49.12.208.158.sslip.io Open in urlscan Pro
49.12.208.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://49.12.208.158.sslip.io/
Submission: On June 24 via api (June 24th 2024, 12:52:32 am UTC) from US — Scanned from DE

Summary HTTP 194 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 25 domains to perform 194 HTTP transactions. The main IP is 49.12.208.158, located in Germany and belongs to HETZNER-AS, DE. The main domain is 49.12.208.158.sslip.io.
TLS certificate: Issued by E6 on June 23rd 2024. Valid for: 3 months.

This is the only time 49.12.208.158.sslip.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	49.12.208.158 49.12.208.158	24940 (HETZNER-AS) (HETZNER-AS)
15	199.232.198.133 199.232.198.133	54113 (FASTLY) (FASTLY)
12 13	62.115.253.43 62.115.253.43	1299 (TWELVE99 ...) (TWELVE99 Arelion)
12	2a02:26f0:710... 2a02:26f0:7100::1720:eedb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:275... 2600:9000:275b:a00:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:236... 2600:9000:236e:a400:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
2	23.43.22.118 23.43.22.118	16625 (AKAMAI-AS) (AKAMAI-AS)
35	2a07:180::8 2a07:180::8	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
21	13.32.121.122 13.32.121.122	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
5	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
5	2600:9000:249... 2600:9000:2491:8a00:1:6448:6d00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::6816:237b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	18.245.31.9 18.245.31.9	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	54.72.245.162 54.72.245.162	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	104.90.26.20 104.90.26.20	16625 (AKAMAI-AS) (AKAMAI-AS)
7	108.138.26.7 108.138.26.7	16509 (AMAZON-02) (AMAZON-02)
194	36

31 49.12.208.158 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.158.208.12.49.clients.your-server.de

49.12.208.158.sslip.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 199.232.198.133 (United States)

ASN54113 (FASTLY, US)

attr-shift.dotabuff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dotabuff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
engage.elo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 62.115.253.43 (Sweden) 12 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

steamcdn-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:7100::1720:eedb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

avatars.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275b:a00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:236e:a400:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.43.22.118 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-22-118.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a07:180::8 (Belize)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

cdn.gin.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 13.32.121.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-122.fra60.r.cloudfront.net

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2491:8a00:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4acf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

elo-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:237b (United States)

ASN13335 (CLOUDFLARENET, US)

static.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gtrack.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-9.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

elo-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.245.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-245-162.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.26.20 (Brussels, Belgium)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-26-20.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 108.138.26.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-7.fra56.r.cloudfront.net

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	primis.tech live.primis.tech — Cisco Umbrella Rank: 2069 video.primis.tech — Cisco Umbrella Rank: 8272 rtb.primis.tech — Cisco Umbrella Rank: 7709	3 MB
35	gin.bet cdn.gin.bet — Cisco Umbrella Rank: 795716	1 MB
31	sslip.io 49.12.208.158.sslip.io	803 KB
13	akamaihd.net 12 redirects steamcdn-a.akamaihd.net — Cisco Umbrella Rank: 41073	18 KB
12	steamstatic.com avatars.steamstatic.com — Cisco Umbrella Rank: 15155	151 KB
9	dotabuff.com attr-shift.dotabuff.com — Cisco Umbrella Rank: 573285 riki.dotabuff.com Failed www.dotabuff.com — Cisco Umbrella Rank: 576042	585 KB
7	doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 431 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 ad.doubleclick.net — Cisco Umbrella Rank: 164	175 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 746	80 KB
6	elo.io engage.elo.io — Cisco Umbrella Rank: 539468
5	kueezrtb.com static.kueezrtb.com — Cisco Umbrella Rank: 11323 track.kueezrtb.com — Cisco Umbrella Rank: 10531 gtrack.kueezrtb.com — Cisco Umbrella Rank: 10523	27 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	38 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83 imasdk.googleapis.com — Cisco Umbrella Rank: 531	139 KB
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 621 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 522	66 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1092	1 KB
2	openx.net elo-d.openx.net — Cisco Umbrella Rank: 775465 u.openx.net — Cisco Umbrella Rank: 830	512 B
2	rubiconproject.com prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1012 eus.rubiconproject.com — Cisco Umbrella Rank: 648	492 B
2	gstatic.com fonts.gstatic.com	24 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1087 api.btloader.com — Cisco Umbrella Rank: 1198	19 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 3065	322 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 356	17 KB
1	videoplayerhub.com 1 redirects elo-io.videoplayerhub.com — Cisco Umbrella Rank: 707989	466 B
1	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 5195	325 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	96 KB
0	rlcdn.com Failed api.rlcdn.com Failed
194	25

	Domain	Requested by
35	cdn.gin.bet
31	49.12.208.158.sslip.io	49.12.208.158.sslip.io
23	live.primis.tech	attr-shift.dotabuff.com live.primis.tech
13	steamcdn-a.akamaihd.net	12 redirects 49.12.208.158.sslip.io
12	video.primis.tech	live.primis.tech
12	avatars.steamstatic.com	49.12.208.158.sslip.io
8	attr-shift.dotabuff.com	attr-shift.dotabuff.com
6	engage.elo.io	attr-shift.dotabuff.com
5	c.amazon-adsystem.com	live.primis.tech c.amazon-adsystem.com attr-shift.dotabuff.com
4	securepubads.g.doubleclick.net	attr-shift.dotabuff.com securepubads.g.doubleclick.net imasdk.googleapis.com
3	pagead2.googlesyndication.com	live.primis.tech imasdk.googleapis.com
2	imasdk.googleapis.com	live.primis.tech imasdk.googleapis.com
2	ad-delivery.net
2	gtrack.kueezrtb.com
2	track.kueezrtb.com
2	tpc.googlesyndication.com	live.primis.tech tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	49.12.208.158.sslip.io live.primis.tech
2	pubads.g.doubleclick.net	live.primis.tech
2	ads.pubmatic.com	attr-shift.dotabuff.com live.primis.tech
2	www.google-analytics.com	49.12.208.158.sslip.io www.google-analytics.com
1	eus.rubiconproject.com	live.primis.tech
1	u.openx.net	live.primis.tech
1	id.crwdcntrl.net	live.primis.tech
1	s0.2mdn.net	imasdk.googleapis.com
1	ad.doubleclick.net
1	api.btloader.com	elo-io.videoplayerhub.com
1	hbopenbid.pubmatic.com	live.primis.tech
1	rtb.primis.tech	live.primis.tech
1	elo-d.openx.net	live.primis.tech
1	prebid-server.rubiconproject.com	live.primis.tech
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	static.kueezrtb.com	attr-shift.dotabuff.com
1	btloader.com
1	elo-io.videoplayerhub.com	1 redirects
1	cmp.inmobi.com	49.12.208.158.sslip.io
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	www.dotabuff.com	49.12.208.158.sslip.io
0	api.rlcdn.com Failed	live.primis.tech
0	riki.dotabuff.com Failed	49.12.208.158.sslip.io
194	41

This site contains links to these domains. Also see Links.

