 accept-ch-lifetime 31536000 content-type text/plain; charset=UTF-8 access-control-allow-origin https://xblog.tv cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory expires Tue, 08 Feb 2022 18:55:56 UTC
GET H2	200	ls Show response stream.bantgoau.com/yt/ Frame CAC8 Redirect Chain https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiw... https://rtbbnr.com/banner/in/show/?mid=1716219915&pid=0&site=11875&sc=DE&usage_type=DCH&subid=1523638406&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.039408284023669&ecpm=0.039408284023669&crid=&crtid=d4... https://tcimp.zog.link/in/banners?katds_ep=IG0BlG2x9mrWqIkjKXOtwyHH2pbug0PobSeaA68sj01mMHrfRcpLPWvjoNeyp0kG3RVRvFAe0vq9FPBQJZY1MqEK5lgyZQHgrtgyaEmVHlF7ZAAqODGeUXIHPu1G1AMDCbGuowo60bwLvCQ8HtmTwHiAxI... https://tb.baimgfroggd.site/in/1816/?user_id=eb9d2febbe40555d02d3583ba9df566827bcca2c&bid=0.060340&katds_labels=&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14&ts=1644346556 https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%2...	8 KB 4 KB	163ms 81ms	Document text/html	2606:4700:3033::ac43:b8ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1414646&sp=0.060340&spp=1000&se=impression&vi=hImRq5HqeCk&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644346556&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14 Requested by Host: js.cabnnr.com URL: https://js.cabnnr.com/banner-admanager/build.m.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:b8ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e07457c9f454ce2e6145208310279a87aa57debf4d5284baa010a6db0faea5d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://xblog.tv/ Response headers date Tue, 08 Feb 2022 18:55:57 GMT content-type text/html; charset=utf-8 access-control-allow-credentials true access-control-allow-origin * via 1.1 google cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8%2F2VHWwh5uHgE7PipGhTgNbrzq396mR8uoNf5y3BU9Zp5hM8x1QX9dPBdllVTDgBWC2Qre%2B%2FgMbu%2Fd9VBCEVqmgw%2FrSk6isDXxQATuz%2BXeJmCkaKHn%2FWcgT%2FnKn6ppzJQnHcI0PQ76dW%2B8C9KbGjH8X"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6da7133e1c88775c-LHR content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers server nginx/1.17.2 date Tue, 08 Feb 2022 18:55:57 GMT content-type text/html; charset=UTF-8 content-length 0 location https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1414646&sp=0.060340&spp=1000&se=impression&vi=hImRq5HqeCk&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644346556&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14 pragma no-cache vary * cache-control no-cache, no-store, must-revalidate
GET H3	200	bundle15.js Show response stream.bantgoau.com/files/ytls/ Frame CAC8	2 MB 612 KB	91ms 42ms	Script application/javascript	2606:4700:3033::ac43:b8ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stream.bantgoau.com/files/ytls/bundle15.js Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1414646&sp=0.060340&spp=1000&se=impression&vi=hImRq5HqeCk&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644346556&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:b8ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa42619620e84115cab469b5ef674b4acf887df690b2af613592f80700378a97 Request headers Accept-Language de-DE,de;q=0.9 Referer https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1414646&sp=0.060340&spp=1000&se=impression&vi=hImRq5HqeCk&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644346556&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:57 GMT via 1.1 google cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 26 Jan 2022 15:01:34 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uFY8DdYei9uNe6m4%2Fd4M1xiz1Fwhp7Y1xkXY8qVKb8RJplBHgecz3PEZLs%2FtVcd%2FNpIywFmr8vggiGnwH03bJs%2BGkSoXoLsvZFyVFuJogqR6JvbV%2BtF4iWsXyf71h39OI8nk%2FAJwBmDORD3dAgqN70%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=14400 cf-ray 6da7133efb643745-MXP expires Tue, 08 Feb 2022 22:55:57 GMT
GET H2	200	VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff lh3.googleusercontent.com/ Frame CAC8	39 KB 39 KB	73ms 12ms	Image image/jpeg	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1414646&sp=0.060340&spp=1000&se=impression&vi=hImRq5HqeCk&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644346556&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://stream.bantgoau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 17:00:22 GMT x-content-type-options nosniff age 6935 content-disposition inline;filename="unnamed.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39552 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 09 Feb 2022 05:00:22 GMT
GET H2	200	/ Show response vs.bantgoau.com/sts/ Frame CAC8	2 B 229 B	65ms 17ms	XHR application/json	2a02:128:7:4777::1 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1414646&sp=0.060340&spp=1000&se=impression&vi=hImRq5HqeCk&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644346556&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14&type=impression&g_referer=https://xblog.tv Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/files/ytls/bundle15.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:128:7:4777::1 , Czech Republic, ASN50245 (SERVEREL-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept-Language de-DE,de;q=0.9 Referer https://stream.bantgoau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers access-control-allow-origin * date Tue, 08 Feb 2022 18:55:57 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server nginx/1.20.1 content-length 2 content-type application/json