Domain
bg.dotabuff.com
cs.dotabuff.com
de.dotabuff.com
www.dotabuff.com
es.dotabuff.com
fr.dotabuff.com
it.dotabuff.com
ka.dotabuff.com
ko.dotabuff.com
pl.dotabuff.com
pt.dotabuff.com
ru.dotabuff.com
sr.dotabuff.com
tr.dotabuff.com
uk.dotabuff.com
zh.dotabuff.com
www.overbuff.com
www.speedrun.com
www.facebook.com
twitter.com
discord.gg
elo.io
elo-entertainment-inc.breezy.hr

Subject Issuer	Validity	Valid
49.12.208.158.sslip.io E6	`2024-06-23` - `2024-09-21`	3 months	crt.sh
*.dotabuff.com R3	`2024-05-22` - `2024-08-20`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.elo.io R3	`2024-05-22` - `2024-08-20`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.primis.tech Amazon RSA 2048 M01	`2023-09-24` - `2024-10-22`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
cdn.gin.bet GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
kueezrtb.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://49.12.208.158.sslip.io/
Frame ID: D1ECA1637A912A487DC343039B77918D
Requests: 150 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 0492FD371797D9C2FD051340907A3397
Requests: 33 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 1D3534F1A13402DEF5C202B41609CDE2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/LVEN46HQ.html
Frame ID: C9B363EF733A1B25F0AB98C194B97695
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.647.0_en.html
Frame ID: A2758E2FE14F2D31CDF66C1D5B5F3B72
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0F5DC9F4CA4DCA22CCD4294175B418EE
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: A1096D26A80233EC0D80E8C1915AFB96
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: FF3104A920E59AD06ACF653FF7A15933
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160621&gdpr=0&gdpr_consent=
Frame ID: 60C610D0025F612FEFCD66257EE10425
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DOTABUFF - Dota 2 Statistics

Detected technologies

Cargo (CMS) Expand

Overall confidence: 100%
Detected patterns

/cargo\.

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

194
Requests

85 %
HTTPS

47 %
IPv6

25
Domains

41
Subdomains

36
IPs

7
Countries

6584 kB
Transfer

11745 kB
Size

16
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://bg.dotabuff.com/
Title: български (Bulgarian)

Search URL Search Domain Scan URL

URL: https://cs.dotabuff.com/
Title: Čeština (Czech)

Search URL Search Domain Scan URL

URL: https://de.dotabuff.com/
Title: Deutsch (German)

Search URL Search Domain Scan URL

URL: https://www.dotabuff.com/
Title: English (English)

Search URL Search Domain Scan URL

URL: https://es.dotabuff.com/
Title: Español (Spanish)

Search URL Search Domain Scan URL

URL: https://fr.dotabuff.com/
Title: Français (French)

Search URL Search Domain Scan URL

URL: https://it.dotabuff.com/
Title: Italiano (Italian)

Search URL Search Domain Scan URL

URL: https://ka.dotabuff.com/
Title: ქართული (Georgian)

Search URL Search Domain Scan URL

URL: https://ko.dotabuff.com/
Title: 한국어 (Korean)

Search URL Search Domain Scan URL

URL: https://pl.dotabuff.com/
Title: polski (Polish)

Search URL Search Domain Scan URL

URL: https://pt.dotabuff.com/
Title: Português brasileiro (Portuguese)

Search URL Search Domain Scan URL

URL: https://ru.dotabuff.com/
Title: Русский (Russian)

Search URL Search Domain Scan URL

URL: https://sr.dotabuff.com/
Title: српски (Serbian)

Search URL Search Domain Scan URL

URL: https://tr.dotabuff.com/
Title: Türkçe (Turkish)

Search URL Search Domain Scan URL

URL: https://uk.dotabuff.com/
Title: українська (Ukrainian)

Search URL Search Domain Scan URL

URL: https://zh.dotabuff.com/
Title: 中文 (Chinese)

Search URL Search Domain Scan URL

URL: https://www.overbuff.com/
Title: Overbuff

Search URL Search Domain Scan URL

URL: https://www.speedrun.com/
Title: Speedrun

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dotabuff

Search URL Search Domain Scan URL

URL: https://twitter.com/dotabuff

Search URL Search Domain Scan URL

URL: https://discord.gg/dotabuff

Search URL Search Domain Scan URL

URL: https://elo.io/
Title: Elo Entertainment Inc.

Search URL Search Domain Scan URL

URL: https://elo-entertainment-inc.breezy.hr/
Title: We're Hiring!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/83/83a9f6500e02dfada797aad1bc73e3f39f976eab_full.jpg HTTP 301
https://avatars.steamstatic.com/83a9f6500e02dfada797aad1bc73e3f39f976eab_full.jpg

Request Chain 27

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/37/372145f462581be2f94874ce22def2c8b9f1e9df_full.jpg HTTP 301
https://avatars.steamstatic.com/372145f462581be2f94874ce22def2c8b9f1e9df_full.jpg

Request Chain 29

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/5d/5de370e841f9929c9050b6d2a645a8f6f772e075_full.jpg HTTP 301
https://avatars.steamstatic.com/5de370e841f9929c9050b6d2a645a8f6f772e075_full.jpg

Request Chain 31

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/fa/fa13b5ff87fbc4d73afae360ce3667ce7b5d0c62_full.jpg HTTP 301
https://avatars.steamstatic.com/fa13b5ff87fbc4d73afae360ce3667ce7b5d0c62_full.jpg

Request Chain 33

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/23/23fbee9836590ace850b97956e45e3a73367e343_full.jpg HTTP 301
https://avatars.steamstatic.com/23fbee9836590ace850b97956e45e3a73367e343_full.jpg

Request Chain 37

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/13/137568e9a226b2e600aa9858df505e5e7a0b15f3_full.jpg HTTP 301
https://avatars.steamstatic.com/137568e9a226b2e600aa9858df505e5e7a0b15f3_full.jpg

Request Chain 38

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/54/542cbbe086e471b040258dec7adbed8e07634060_full.jpg HTTP 301
https://avatars.steamstatic.com/542cbbe086e471b040258dec7adbed8e07634060_full.jpg

Request Chain 39

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/46/4608ac17f4a70861779b32aa72700cc52edb7acb_full.jpg HTTP 301
https://avatars.steamstatic.com/4608ac17f4a70861779b32aa72700cc52edb7acb_full.jpg

Request Chain 40

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/32/3215048e7ca118eae6886fcb84c1e98be9165ea1_full.jpg HTTP 301
https://avatars.steamstatic.com/3215048e7ca118eae6886fcb84c1e98be9165ea1_full.jpg

Request Chain 41

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/af/af200cd31755736d45871e5ae1af0c314ab3b89d_full.jpg HTTP 301
https://avatars.steamstatic.com/af200cd31755736d45871e5ae1af0c314ab3b89d_full.jpg

Request Chain 42

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/3e/3eb22e5653a7f6765b2827890980c6745b2b98b2_full.jpg HTTP 301
https://avatars.steamstatic.com/3eb22e5653a7f6765b2827890980c6745b2b98b2_full.jpg

Request Chain 43

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/09/095fcfcfcfb5fadc7fc151bb131bd014bbb6c307_full.jpg HTTP 301
https://avatars.steamstatic.com/095fcfcfcfb5fadc7fc151bb131bd014bbb6c307_full.jpg

Request Chain 135

https://elo-io.videoplayerhub.com/videoplayer.js HTTP 301
https://btloader.com/tag?h=elo-io&upapi=true

194 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
49.12.208.158.sslip.io/ 57 KB
14 KB 308ms
84ms Document
text/html 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

fe0f552afa23bc99d2c359823665ea26d92303e81639f258adb14344c11f4818

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 63
cache-control: public, no-cache
content-encoding: gzip
content-length: 13973
content-type: text/html; charset=utf-8
date: Mon, 24 Jun 2024 00:52:26 GMT
etag: W/"e3ac62ca296738cb55a7b1635efc13c9"
link: </assets/application-37d11b03535bac46e3cd4dd659adb300e55f87f9d772162ade924c667f476b26.css>; rel=preload; as=style; nopush,</assets/application-7471e753d2c3fbdeb7151808cd2ef2da683b0194d2af684785f34d43d5ac08dd.js>; rel=preload; as=script; nopush,<https://attr-shift.dotabuff.com/cargo.js?upapi=true>; rel=preload; as=script; nopush
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.26.1
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b13125d4-7705-4bb7-a787-3cad6a4a2763
x-runtime: 0.033133
x-served-by: cache-chi-klot8100148-CHI, cache-fra-eddf8230042-FRA
x-timer: S1719190346.251801,VS0,VE1
x-xss-protection: 0

GET
H2 200 application-37d11b03535bac46e3cd4dd659adb300e55f87f9d772162ade924c667f476b26.css
49.12.208.158.sslip.io/assets/ 374 KB
70 KB 73ms
71ms Stylesheet
text/css 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://49.12.208.158.sslip.io/assets/application-37d11b03535bac46e3cd4dd659adb300e55f87f9d772162ade924c667f476b26.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

b07d5189a5af0fce81ec8225ecc0519d1c46389602e6017e9dc3b34fe862ba72

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains
age: 1483384
x-cache: HIT, HIT
content-length: 71588
x-served-by: cache-chi-kigq8000109-CHI, cache-fra-eddf8230085-FRA
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
x-timer: S1719190346.328069,VS0,VE0
vary: accept-encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 2451

GET
H2 200 application-7471e753d2c3fbdeb7151808cd2ef2da683b0194d2af684785f34d43d5ac08dd.js Show response
49.12.208.158.sslip.io/assets/ 1 MB
357 KB 79ms
78ms Script
application/javascript 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://49.12.208.158.sslip.io/assets/application-7471e753d2c3fbdeb7151808cd2ef2da683b0194d2af684785f34d43d5ac08dd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

16f618ed155183521d0fb331106797a8a1348eadee838309934631e15ed6f33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains
age: 1483333
x-cache: MISS, HIT
content-length: 364330
x-served-by: cache-chi-kigq8000107-CHI, cache-fra-eddf8230080-FRA
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
x-timer: S1719190346.327671,VS0,VE2
vary: accept-encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 cargo.js Show response
attr-shift.dotabuff.com/ 754 KB
217 KB 182ms
34ms Script
text/javascript 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b71d3e7bc0bd32287a3891051b6bf808ff08aa0b5cfcc42cf06000b46d8aec9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2124
x-cache: HIT
content-length: 221267
x-served-by: cache-cph2320030-CPH
last-modified: Wed, 05 Jun 2024 12:28:26 GMT
x-timer: S1719190346.437540,VS0,VE1
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 0

GET
H2 200 client-wvh-IYOU.js Show response
49.12.208.158.sslip.io/static/ 199 KB
65 KB 90ms
89ms Script
application/javascript 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://49.12.208.158.sslip.io/static/client-wvh-IYOU.js

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

f6c10f25cff8e4e03bc5c265aa641454738304bc4278c1c96cfc44a75bfc6686

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Origin: https://49.12.208.158.sslip.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1483337
x-cache: HIT, HIT
content-length: 65633
x-served-by: cache-chi-klot8100132-CHI, cache-fra-eddf8230146-FRA
last-modified: Thu, 06 Jun 2024 20:44:52 GMT
server: nginx/1.26.1
x-timer: S1719190346.333117,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1597

GET
H2 200 client-BpUHrKZt.css
49.12.208.158.sslip.io/static/ 40 KB
7 KB 69ms
68ms Stylesheet
text/css 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://49.12.208.158.sslip.io/static/client-BpUHrKZt.css

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

008a1824f4867ca8db1e325f5e71b89cdce41f7bcc8d1154f47eef5f0020033e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 951809
x-cache: HIT, HIT
content-length: 7145
x-served-by: cache-chi-klot8100108-CHI, cache-fra-eddf8230075-FRA
last-modified: Thu, 06 Jun 2024 20:44:52 GMT
server: nginx/1.26.1
x-timer: S1719190346.328372,VS0,VE0
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 681

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f653335333236666531366339316232343633653933376661373164663663316632376464646237342f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/2caf779aa9a410323bc7d2a3dc9689982a3a9ac6/ 0
0

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f316434303437653965613161633834323964373131356264626363383963353237303533366566372f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/3a241773d2af8251b1a49e28b2b8328be803abb0/ 0
0

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f306266373737303433616530346430623535353566653230373336393064623464303562303330372f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/95142093859e47ce99fd94fef736f428d6231bd5/ 0
0

GET
H2 200 io-vert-adb7cf8bb8a21a5f14c027467855c22c225ce54e985eae9d7ee58339f2a6d559.jpg
49.12.208.158.sslip.io/assets/heroes/ 12 KB
12 KB 59ms
59ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/io-vert-adb7cf8bb8a21a5f14c027467855c22c225ce54e985eae9d7ee58339f2a6d559.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

27cfc8b4d7ccba405e43173bb20d48196a1fb4f2c5721b3e0014450652cc62aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100122-CHI, cache-fra-eddf8230140-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:21 GMT
server: nginx/1.26.1
age: 254138
x-timer: S1719190347.515246,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 12250
x-cache-hits: 2, 23