GET H3	200	bundle16.js Show response stream.bantgoau.com/files/ytls/ Frame 3E98	158 KB 59 KB	38ms 36ms	Script application/javascript	2606:4700:3033::ac43:b8ea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stream.bantgoau.com/files/ytls/bundle16.js Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/files/ytls/bundle15.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:b8ea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fdb5c013534fe38c9ed3464f25570406849297e073c027b338a1ef92e8f31027 Request headers Accept-Language de-DE,de;q=0.9 Referer https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1414646&sp=0.060340&spp=1000&se=impression&vi=hImRq5HqeCk&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644346556&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers cf-ray 6da71344686c3745-MXP date Tue, 08 Feb 2022 18:55:58 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 26 Jan 2022 15:01:36 GMT server cloudflare age 6971 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zx1bim8z9loYey%2BPyMHawlCZD%2FFY8IhrbFOVkyn%2F2ansMR%2BvI7RBvHcCHQVnL3mGCCbEHnX5T117c%2F6VtaPkUpwu3qbfObVSMfQtSv2Dk%2FF8Ky0Ns3c35ytBRMnJ2eUOzNvANU05io4cQRyY%2B5eE7yG"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	url Show response www.google.com/ Frame 4954	603 B 1 KB	62ms 34ms	Document text/html	2a00:1450:4001:811::2004
General Check archive.org Show headers Download Go to Full URL https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/hImRq5HqeCk%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1 Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/files/ytls/bundle16.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2004 -, , ASN (), Reverse DNS Software gws / Resource Hash d98483b466bdc9c4632e245b61849e78bb258ffffe397f808c7b4b6c218521bb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://stream.bantgoau.com/ Response headers location https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 cache-control private content-type text/html; charset=UTF-8 strict-transport-security max-age=31536000 bfcache-opt-in unload p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." date Tue, 08 Feb 2022 18:55:58 GMT server gws content-length 603 x-xss-protection 0 expires Tue, 08 Feb 2022 18:55:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	hImRq5HqeCk Show response www.youtube.com/embed/ Frame 4954	62 KB 27 KB	507ms 109ms	Document text/html	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Requested by Host: www.google.com URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/hImRq5HqeCk%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software ESF / Resource Hash 4598ac5120578f644d9ddbed092ccd93d6cbb427265d470d62ddb33def148747 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ Response headers content-type text/html; charset=utf-8 x-content-type-options nosniff cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 08 Feb 2022 18:55:59 GMT strict-transport-security max-age=31536000 cross-origin-opener-policy-report-only same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version report-to {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]} permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." content-encoding br server ESF x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	www-player-webp.css www.youtube.com/s/player/326d75a6/ Frame 4954	341 KB 47 KB	23ms 7ms	Stylesheet text/css	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/326d75a6/www-player-webp.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software sffe / Resource Hash 780b00bc569866c124b568e32a48f939b79b7fd4a4278e47c4fa593f373c6752 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 16:48:30 GMT content-encoding br x-content-type-options nosniff age 94049 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47768 x-xss-protection 0 last-modified Mon, 07 Feb 2022 01:23:39 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 07 Feb 2023 16:48:30 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/326d75a6/www-embed-player.vflset/ Frame 4954	282 KB 85 KB	20ms 6ms	Script text/javascript	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/326d75a6/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software sffe / Resource Hash e193190c97b8e3027b8296a02c72b29e63dcfadfa7b3139eb4d21f993fd934cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 16:48:30 GMT content-encoding br x-content-type-options nosniff age 94049 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87003 x-xss-protection 0 last-modified Mon, 07 Feb 2022 01:23:39 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 07 Feb 2023 16:48:30 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/ Frame 4954	2 MB 537 KB	28ms 15ms	Script text/javascript	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software sffe / Resource Hash e9ad3df66a9e5cc9edfaa0ac39cb8309e47d5805912ef723c0e24778390fba00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 16:48:52 GMT content-encoding br x-content-type-options nosniff age 94027 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 549612 x-xss-protection 0 last-modified Mon, 07 Feb 2022 01:23:39 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 07 Feb 2023 16:48:52 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/326d75a6/fetch-polyfill.vflset/ Frame 4954	8 KB 3 KB	41ms 27ms	Script text/javascript	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/326d75a6/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software sffe / Resource Hash de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 17:18:59 GMT content-encoding br x-content-type-options nosniff age 5820 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2830 x-xss-protection 0 last-modified Mon, 07 Feb 2022 01:23:39 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 08 Feb 2023 17:18:59 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 4954	15 KB 15 KB	23ms 7ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 17:06:41 GMT x-content-type-options nosniff age 6558 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 08 Feb 2023 17:06:41 GMT