GET
H2 200 chen-vert-badd001720b0e4d458a3f5a98e73bcfa8bcf35895ce483671570d0fd4144421a.jpg
49.12.208.158.sslip.io/assets/heroes/ 7 KB
7 KB 58ms
58ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/chen-vert-badd001720b0e4d458a3f5a98e73bcfa8bcf35895ce483671570d0fd4144421a.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

5e5758c3a8d1db29dbab00737e59d3d4513d1608838c5c09a8b9eeb222390ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100144-CHI, cache-fra-eddf8230122-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:21 GMT
server: nginx/1.26.1
age: 1480220
x-timer: S1719190347.567257,VS0,VE0
x-cache: MISS, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7244
x-cache-hits: 0, 2

GET
H2 200 oracle-vert-f1f75e21e7866dc57cae9f1c86b3dd33bf5a9dc97bd4905f09c653ca563940aa.jpg
49.12.208.158.sslip.io/assets/heroes/ 55 KB
55 KB 234ms
209ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/oracle-vert-f1f75e21e7866dc57cae9f1c86b3dd33bf5a9dc97bd4905f09c653ca563940aa.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

aea5c8379d3f95e2dfb2d44291df8fd57d090558190ef543105d486e32d0b506

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000026-CHI, cache-fra-eddf8230141-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:21 GMT
server: nginx/1.26.1
age: 1481898
x-timer: S1719190347.618590,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 56085
x-cache-hits: 2, 10

GET
H2 200 dazzle-vert-0254612da2ee4c3b6092e4f94fea997beb14c48a08e0de406aad39594a9fa10c.jpg
49.12.208.158.sslip.io/assets/heroes/ 6 KB
7 KB 235ms
210ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/dazzle-vert-0254612da2ee4c3b6092e4f94fea997beb14c48a08e0de406aad39594a9fa10c.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

9c2ebe4c649ef164abaf181d404eb7fb5ecc45a3ab31dddc6714f75931bc0f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100135-CHI, cache-fra-eddf8230059-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:21 GMT
server: nginx/1.26.1
age: 404588
x-timer: S1719190347.619545,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6437
x-cache-hits: 0, 3

GET
H2 200 disruptor-vert-4902183c68e409bafd0a81f7a996ba64c36a0189788f4b06c9a9a33a8a2df3d4.jpg
49.12.208.158.sslip.io/assets/heroes/ 6 KB
6 KB 235ms
211ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/disruptor-vert-4902183c68e409bafd0a81f7a996ba64c36a0189788f4b06c9a9a33a8a2df3d4.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

97c92acbfaff0a84aeb7a8f8f3dcb161fd7a371b7c94ccb7f062a2d63dc98228

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000159-CHI, cache-fra-eddf8230064-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:21 GMT
server: nginx/1.26.1
age: 1482495
x-timer: S1719190347.619667,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5847
x-cache-hits: 1, 9

GET
H2 200 effigy-a8571fd194015d24e75d729920cfe5a00345f869fc294b7027f7472a32c65e27.jpg
www.dotabuff.com/assets/stock/ 177 KB
177 KB 62ms
35ms Image
image/jpeg 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dotabuff.com/assets/stock/effigy-a8571fd194015d24e75d729920cfe5a00345f869fc294b7027f7472a32c65e27.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b21ba756ac62b8771dcccbb00155285edf57a51848fb7a9ed6ff3273dbfc64bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100177-CHI, cache-cph2320030-CPH
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Thu, 06 Jun 2024 20:45:21 GMT
age: 506137
x-timer: S1719190347.573509,VS0,VE1
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 181075
x-cache-hits: 8, 0

GET 68747470733a2f2f692e696d6775722e636f6d2f7a4937556d4a302e6a706567
riki.dotabuff.com/c/8cef2442f96caf7b785b16df1cb40da50a19a43f/ 0
0

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f653963393138313735653364326430666463376162396237636365646337633461323139626535342f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/9b046c87ee75b09986036e200572f4e756416b53/ 0
0

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f636164636161343961616464636161383764636361376432663463633330373938393130663936382f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/9f9592ccb1d3c4c5b36230c934119d6809658bc6/ 0
0

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f353434366461616138646461666464373664333966343938303161326632333132656462313064662f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/78fc4123384b83ec0b31f5ebe5b06a76771831e3/ 0
0

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f643266393061623038613735623135653235353265333739353632393531363938646261366138382f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/c9bfa70ef9adc2fcc225474b221ec93a9723757b/ 0
0

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f643336393366343166613539333231383534316134323436376162663233633862333236613633652f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/bcbdd6bda55f9aa883dd7f0782945c455f41ee4a/ 0
0

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f356132323836663765396430633935396463613730326230663130303437313561313665303135612f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/97933ca3e7fd4d211ae8a1c96e773d47097fba18/ 0
0

GET 68747470733a2f2f692e696d6775722e636f6d2f615863555362442e6a706567
riki.dotabuff.com/c/fd12ff1a862bbd23505d316f43651b0dbec45781/ 0
0

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f666462343165306330633765396330393064343637306136353965333738633830336138633264652f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/26d1155a970925ec1bababace590bfb807a77bb9/ 0
0

GET 68747470733a2f2f692e696d6775722e636f6d2f313466764e6e612e6a706567
riki.dotabuff.com/c/acbafb765b49a88810501721a66d655d48e73e00/ 0
0

GET 68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f386237306633646638333539326431353534363662626131363432633434616163346339346132322f36383734373437303361326632663639326536393664363737353732326...
riki.dotabuff.com/c/fbc51aa29d1ea3116c43ed4d84ee88d93717fe31/ 0
0

GET
H2

200

83a9f6500e02dfada797aad1bc73e3f39f976eab_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/83/83a9f6500e02dfada797aad1bc73e3f39f976eab_full.jpg
https://avatars.steamstatic.com/83a9f6500e02dfada797aad1bc73e3f39f976eab_full.jpg

12 KB
13 KB

132ms
53ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/83a9f6500e02dfada797aad1bc73e3f39f976eab_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: afec6844c1f9df46cc190cf5a60f5eb642c5abaf7904d8ec2cc6e8c83478ddf0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Wed, 29 Mar 2023 21:53:48 GMT
server: nginx
content-md5: IDneSuaGJQIdRTn7u/iGfw==
etag: "0x8DB30A013A77500"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=314475238
accept-ranges: bytes
content-length: 12683
expires: Sun, 11 Jun 2034 19:06:24 GMT

Redirect headers

location: https://avatars.steamstatic.com/83a9f6500e02dfada797aad1bc73e3f39f976eab_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 dark-willow-9725069d20655097a586dd0295cbb09213b140dc75df3daca8d09ef99d9742c6.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 234ms
211ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/dark-willow-9725069d20655097a586dd0295cbb09213b140dc75df3daca8d09ef99d9742c6.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

bb5d7cc858f24ede806cfb9e8e40f94f7e986fa6905750c5a780ba5f3aab874c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100178-CHI, cache-fra-eddf8230120-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483333
x-timer: S1719190347.619815,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2479
x-cache-hits: 2, 1490