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 4954 Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	30ms 14ms	XHR application/json	2a00:1450:4001:812::2002
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Server 2a00:1450:4001:812::2002 -, , ASN (), Reverse DNS Software cafe / Resource Hash 6700546df673d7748104f1d6e06655d9778b49e061898668836e12dd8b7be705 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:59 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 08 Feb 2022 18:55:59 GMT x-content-type-options nosniff access-control-allow-origin https://www.youtube.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 4954	29 B 587 B	33ms 9ms	Script text/javascript	2a00:1450:4001:812::2006
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2006 -, , ASN (), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:44:18 GMT x-content-type-options nosniff age 701 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 08 Feb 2022 18:59:18 GMT
GET H3	200	Z_dKjKIC5vPizOTAdrIbp4Sz2qmP_FAuXia3LHHymds.js Show response www.google.com/js/th/ Frame 4954	35 KB 13 KB	25ms 8ms	Script text/javascript	2a00:1450:4001:811::2004
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/Z_dKjKIC5vPizOTAdrIbp4Sz2qmP_FAuXia3LHHymds.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 -, , ASN (), Reverse DNS Software sffe / Resource Hash 67f74a8ca202e6f3e2cce4c076b21ba784b3daa98ffc502e5e26b72c71f299db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 23:56:59 GMT content-encoding br x-content-type-options nosniff age 68340 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13703 x-xss-protection 0 last-modified Thu, 27 Jan 2022 13:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 07 Feb 2023 23:56:59 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/ Frame 4954	26 KB 8 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software sffe / Resource Hash ce65346df8fe6fae2741ef14502d77e8689498ec92d24ab0ae93effa7ccb802c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 16:48:56 GMT content-encoding br x-content-type-options nosniff age 94023 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7708 x-xss-protection 0 last-modified Mon, 07 Feb 2022 01:23:39 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 07 Feb 2023 16:48:56 GMT
POST H3	200	player Show response www.youtube.com/youtubei/v1/ Frame 4954	47 KB 19 KB	83ms 82ms	XHR application/json	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software ESF / Resource Hash 9506eca76cb9b637baecd6566e1058618aa19aa610146ff37eb9bb23dd0c9db9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220206.00.00 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 X-Goog-Visitor-Id CgtkaGVqY1c2QUMyVSi_-YqQBg%3D%3D Content-Type application/json Response headers date Tue, 08 Feb 2022 18:55:59 GMT content-encoding br x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19074 x-xss-protection 0 expires Tue, 08 Feb 2022 18:55:59 GMT
GET DATA	200 OK	truncated / Frame 4954	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	H4fDqCLqoyMibiqmww-tOcig4YJtwncuCsbWQ7XkItR8RZftkHayEDfd0iN_CzXLoIAwQm_unWA=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame 4954	2 KB 2 KB	36ms 9ms	Image image/jpeg	2a00:1450:4001:812::2001
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/H4fDqCLqoyMibiqmww-tOcig4YJtwncuCsbWQ7XkItR8RZftkHayEDfd0iN_CzXLoIAwQm_unWA=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 -, , ASN (), Reverse DNS Software fife / Resource Hash 7ffcf0895b8ea526b60a6441abf437399be9fb8adef6216aa85d0c2d1ce8ec1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:18:27 GMT x-content-type-options nosniff age 2252 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1779 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 09 Feb 2022 18:18:27 GMT
GET DATA	200 OK	truncated / Frame 4954	181 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	204	generate_204 www.youtube.com/ Frame 4954	0 9 B	12ms 10ms	Image text/plain	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?hrTh_Q Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:55:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
POST H3	204	qoe www.youtube.com/api/stats/ Frame 4954	0 19 B	16ms 15ms	Ping text/html	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/qoe?fmt=243&afmt=140&cpn=-02tiPJCRcMxPDte&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24094608%2C24134463%2C24135310%2C24158011&cl=426482019&live=live&seq=1&docid=hImRq5HqeCk&ei=v7wCYvbDMvH8xN8Pga6jyA0&event=streamingstats&plid=AAXXhkSWbUjMOWNJ&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&cbr=Chrome&cbrver=97.0.4692.71&c=WEB_EMBEDDED_PLAYER&cver=1.20220206.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.008:B,0.145:S,0.152:S,0.152:S&cmt=0.008:0.000,0.145:0.000,0.152:0.000&afs=0.152:140::i&vfs=0.152:243:243::r&view=0.152:1:1&bwe=0.152:130000&bat=0.152:1:1&vis=0.152:0&bh=0.152:0.000 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 08 Feb 2022 18:55:59 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	remote.js Show response www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/ Frame 4954	97 KB 30 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software sffe / Resource Hash d432a68b01671fb48e75f9597c8e471ed812857bbb50ad421909fa107515cefd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 16:48:54 GMT content-encoding br x-content-type-options nosniff age 94025 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30822 x-xss-protection 0 last-modified Mon, 07 Feb 2022 01:23:39 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 07 Feb 2023 16:48:54 GMT