GET
H2

200

372145f462581be2f94874ce22def2c8b9f1e9df_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/37/372145f462581be2f94874ce22def2c8b9f1e9df_full.jpg
https://avatars.steamstatic.com/372145f462581be2f94874ce22def2c8b9f1e9df_full.jpg

11 KB
11 KB

136ms
57ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/372145f462581be2f94874ce22def2c8b9f1e9df_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cdf0b31e68b90ee721de38d3f061299ba5a31a0bff29da75fde8e530611adb3e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Sun, 23 Apr 2023 05:16:00 GMT
server: nginx
content-md5: Cx4EvfkhoVM21DmBeMsJZQ==
etag: "0x8DB43B9D3FFC34A"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315206796
accept-ranges: bytes
content-length: 10808
expires: Tue, 20 Jun 2034 06:19:02 GMT

Redirect headers

location: https://avatars.steamstatic.com/372145f462581be2f94874ce22def2c8b9f1e9df_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 ember-spirit-f192b997db07ec6fa485ed6fca9cae92ad2d564252b45cb83f5405e3ae1d734c.jpg
49.12.208.158.sslip.io/assets/heroes/ 3 KB
3 KB 233ms
210ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/ember-spirit-f192b997db07ec6fa485ed6fca9cae92ad2d564252b45cb83f5405e3ae1d734c.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

a27d168f0f9fb86bb062f918a53cd7728c0503d0e66690a4673b47c14d601b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000025-CHI, cache-fra-eddf8230040-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483330
x-timer: S1719190347.619657,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2579
x-cache-hits: 2, 1472

GET
H2

200

5de370e841f9929c9050b6d2a645a8f6f772e075_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/5d/5de370e841f9929c9050b6d2a645a8f6f772e075_full.jpg
https://avatars.steamstatic.com/5de370e841f9929c9050b6d2a645a8f6f772e075_full.jpg

18 KB
18 KB

86ms
50ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/5de370e841f9929c9050b6d2a645a8f6f772e075_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f859aa9868780d60b4640b686b744c66f481d17e846b280941ffd5feaeb3c92e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Wed, 04 May 2022 14:00:12 GMT
server: nginx
content-md5: kq6gmwp3urI+AVsHC6NV/w==
etag: "0x8DA2DD66852B493"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=314975374
accept-ranges: bytes
content-length: 18549
expires: Sat, 17 Jun 2034 14:02:00 GMT

Redirect headers

location: https://avatars.steamstatic.com/5de370e841f9929c9050b6d2a645a8f6f772e075_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 phoenix-81afad7a42cb77f6943332c13b67123dfdeb018dd0a17c9fd24a524ed9c4e845.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 237ms
215ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/phoenix-81afad7a42cb77f6943332c13b67123dfdeb018dd0a17c9fd24a524ed9c4e845.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

82aa8fa178afedb02faa7ded7330f36bfffa4eddf5c0d4a9e3f0220e9b3f1d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100118-CHI, cache-fra-eddf8230089-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483333
x-timer: S1719190347.619953,VS0,VE0
x-cache: MISS, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2308
x-cache-hits: 0, 1385

GET
H2

200

fa13b5ff87fbc4d73afae360ce3667ce7b5d0c62_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/fa/fa13b5ff87fbc4d73afae360ce3667ce7b5d0c62_full.jpg
https://avatars.steamstatic.com/fa13b5ff87fbc4d73afae360ce3667ce7b5d0c62_full.jpg

12 KB
13 KB

73ms
22ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/fa13b5ff87fbc4d73afae360ce3667ce7b5d0c62_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fa0c822d6252feb8cc1a82f9f1c0da7ac6c15b02a024799578e76168ee258825

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Mon, 29 May 2023 00:32:52 GMT
server: nginx
etag: "454a534cd601681b37fc5ef985012c63"
x-guploader-uploadid: ADPycdvgw__Sj3JKHFQkxitYc1q0Ig12JTg-IL0mcnV8gAExCSkMCdv26jXylIO-KqOpWYzLXrHcsCqo_w
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=313378310
accept-ranges: bytes
content-length: 12776
expires: Tue, 30 May 2034 02:24:16 GMT

Redirect headers

location: https://avatars.steamstatic.com/fa13b5ff87fbc4d73afae360ce3667ce7b5d0c62_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 doom-2ee7abeb6120e5cb185582e54326669ce03f6776fdf5d008db0cc3e60c4c259e.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 238ms
216ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/doom-2ee7abeb6120e5cb185582e54326669ce03f6776fdf5d008db0cc3e60c4c259e.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

571afc699e74bad0130236f230a6ec83e205618d53f6112b670d4e52d62dee74

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100141-CHI, cache-fra-eddf8230130-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483337
x-timer: S1719190347.624933,VS0,VE0
x-cache: MISS, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2189
x-cache-hits: 0, 862

GET
H2

200

23fbee9836590ace850b97956e45e3a73367e343_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/23/23fbee9836590ace850b97956e45e3a73367e343_full.jpg
https://avatars.steamstatic.com/23fbee9836590ace850b97956e45e3a73367e343_full.jpg

12 KB
12 KB

77ms
39ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/23fbee9836590ace850b97956e45e3a73367e343_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 533ebcc29ef3c719938ae3ea51f45608db56d6a6678678b100d34b9d83c99f69

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Fri, 11 Mar 2022 20:18:29 GMT
server: nginx
content-md5: 3DHTNrwracPpDywpHx5pwA==
etag: "0x8DA039C4E520AD8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315246865
accept-ranges: bytes
content-length: 11894
expires: Tue, 20 Jun 2034 17:26:51 GMT

Redirect headers

location: https://avatars.steamstatic.com/23fbee9836590ace850b97956e45e3a73367e343_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 pangolier-3c85e65a2afda98f8ad44941031418179d75978dd808b5e40ea3527d83279703.jpg
49.12.208.158.sslip.io/assets/heroes/ 3 KB
3 KB 237ms
215ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/pangolier-3c85e65a2afda98f8ad44941031418179d75978dd808b5e40ea3527d83279703.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

d7ce5961088da592b76f7e2115b6652cbdb3da9ec9ba78d8e741b77190697633

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000115-CHI, cache-fra-eddf8230049-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483333
x-timer: S1719190347.620088,VS0,VE0
x-cache: MISS, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2569
x-cache-hits: 0, 1533