GET H3	200	endscreen.js Show response www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/ Frame 4954	26 KB 7 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/endscreen.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software sffe / Resource Hash 55e638526efce73afe9479009e2637d882faa480b233d85f1ac798f2339a9a86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 16:51:30 GMT content-encoding br x-content-type-options nosniff age 93869 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7231 x-xss-protection 0 last-modified Mon, 07 Feb 2022 01:23:39 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 07 Feb 2023 16:51:30 GMT
GET H3	200	heartbeat.js Show response www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/ Frame 4954	27 KB 9 KB	12ms 11ms	Script text/javascript	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/heartbeat.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software sffe / Resource Hash 8c28f4142df3d53423a64e6c3bdb45e2d0f5026b6c3e7854521b70a9ebee82af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 07 Feb 2022 17:18:08 GMT content-encoding br x-content-type-options nosniff age 92271 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9244 x-xss-protection 0 last-modified Mon, 07 Feb 2022 01:23:39 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 07 Feb 2023 17:18:08 GMT
POST H3	200	next Show response www.youtube.com/youtubei/v1/ Frame 4954	64 KB 5 KB	191ms 190ms	XHR application/json	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software ESF / Resource Hash e22f78e30ea03720b979f051151f6b8e16a6d09bfc3d9b2c50c5d6b337d0b5fe Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220206.00.00 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 X-Goog-Visitor-Id CgtkaGVqY1c2QUMyVSi_-YqQBg%3D%3D Content-Type application/json Response headers date Tue, 08 Feb 2022 18:56:00 GMT content-encoding br x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5462 x-xss-protection 0 expires Tue, 08 Feb 2022 18:56:00 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 4954	4 KB 3 KB	83ms 61ms	Script text/javascript	2a00:1450:4001:808::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 18:56:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 08 Feb 2022 18:56:00 GMT
GET H/1.1	200 OK	videoplayback Show response rr2---sn-4g5lzney.googlevideo.com/ Frame 4954	42 KB 43 KB	61ms 8ms	XHR video/webm	2a00:1450:4001:1b::7
General Check archive.org Show headers Download Go to Full URL https://rr2---sn-4g5lzney.googlevideo.com/videoplayback?expire=1644368159&ei=v7wCYvbDMvH8xN8Pga6jyA0&ip=2001%3Aac8%3A20%3A3d00%3A1011%3A33f4%3A4233%3A4148&id=hImRq5HqeCk.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=M2&mm=44%2C26&mn=sn-4g5lzney%2Csn-aigzrn7d&ms=lva%2Conr&mv=m&mvi=2&pl=49&initcwndbps=230000&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=M3zn5hIdh7FWzeAaZKX4cZkG&gir=yes&mt=1644346128&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=jE_pWAYlsdxcmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgNVyAA_zlESRIoUQoWr-Mj6l1ybOef1JArTDlKX18xdoCIFkbJIpx01q_wLCbOoi3KhQFBHIDEdbUIp_CRdLu934-&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPbrnC4v6b37gF6YPbvnIEtsr20gANWpHji_hkkTqoM9AiB8ZfxKEjrFub8pbo5falgbVg3SKHPzxEjVC3hI10rvZA%3D%3D&alr=yes&cpn=-02tiPJCRcMxPDte&cver=1.20220206.00.00&headm=3&rn=1&rbuf=0 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:1b::7 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash 3ea0ae562fd9933fa80b38f3f1c8c5a202a86b301ddb116d8106b23659f2a421 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers X-Sequence-Num 1155 Date Tue, 08 Feb 2022 18:56:00 GMT X-Content-Type-Options nosniff X-Segment-Lmt 1644344247232307 X-Bandwidth-Est 2999503 X-Bandwidth-App-Limited false Cross-Origin-Resource-Policy cross-origin X-Bandwidth-Est2 941543 Connection keep-alive X-Walltime-Ms 1644346560026 Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 42868 X-Bandwidth-Est3 1432417 Pragma no-cache X-Bandwidth-Est-Comp 941543 Last-Modified Tue, 08 Feb 2022 18:17:27 GMT Server gvs 1.0 Vary Origin Content-Type video/webm Access-Control-Allow-Origin https://www.youtube.com X-Head-Time-Sec 2314 Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control no-cache, must-revalidate Access-Control-Allow-Credentials true X-Head-Seqnum 1158 Accept-Ranges bytes Timing-Allow-Origin https://www.youtube.com X-Head-Time-Millis 2314647 X-Bandwidth-Est-App-Limited false Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	videoplayback Show response rr2---sn-4g5lzney.googlevideo.com/ Frame 4954	42 KB 43 KB	64ms 11ms	XHR audio/mp4	2a00:1450:4001:1b::7
General Check archive.org Show headers Download Go to Full URL https://rr2---sn-4g5lzney.googlevideo.com/videoplayback?expire=1644368159&ei=v7wCYvbDMvH8xN8Pga6jyA0&ip=2001%3Aac8%3A20%3A3d00%3A1011%3A33f4%3A4233%3A4148&id=hImRq5HqeCk.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=M2&mm=44%2C26&mn=sn-4g5lzney%2Csn-aigzrn7d&ms=lva%2Conr&mv=m&mvi=2&pl=49&initcwndbps=230000&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=M3zn5hIdh7FWzeAaZKX4cZkG&gir=yes&mt=1644346128&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=jE_pWAYlsdxcmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbFOXwbKTHamJfqgiLeTA6OedxwgR3YOyHZtLiXNmYxECIBI6hn6SV_Q82_wuBaBLGACeQr25UbZXhc3ACo5t1rS1&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPbrnC4v6b37gF6YPbvnIEtsr20gANWpHji_hkkTqoM9AiB8ZfxKEjrFub8pbo5falgbVg3SKHPzxEjVC3hI10rvZA%3D%3D&alr=yes&cpn=-02tiPJCRcMxPDte&cver=1.20220206.00.00&headm=3&rn=2&rbuf=0 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:1b::7 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash 77339d1d059ede4f1a0a55f667bef7f8d894a22245dd673cb3292fe3ad00f6a2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers X-Sequence-Num 1155 Date Tue, 08 Feb 2022 18:56:00 GMT X-Content-Type-Options nosniff X-Segment-Lmt 1644344247232297 X-Bandwidth-Est 3027063 X-Bandwidth-App-Limited false Cross-Origin-Resource-Policy cross-origin X-Bandwidth-Est2 940809 Connection keep-alive X-Walltime-Ms 1644346560026 Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 42732 X-Bandwidth-Est3 1209946 Pragma no-cache X-Bandwidth-Est-Comp 940809 Last-Modified Tue, 08 Feb 2022 18:17:27 GMT Server gvs 1.0 Vary Origin Content-Type audio/mp4 Access-Control-Allow-Origin https://www.youtube.com X-Head-Time-Sec 2314 Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control no-cache, must-revalidate Access-Control-Allow-Credentials true X-Head-Seqnum 1158 Accept-Ranges bytes Timing-Allow-Origin https://www.youtube.com X-Head-Time-Millis 2314647 X-Bandwidth-Est-App-Limited false Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/97/ Frame 4954	53 KB 15 KB	22ms 7ms	Script text/javascript	2a00:1450:4001:808::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/97/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 08 Feb 2022 13:20:12 GMT content-encoding gzip x-content-type-options nosniff age 20148 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15488 x-xss-protection 0 last-modified Mon, 01 Nov 2021 15:04:28 GMT server sffe vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="cloudview-release" expires Wed, 09 Feb 2022 13:20:12 GMT
GET H3	200	videoplayback Show response rr2---sn-4g5lzney.googlevideo.com/ Frame 4954	41 KB 41 KB	25ms 14ms	XHR audio/mp4	2a00:1450:4001:1b::7
General Check archive.org Show headers Download Go to Full URL https://rr2---sn-4g5lzney.googlevideo.com/videoplayback?expire=1644368159&ei=v7wCYvbDMvH8xN8Pga6jyA0&ip=2001%3Aac8%3A20%3A3d00%3A1011%3A33f4%3A4233%3A4148&id=hImRq5HqeCk.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=M2&mm=44%2C26&mn=sn-4g5lzney%2Csn-aigzrn7d&ms=lva%2Conr&mv=m&mvi=2&pl=49&initcwndbps=230000&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=M3zn5hIdh7FWzeAaZKX4cZkG&gir=yes&mt=1644346128&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=jE_pWAYlsdxcmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbFOXwbKTHamJfqgiLeTA6OedxwgR3YOyHZtLiXNmYxECIBI6hn6SV_Q82_wuBaBLGACeQr25UbZXhc3ACo5t1rS1&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPbrnC4v6b37gF6YPbvnIEtsr20gANWpHji_hkkTqoM9AiB8ZfxKEjrFub8pbo5falgbVg3SKHPzxEjVC3hI10rvZA%3D%3D&alr=yes&cpn=-02tiPJCRcMxPDte&cver=1.20220206.00.00&sq=1156&rn=3&rbuf=1917 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:1b::7 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash be79cfe0583413888f611c901c8e0e6f897f4602e58e3aff34b8fb1f1319babc Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-sequence-num 1156 date Tue, 08 Feb 2022 18:56:00 GMT x-content-type-options nosniff x-segment-lmt 1644344247232316 x-bandwidth-app-limited false cross-origin-resource-policy cross-origin x-bandwidth-est2 737249 x-walltime-ms 1644346560087 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42251 x-bandwidth-est3 1209946 x-bandwidth-est-comp 737249 client-protocol quic last-modified Tue, 08 Feb 2022 18:17:27 GMT server gvs 1.0 vary Origin content-type audio/mp4 access-control-allow-origin https://www.youtube.com x-head-time-sec 2314 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true x-head-seqnum 1158 accept-ranges bytes timing-allow-origin https://www.youtube.com x-head-time-millis 2314647 x-bandwidth-est-app-limited false expires Tue, 08 Feb 2022 18:56:00 GMT
GET H3	200	videoplayback Show response rr2---sn-4g5lzney.googlevideo.com/ Frame 4954	41 KB 41 KB	24ms 17ms	XHR video/webm	2a00:1450:4001:1b::7
General Check archive.org Show headers Download Go to Full URL https://rr2---sn-4g5lzney.googlevideo.com/videoplayback?expire=1644368159&ei=v7wCYvbDMvH8xN8Pga6jyA0&ip=2001%3Aac8%3A20%3A3d00%3A1011%3A33f4%3A4233%3A4148&id=hImRq5HqeCk.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=M2&mm=44%2C26&mn=sn-4g5lzney%2Csn-aigzrn7d&ms=lva%2Conr&mv=m&mvi=2&pl=49&initcwndbps=230000&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=M3zn5hIdh7FWzeAaZKX4cZkG&gir=yes&mt=1644346128&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=jE_pWAYlsdxcmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgNVyAA_zlESRIoUQoWr-Mj6l1ybOef1JArTDlKX18xdoCIFkbJIpx01q_wLCbOoi3KhQFBHIDEdbUIp_CRdLu934-&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPbrnC4v6b37gF6YPbvnIEtsr20gANWpHji_hkkTqoM9AiB8ZfxKEjrFub8pbo5falgbVg3SKHPzxEjVC3hI10rvZA%3D%3D&alr=yes&cpn=-02tiPJCRcMxPDte&cver=1.20220206.00.00&sq=1156&rn=4&rbuf=1900 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:1b::7 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash 17040223ac7798609e7fc67e3f6930804a0e309d000845daf8c224371600abad Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-sequence-num 1156 date Tue, 08 Feb 2022 18:56:00 GMT x-content-type-options nosniff x-segment-lmt 1644344247232325 x-bandwidth-app-limited false cross-origin-resource-policy cross-origin x-bandwidth-est2 737249 x-walltime-ms 1644346560087 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42436 x-bandwidth-est3 1432417 x-bandwidth-est-comp 737249 client-protocol quic last-modified Tue, 08 Feb 2022 18:17:27 GMT server gvs 1.0 vary Origin content-type video/webm access-control-allow-origin https://www.youtube.com x-head-time-sec 2314 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true x-head-seqnum 1158 accept-ranges bytes timing-allow-origin https://www.youtube.com x-head-time-millis 2314647 x-bandwidth-est-app-limited false expires Tue, 08 Feb 2022 18:56:00 GMT