GET
H2 200 0412fc6ae94c2d34f9a9d186fb133499eef1de81_full.jpg
steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/04/ 16 KB
16 KB 344ms
92ms Image
image/jpeg 62.115.253.43
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/04/0412fc6ae94c2d34f9a9d186fb133499eef1de81_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.115.253.43 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a3b8a8d06230c634323e2516330d0ff18e280d5c4cf4a1eae09d2217e8e7d8a2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Wed, 20 Sep 2017 19:19:46 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "59c2bf52-4130"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=314765166
accept-ranges: bytes
content-length: 16688
expires: Thu, 15 Jun 2034 03:38:32 GMT

GET
H2 200 keeper-of-the-light-d58dfd9830a80382d59c632cdf667e9b895ff2f1c7a68e82272060d56a608f96.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
2 KB 237ms
216ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/keeper-of-the-light-d58dfd9830a80382d59c632cdf667e9b895ff2f1c7a68e82272060d56a608f96.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

97ad12c98df4924afc311a8500d3a87060f1ba31f7596ad723f5fb4b1587e74d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000023-CHI, cache-fra-eddf8230114-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 337005
x-timer: S1719190347.621032,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2187
x-cache-hits: 4, 110

GET
H2

200

137568e9a226b2e600aa9858df505e5e7a0b15f3_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/13/137568e9a226b2e600aa9858df505e5e7a0b15f3_full.jpg
https://avatars.steamstatic.com/137568e9a226b2e600aa9858df505e5e7a0b15f3_full.jpg

15 KB
16 KB

115ms
35ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/137568e9a226b2e600aa9858df505e5e7a0b15f3_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 47d2c3a1ec72542aeddd08dcbb1c29d206696b7198cae1127a0ecc80893bf19e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Tue, 11 Jun 2024 13:35:56 GMT
server: nginx
content-md5: EbpQ7YuUygwHEzZkWe3V6Q==
etag: "0x8DC8A1B6C2BC6A5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315081212
accept-ranges: bytes
content-length: 15767
expires: Sun, 18 Jun 2034 19:25:58 GMT

Redirect headers

location: https://avatars.steamstatic.com/137568e9a226b2e600aa9858df505e5e7a0b15f3_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

542cbbe086e471b040258dec7adbed8e07634060_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/54/542cbbe086e471b040258dec7adbed8e07634060_full.jpg
https://avatars.steamstatic.com/542cbbe086e471b040258dec7adbed8e07634060_full.jpg

8 KB
8 KB

103ms
23ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/542cbbe086e471b040258dec7adbed8e07634060_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2f959314b14a0423c004f840a0aee5c66fa3186e6e2473ddbcb75015c8566ba1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Thu, 21 Mar 2024 22:29:33 GMT
server: nginx
content-md5: bZ4C2I30oWGQd3UTTZ8qOQ==
etag: "0x8DC49F661EB43F9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315141558
accept-ranges: bytes
content-length: 8433
expires: Mon, 19 Jun 2034 12:11:44 GMT

Redirect headers

location: https://avatars.steamstatic.com/542cbbe086e471b040258dec7adbed8e07634060_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

4608ac17f4a70861779b32aa72700cc52edb7acb_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/46/4608ac17f4a70861779b32aa72700cc52edb7acb_full.jpg
https://avatars.steamstatic.com/4608ac17f4a70861779b32aa72700cc52edb7acb_full.jpg

15 KB
16 KB

104ms
25ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/4608ac17f4a70861779b32aa72700cc52edb7acb_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9f110c07b296784849f7ecb20cb889be918e0c5af31b0dff0521643b5a01bd8c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Fri, 09 Feb 2024 15:49:32 GMT
server: nginx
content-md5: LG+r/IpjcDRRoBPZ/MOKDA==
etag: "0x8DC2986B54167E5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=313793474
accept-ranges: bytes
content-length: 15831
expires: Sat, 03 Jun 2034 21:43:40 GMT

Redirect headers

location: https://avatars.steamstatic.com/4608ac17f4a70861779b32aa72700cc52edb7acb_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

3215048e7ca118eae6886fcb84c1e98be9165ea1_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/32/3215048e7ca118eae6886fcb84c1e98be9165ea1_full.jpg
https://avatars.steamstatic.com/3215048e7ca118eae6886fcb84c1e98be9165ea1_full.jpg

12 KB
12 KB

103ms
24ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/3215048e7ca118eae6886fcb84c1e98be9165ea1_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 52ae7d46e8cb749fe03cf8f22bb4865ebf03526d061bb4463034d159e914aa59

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Fri, 01 Mar 2024 00:40:36 GMT
server: nginx
content-md5: uVApjdEm0r50bPV1U/0Yzw==
etag: "0x8DC3988362193A8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=313981779
accept-ranges: bytes
content-length: 11979
expires: Tue, 06 Jun 2034 02:02:05 GMT

Redirect headers

location: https://avatars.steamstatic.com/3215048e7ca118eae6886fcb84c1e98be9165ea1_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

af200cd31755736d45871e5ae1af0c314ab3b89d_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/af/af200cd31755736d45871e5ae1af0c314ab3b89d_full.jpg
https://avatars.steamstatic.com/af200cd31755736d45871e5ae1af0c314ab3b89d_full.jpg

12 KB
12 KB

94ms
42ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/af200cd31755736d45871e5ae1af0c314ab3b89d_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4814ed97f33e919328e8f7ce497ce451f5be208fd90580754e6318bc0c7e6df4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Sun, 12 Nov 2023 15:23:25 GMT
server: nginx
etag: "364eb458ae39872e4a90a5291a6e5ec6"
x-guploader-uploadid: ABPtcPoZob-t-OWUOrK2W1P4KptjfjyXKkZZgkhfZIrwcRIZufyRutK81TBA519spTcNRQw2BF1hNWVNKA
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=314620089
accept-ranges: bytes
content-length: 12243
expires: Tue, 13 Jun 2034 11:20:35 GMT

Redirect headers

location: https://avatars.steamstatic.com/af200cd31755736d45871e5ae1af0c314ab3b89d_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

3eb22e5653a7f6765b2827890980c6745b2b98b2_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/3e/3eb22e5653a7f6765b2827890980c6745b2b98b2_full.jpg
https://avatars.steamstatic.com/3eb22e5653a7f6765b2827890980c6745b2b98b2_full.jpg

9 KB
10 KB

100ms
20ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/3eb22e5653a7f6765b2827890980c6745b2b98b2_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7c62aa88c6ecd693f09cb62b668c31395f56c1804c0f6586cdd97db83658c9d8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Sat, 12 Mar 2022 21:53:53 GMT
server: nginx
etag: "a5c5cba0047b585659f24767be9cc474"
x-guploader-uploadid: ABPtcPoQN1qyFI_HWem0cdubV5z6b4HdEMEyOhC2ymO1I-cFaHBbxQ4JzTI2gK5MWLKjn9InKw
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=312909546
accept-ranges: bytes
content-length: 9678
expires: Wed, 24 May 2034 16:11:32 GMT

Redirect headers

location: https://avatars.steamstatic.com/3eb22e5653a7f6765b2827890980c6745b2b98b2_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