GET H3	200	videoplayback Show response rr2---sn-4g5lzney.googlevideo.com/ Frame 4954	40 KB 40 KB	14ms 7ms	XHR video/webm	2a00:1450:4001:1b::7
General Check archive.org Show headers Download Go to Full URL https://rr2---sn-4g5lzney.googlevideo.com/videoplayback?expire=1644368159&ei=v7wCYvbDMvH8xN8Pga6jyA0&ip=2001%3Aac8%3A20%3A3d00%3A1011%3A33f4%3A4233%3A4148&id=hImRq5HqeCk.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=M2&mm=44%2C26&mn=sn-4g5lzney%2Csn-aigzrn7d&ms=lva%2Conr&mv=m&mvi=2&pl=49&initcwndbps=230000&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=M3zn5hIdh7FWzeAaZKX4cZkG&gir=yes&mt=1644346128&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=jE_pWAYlsdxcmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgNVyAA_zlESRIoUQoWr-Mj6l1ybOef1JArTDlKX18xdoCIFkbJIpx01q_wLCbOoi3KhQFBHIDEdbUIp_CRdLu934-&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPbrnC4v6b37gF6YPbvnIEtsr20gANWpHji_hkkTqoM9AiB8ZfxKEjrFub8pbo5falgbVg3SKHPzxEjVC3hI10rvZA%3D%3D&alr=yes&cpn=-02tiPJCRcMxPDte&cver=1.20220206.00.00&sq=1157&rn=5&rbuf=3900 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:1b::7 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash de67c0121f31020e14df3970e2961ba3dc87d15d0ed051653d7082f549a6891a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-sequence-num 1157 date Tue, 08 Feb 2022 18:56:00 GMT x-content-type-options nosniff x-segment-lmt 1644344247232345 x-bandwidth-app-limited false cross-origin-resource-policy cross-origin x-bandwidth-est2 737249 x-walltime-ms 1644346560087 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41071 x-bandwidth-est3 1432417 x-bandwidth-est-comp 737249 client-protocol quic last-modified Tue, 08 Feb 2022 18:17:27 GMT server gvs 1.0 vary Origin content-type video/webm access-control-allow-origin https://www.youtube.com x-head-time-sec 2314 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true x-head-seqnum 1158 accept-ranges bytes timing-allow-origin https://www.youtube.com x-head-time-millis 2314647 x-bandwidth-est-app-limited false expires Tue, 08 Feb 2022 18:56:00 GMT
GET H3	200	videoplayback Show response rr2---sn-4g5lzney.googlevideo.com/ Frame 4954	41 KB 41 KB	26ms 19ms	XHR audio/mp4	2a00:1450:4001:1b::7
General Check archive.org Show headers Download Go to Full URL https://rr2---sn-4g5lzney.googlevideo.com/videoplayback?expire=1644368159&ei=v7wCYvbDMvH8xN8Pga6jyA0&ip=2001%3Aac8%3A20%3A3d00%3A1011%3A33f4%3A4233%3A4148&id=hImRq5HqeCk.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=M2&mm=44%2C26&mn=sn-4g5lzney%2Csn-aigzrn7d&ms=lva%2Conr&mv=m&mvi=2&pl=49&initcwndbps=230000&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=M3zn5hIdh7FWzeAaZKX4cZkG&gir=yes&mt=1644346128&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=jE_pWAYlsdxcmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbFOXwbKTHamJfqgiLeTA6OedxwgR3YOyHZtLiXNmYxECIBI6hn6SV_Q82_wuBaBLGACeQr25UbZXhc3ACo5t1rS1&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPbrnC4v6b37gF6YPbvnIEtsr20gANWpHji_hkkTqoM9AiB8ZfxKEjrFub8pbo5falgbVg3SKHPzxEjVC3hI10rvZA%3D%3D&alr=yes&cpn=-02tiPJCRcMxPDte&cver=1.20220206.00.00&sq=1157&rn=6&rbuf=3917 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:1b::7 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash d7ca4e8f34f14f6165a0f194bb5627197b868d5aac51d42309d0ed1da7b083a2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-sequence-num 1157 date Tue, 08 Feb 2022 18:56:00 GMT x-content-type-options nosniff x-segment-lmt 1644344247232337 x-bandwidth-app-limited false cross-origin-resource-policy cross-origin x-bandwidth-est2 737249 x-walltime-ms 1644346560088 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42252 x-bandwidth-est3 1209946 x-bandwidth-est-comp 737249 client-protocol quic last-modified Tue, 08 Feb 2022 18:17:27 GMT server gvs 1.0 vary Origin content-type audio/mp4 access-control-allow-origin https://www.youtube.com x-head-time-sec 2314 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true x-head-seqnum 1158 accept-ranges bytes timing-allow-origin https://www.youtube.com x-head-time-millis 2314647 x-bandwidth-est-app-limited false expires Tue, 08 Feb 2022 18:56:00 GMT
GET H3	200	videoplayback rr2---sn-4g5lzney.googlevideo.com/ Frame 4954	33 KB 0	44ms 44ms	XHR video/webm	2a00:1450:4001:1b::7
General Check archive.org Show headers Download Go to Full URL https://rr2---sn-4g5lzney.googlevideo.com/videoplayback?expire=1644368159&ei=v7wCYvbDMvH8xN8Pga6jyA0&ip=2001%3Aac8%3A20%3A3d00%3A1011%3A33f4%3A4233%3A4148&id=hImRq5HqeCk.