095fcfcfcfb5fadc7fc151bb131bd014bbb6c307_full.jpg
avatars.steamstatic.com/
Redirect Chain

https://steamcdn-a.akamaihd.net/steamcommunity/public/images/avatars/09/095fcfcfcfb5fadc7fc151bb131bd014bbb6c307_full.jpg
https://avatars.steamstatic.com/095fcfcfcfb5fadc7fc151bb131bd014bbb6c307_full.jpg

11 KB
11 KB

120ms
41ms

Image
image/jpeg

2a02:26f0:7100::1720:eedb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.steamstatic.com/095fcfcfcfb5fadc7fc151bb131bd014bbb6c307_full.jpg
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Server: 2a02:26f0:7100::1720:eedb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: db36a97b2b3f6332a88687f316dedf6db877ddd082c276c0a4dc51c197e74c42

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
last-modified: Wed, 09 Mar 2022 23:58:40 GMT
server: nginx
content-md5: x57S/IgwGzjZfrDr+OMsYQ==
etag: "0x8DA0228BC041AE0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=314507652
accept-ranges: bytes
content-length: 11154
expires: Mon, 12 Jun 2034 04:06:38 GMT

Redirect headers

location: https://avatars.steamstatic.com/095fcfcfcfb5fadc7fc151bb131bd014bbb6c307_full.jpg
date: Mon, 24 Jun 2024 00:52:26 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 enigma-e9f773c5d0a97af9cda180ca1ddd2e48d2330bbb3f0e85bb1e987107f06b76d8.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 240ms
220ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/enigma-e9f773c5d0a97af9cda180ca1ddd2e48d2330bbb3f0e85bb1e987107f06b76d8.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

addea6f59b29078af54388e5c7d05b25c09cb2e9924723755a7b7a70644801be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000096-CHI, cache-fra-eddf8230149-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483338
x-timer: S1719190347.668822,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2400
x-cache-hits: 5, 1368

GET
H2 200 naga-siren-c4a0e5cabd6f433fd98195f603947d97ae5d44f8c9b7c6831cc1f8a2046655af.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
2 KB 230ms
219ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/naga-siren-c4a0e5cabd6f433fd98195f603947d97ae5d44f8c9b7c6831cc1f8a2046655af.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

87c3cc35fbbffd34add05b985abafdc8eb199eb2354d042043e37e267a67545f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100123-CHI, cache-fra-eddf8230031-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 325190
x-timer: S1719190347.668719,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1982
x-cache-hits: 4, 130

GET
H2 200 tiny-a92e2a4df75d02aa40bdfb4159b8b03277e17a8a720a1866c8af0cfb224be2b2.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
2 KB 232ms
221ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/tiny-a92e2a4df75d02aa40bdfb4159b8b03277e17a8a720a1866c8af0cfb224be2b2.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

162131e0df68104c9a66fc7a8eafb4fae3204122e4238dba3cd78507738a511c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000169-CHI, cache-fra-eddf8230139-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483330
x-timer: S1719190347.669113,VS0,VE0
x-cache: MISS, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1987
x-cache-hits: 0, 630

GET
H2 200 mars-aa8952aa20812d3b0f395647a0a69ab760d52681500ed68d1dc297b74750ba88.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 228ms
219ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/mars-aa8952aa20812d3b0f395647a0a69ab760d52681500ed68d1dc297b74750ba88.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

2fb74fe27d74e1a6a5b1a009e4588ee0485a8489199f4d55bf68a853b866f92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000105-CHI, cache-fra-eddf8230050-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483330
x-timer: S1719190347.668765,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2294
x-cache-hits: 1, 166

GET
H2 200 lone-druid-8af24cf6dddc7688a858d1d8d9ef221005f1bf60a18ab4ad845e42ccc176b4bf.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 229ms
220ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/lone-druid-8af24cf6dddc7688a858d1d8d9ef221005f1bf60a18ab4ad845e42ccc176b4bf.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

beb27837e0b76785591f5d117695afa05ddbb13ff5a16d81298505ee80d78994

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000086-CHI, cache-fra-eddf8230095-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1476094
x-timer: S1719190347.668996,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2542
x-cache-hits: 8, 414

GET
H2 200 enchantress-c442c466256b83b7ccada55d6d1e10ca149fb4998962599a5242565239dba813.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 231ms
222ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/enchantress-c442c466256b83b7ccada55d6d1e10ca149fb4998962599a5242565239dba813.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

a84b49cb65aa4e5da6264f9abc2da34f0c62264a4334ddad87e87f97db09d236

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000156-CHI, cache-fra-eddf8230031-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483337
x-timer: S1719190347.669252,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2397
x-cache-hits: 4, 391

GET
H2 200 dark-seer-be8d4bded6ce5e2eaab5dce2171c4d7486f9c20c880583ff8e22eab9c1176894.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 228ms
223ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/dark-seer-be8d4bded6ce5e2eaab5dce2171c4d7486f9c20c880583ff8e22eab9c1176894.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

4c049e3f8b211af40fd9bb87dba501f41b59044e4ad810725fc26855a306ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000098-CHI, cache-fra-eddf8230022-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483334
x-timer: S1719190347.669099,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2437
x-cache-hits: 2, 1201

GET
H2 200 chaos-knight-b0314d29832b7493040cedc48a4f7b200d5c6050749bb0d0c75957afe24a7626.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
2 KB 229ms
224ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/chaos-knight-b0314d29832b7493040cedc48a4f7b200d5c6050749bb0d0c75957afe24a7626.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

ab966d624a98746d6cf26e0cd009c11a1e247c15d3ade71d06cfcf03ca0066fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-kigq8000110-CHI, cache-fra-eddf8230026-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483336
x-timer: S1719190347.669427,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2165
x-cache-hits: 6, 1243

GET
H2 200 juggernaut-6cc7933a02e14a65ad008c27be5bac57c1fd717f149409a79bb27ce35a2dc175.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 232ms
227ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/juggernaut-6cc7933a02e14a65ad008c27be5bac57c1fd717f149409a79bb27ce35a2dc175.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

5ace4f32c932a86b69173b854db3de00cd1425419f7c9ff0d824aad30b5ce1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100100-CHI, cache-fra-eddf8230121-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483338
x-timer: S1719190347.672103,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2427
x-cache-hits: 3, 1597

GET
H2 200 wraith-king-3c444b80dc6cbb45eec81af2856abce00528a7da87c20c45c8b033a41f699744.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 228ms
223ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/wraith-king-3c444b80dc6cbb45eec81af2856abce00528a7da87c20c45c8b033a41f699744.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

6dcc96485ff4c1db5e5f03227b31d11d3211f6ed389167f60a43b9d7ec90d463

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100066-CHI, cache-fra-eddf8230062-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483336
x-timer: S1719190347.669170,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2409
x-cache-hits: 3, 1099