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=M2&mm=44%2C26&mn=sn-4g5lzney%2Csn-aigzrn7d&ms=lva%2Conr&mv=m&mvi=2&pl=49&initcwndbps=230000&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=M3zn5hIdh7FWzeAaZKX4cZkG&gir=yes&mt=1644346128&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=jE_pWAYlsdxcmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgNVyAA_zlESRIoUQoWr-Mj6l1ybOef1JArTDlKX18xdoCIFkbJIpx01q_wLCbOoi3KhQFBHIDEdbUIp_CRdLu934-&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPbrnC4v6b37gF6YPbvnIEtsr20gANWpHji_hkkTqoM9AiB8ZfxKEjrFub8pbo5falgbVg3SKHPzxEjVC3hI10rvZA%3D%3D&alr=yes&cpn=-02tiPJCRcMxPDte&cver=1.20220206.00.00&sq=1158&rn=7&rbuf=5900 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:1b::7 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-sequence-num 1158 date Tue, 08 Feb 2022 18:56:00 GMT x-content-type-options nosniff x-segment-lmt 1644344247232366 x-bandwidth-app-limited false cross-origin-resource-policy cross-origin x-bandwidth-est2 6586975 x-walltime-ms 1644346560200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-bandwidth-est-comp 6586975 expires Tue, 08 Feb 2022 18:56:00 GMT last-modified Tue, 08 Feb 2022 18:17:27 GMT server gvs 1.0 vary Origin content-type video/webm access-control-allow-origin https://www.youtube.com x-head-time-sec 2314 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 x-bandwidth-est3 1153730 x-head-seqnum 1158 access-control-allow-credentials true timing-allow-origin https://www.youtube.com x-head-time-millis 2314647 x-bandwidth-est-app-limited false client-protocol quic
GET		videoplayback rr2---sn-4g5lzney.googlevideo.com/ Frame 4954	0 0
GET H3	200	videoplayback rr2---sn-4g5lzney.googlevideo.com/ Frame 4954	39 KB 0	37ms 36ms	XHR audio/mp4	2a00:1450:4001:1b::7
General Check archive.org Show headers Download Go to Full URL https://rr2---sn-4g5lzney.googlevideo.com/videoplayback?expire=1644368159&ei=v7wCYvbDMvH8xN8Pga6jyA0&ip=2001%3Aac8%3A20%3A3d00%3A1011%3A33f4%3A4233%3A4148&id=hImRq5HqeCk.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=M2&mm=44%2C26&mn=sn-4g5lzney%2Csn-aigzrn7d&ms=lva%2Conr&mv=m&mvi=2&pl=49&initcwndbps=230000&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=M3zn5hIdh7FWzeAaZKX4cZkG&gir=yes&mt=1644346128&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=jE_pWAYlsdxcmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbFOXwbKTHamJfqgiLeTA6OedxwgR3YOyHZtLiXNmYxECIBI6hn6SV_Q82_wuBaBLGACeQr25UbZXhc3ACo5t1rS1&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPbrnC4v6b37gF6YPbvnIEtsr20gANWpHji_hkkTqoM9AiB8ZfxKEjrFub8pbo5falgbVg3SKHPzxEjVC3hI10rvZA%3D%3D&alr=yes&cpn=-02tiPJCRcMxPDte&cver=1.20220206.00.00&sq=1158&rn=9&rbuf=5911 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/326d75a6/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:1b::7 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-sequence-num 1158 date Tue, 08 Feb 2022 18:56:00 GMT x-content-type-options nosniff x-segment-lmt 1644344247232356 x-bandwidth-app-limited false cross-origin-resource-policy cross-origin x-bandwidth-est2 6586975 x-walltime-ms 1644346560201 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-bandwidth-est-comp 6586975 expires Tue, 08 Feb 2022 18:56:00 GMT last-modified Tue, 08 Feb 2022 18:17:27 GMT server gvs 1.0 vary Origin content-type audio/mp4 access-control-allow-origin https://www.youtube.com x-head-time-sec 2314 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 x-bandwidth-est3 927361 x-head-seqnum 1158 access-control-allow-credentials true timing-allow-origin https://www.youtube.com x-head-time-millis 2314647 x-bandwidth-est-app-limited false client-protocol quic
GET		videoplayback rr2---sn-4g5lzney.googlevideo.com/ Frame 4954	0 0
GET H3	204	playback www.youtube.com/api/stats/ Frame 4954	0 17 B	94ms 94ms	Image text/html	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=-02tiPJCRcMxPDte&ver=2&cmt=2308.794&fmt=243&fs=0&rt=0.409&euri=https%3A%2F%2Fwww.google.com%2F&lact=453&live=live&cl=426482019&mos=1&volume=100&cbr=Chrome&cbrver=97.0.4692.71&c=WEB_EMBEDDED_PLAYER&cver=1.20220206.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=5&hl=de_DE&cr=DE&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24094608%2C24134463%2C24135310%2C24158011&rtn=8&afmt=140&lio=1644344243.376&size=1%3A1&inview=0&muted=1&docid=hImRq5HqeCk&ei=v7wCYvbDMvH8xN8Pga6jyA0&plid=AAXXhkSWbUjMOWNJ&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdDcmh1ZGRQZmVxS1NuYjcyNWYwaFF1YzF1V0pPaDJIYjlpZzZYSEhJU09KUWJLQVBta0tES2h0ZG1BbkxvTko0aFRwOGNPdVRTcVg2cWsyRUJDT3lRR2xWZllCYVY3QTJBaFR6ZUdpeV81NHBhUXN0OVJINlRKTHhV Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 08 Feb 2022 18:56:00 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	ptracking www.youtube.com/ Frame 4954	0 19 B	17ms 16ms	Image text/html	2a00:1450:4001:802::200e
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/ptracking?html5=1&video_id=hImRq5HqeCk&cpn=-02tiPJCRcMxPDte&ei=v7wCYvbDMvH8xN8Pga6jyA0&ptk=youtube_none&pltype=contentugclive Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e -, , ASN (), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/hImRq5HqeCk?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 08 Feb 2022 18:56:00 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response vs.bantgoau.com/sts/ Frame 3E98	2 B 228 B	14ms 14ms	XHR application/json	2a02:128:7:4777::1 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FhImRq5HqeCk%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60807&p=0.0100&oid=1414646&sp=0.060340&spp=1000&se=impression&vi=hImRq5HqeCk&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644346556&utm1=tcb&utm2=781889988-1&utm3=195-21720-0&utm4=0-9248212-14&type=view&g_referer=https://xblog.tv Requested by Host: stream.bantgoau.com URL: https://stream.bantgoau.com/files/ytls/bundle16.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:128:7:4777::1 , Czech Republic, ASN50245 (SERVEREL-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept-Language de-DE,de;q=0.9 Referer https://stream.bantgoau.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers access-control-allow-origin * date Tue, 08 Feb 2022 18:55:59 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server nginx/1.20.1 content-length 2 content-type application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

6.adsco.re

URL

https://6.adsco.re/

Domain

4.adsco.re

URL

https://4.adsco.re/

Domain

rr2---sn-4g5lzney.googlevideo.com

URL

https://rr2---sn-4g5lzney.googlevideo.com/videoplayback?expire=1644368159&ei=v7wCYvbDMvH8xN8Pga6jyA0&ip=2001%3Aac8%3A20%3A3d00%3A1011%3A33f4%3A4233%3A4148&id=hImRq5HqeCk.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=M2&mm=44%2C26&mn=sn-4g5lzney%2Csn-aigzrn7d&ms=lva%2Conr&mv=m&mvi=2&pl=49&initcwndbps=230000&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=M3zn5hIdh7FWzeAaZKX4cZkG&gir=yes&mt=1644346128&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=jE_pWAYlsdxcmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgNVyAA_zlESRIoUQoWr-Mj6l1ybOef1JArTDlKX18xdoCIFkbJIpx01q_wLCbOoi3KhQFBHIDEdbUIp_CRdLu934-&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPbrnC4v6b37gF6YPbvnIEtsr20gANWpHji_hkkTqoM9AiB8ZfxKEjrFub8pbo5falgbVg3SKHPzxEjVC3hI10rvZA%3D%3D&alr=yes&cpn=-02tiPJCRcMxPDte&cver=1.20220206.00.00&sq=1159&rn=8&rbuf=7900

Domain

rr2---sn-4g5lzney.googlevideo.com

URL

https://rr2---sn-4g5lzney.googlevideo.com/videoplayback?expire=1644368159&ei=v7wCYvbDMvH8xN8Pga6jyA0&ip=2001%3Aac8%3A20%3A3d00%3A1011%3A33f4%3A4233%3A4148&id=hImRq5HqeCk.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=M2&mm=44%2C26&mn=sn-4g5lzney%2Csn-aigzrn7d&ms=lva%2Conr&mv=m&mvi=2&pl=49&initcwndbps=230000&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=M3zn5hIdh7FWzeAaZKX4cZkG&gir=yes&mt=1644346128&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=jE_pWAYlsdxcmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgbFOXwbKTHamJfqgiLeTA6OedxwgR3YOyHZtLiXNmYxECIBI6hn6SV_Q82_wuBaBLGACeQr25UbZXhc3ACo5t1rS1&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPbrnC4v6b37gF6YPbvnIEtsr20gANWpHji_hkkTqoM9AiB8ZfxKEjrFub8pbo5falgbVg3SKHPzxEjVC3hI10rvZA%3D%3D&alr=yes&cpn=-02tiPJCRcMxPDte&cver=1.20220206.00.00&sq=1159&rn=10&rbuf=7911