GET
H2 200 pudge-9343ae6b0b146d7a1be2fd9d5fc7b69f2c64864ac9c017ce1ac0438baa7aa931.jpg
49.12.208.158.sslip.io/assets/heroes/ 2 KB
3 KB 226ms
221ms Image
image/jpeg 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/heroes/pudge-9343ae6b0b146d7a1be2fd9d5fc7b69f2c64864ac9c017ce1ac0438baa7aa931.jpg

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

1cf5d17618283039e7922f62c6b7b276e5924c1fdeb387143d07f4b1af66d8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100170-CHI, cache-fra-eddf8230072-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483337
x-timer: S1719190347.669158,VS0,VE0
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2289
x-cache-hits: 4, 1801

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 217ms
149ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 23 Jun 2024 23:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4283
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 24 Jun 2024 01:41:03 GMT

GET
H2 200 fontawesome-webfont-fa79d127baca4558a0b973f5f514b90fc5ef43314c41095f5cb285ffaa0a4029.woff2
49.12.208.158.sslip.io/assets/ 75 KB
76 KB 199ms
195ms Font
application/font-woff2 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://49.12.208.158.sslip.io/assets/fontawesome-webfont-fa79d127baca4558a0b973f5f514b90fc5ef43314c41095f5cb285ffaa0a4029.woff2

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/assets/application-37d11b03535bac46e3cd4dd659adb300e55f87f9d772162ade924c667f476b26.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/assets/application-37d11b03535bac46e3cd4dd659adb300e55f87f9d772162ade924c667f476b26.css
Origin: https://49.12.208.158.sslip.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100039-CHI, cache-fra-eddf8230044-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483333
x-timer: S1719190347.670411,VS0,VE0
x-cache: HIT, HIT
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 77160
x-cache-hits: 1, 2677

GET
H2 200 flags-7f94eaf43df4667e9ca97165f32b16549e65ddc0efb9ed634e77b2e68ccea05d.png
49.12.208.158.sslip.io/assets/ 77 KB
77 KB 181ms
179ms Image
image/png 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://49.12.208.158.sslip.io/assets/flags-7f94eaf43df4667e9ca97165f32b16549e65ddc0efb9ed634e77b2e68ccea05d.png

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/assets/application-37d11b03535bac46e3cd4dd659adb300e55f87f9d772162ade924c667f476b26.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

741d041006cc84ccbd1e919d25e1474ff78865857cc2ad4ba7485683481087c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/assets/application-37d11b03535bac46e3cd4dd659adb300e55f87f9d772162ade924c667f476b26.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100116-CHI, cache-fra-eddf8230122-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483338
x-timer: S1719190347.673986,VS0,VE0
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 78853
x-cache-hits: 4, 2123

GET
H2 200 icomoon-a54f3f5a779c6fa7a27968cf8f9d60af7ec21d88562adcc2248aca0bed2cb05c.woff
49.12.208.158.sslip.io/assets/ 2 KB
2 KB 162ms
162ms Font
application/font-woff 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://49.12.208.158.sslip.io/assets/icomoon-a54f3f5a779c6fa7a27968cf8f9d60af7ec21d88562adcc2248aca0bed2cb05c.woff?mqtm8s

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/assets/application-37d11b03535bac46e3cd4dd659adb300e55f87f9d772162ade924c667f476b26.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

83f7c999bc1c348f2c7e75e37015581d9bd032df977230ee68213ce03b8e2611

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/assets/application-37d11b03535bac46e3cd4dd659adb300e55f87f9d772162ade924c667f476b26.css
Origin: https://49.12.208.158.sslip.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100119-CHI, cache-fra-eddf8230024-FRA
date: Mon, 24 Jun 2024 00:52:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:20 GMT
server: nginx/1.26.1
age: 1483333
x-timer: S1719190347.790369,VS0,VE0
x-cache: HIT, HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2016
x-cache-hits: 1, 2694

GET _mastery_graph
www.dotabuff.com/ 0
0

HEAD
H2 200 favicon.ico
engage.elo.io/ 0
0 148ms
36ms Fetch
image/x-icon 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.elo.io/favicon.ico?zoneid=*&ab=1&src=prebid_prebid_3.23.0
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2832
x-cache: HIT
content-length: 2423
x-served-by: cache-cph2320048-CPH
last-modified: Wed, 05 Jun 2024 12:28:26 GMT
x-timer: S1719190347.960880,VS0,VE2
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 2

HEAD
H2 200 favicon.ico
engage.elo.io/ 0
0 146ms
35ms Fetch
image/x-icon 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.elo.io/favicon.ico?zoneid=*&ab=1&src=prebid_prebid_3.23.0&upapi=true
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2182
x-cache: HIT
content-length: 2423
x-served-by: cache-cph2320048-CPH
last-modified: Wed, 05 Jun 2024 12:28:26 GMT
x-timer: S1719190347.960687,VS0,VE1
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 0

HEAD
H2 200 favicon.ico
engage.elo.io/ 0
0 146ms
36ms Fetch
image/x-icon 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.elo.io/favicon.ico?zoneid=*&ab=1&src=prebid_prebid_3.23.0
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2832
x-cache: HIT
content-length: 2423
x-served-by: cache-cph2320048-CPH
last-modified: Wed, 05 Jun 2024 12:28:26 GMT
x-timer: S1719190347.960924,VS0,VE1
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 2

HEAD
H2 200 favicon.ico
engage.elo.io/ 0
0 146ms
36ms Fetch
image/x-icon 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.elo.io/favicon.ico?zoneid=*&ab=1&src=prebid_prebid_3.23.0&upapi=true
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2182
x-cache: HIT
content-length: 2423
x-served-by: cache-cph2320048-CPH
last-modified: Wed, 05 Jun 2024 12:28:26 GMT
x-timer: S1719190347.960904,VS0,VE1
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 2

HEAD
H2 200 favicon.ico
engage.elo.io/ 0
0 145ms
35ms Fetch
image/x-icon 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.elo.io/favicon.ico?zoneid=*&ab=1&src=prebid_prebid_3.23.0
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2832
x-cache: HIT
content-length: 2423
x-served-by: cache-cph2320048-CPH
last-modified: Wed, 05 Jun 2024 12:28:26 GMT
x-timer: S1719190347.960685,VS0,VE1
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 0

HEAD
H2 200 favicon.ico
engage.elo.io/ 0
0 145ms
35ms Fetch
image/x-icon 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://engage.elo.io/favicon.ico?zoneid=*&ab=1&src=prebid_prebid_3.23.0&upapi=true
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 varnish
age: 2182
x-cache: HIT
content-length: 2423
x-served-by: cache-cph2320048-CPH
last-modified: Wed, 05 Jun 2024 12:28:26 GMT
x-timer: S1719190347.960909,VS0,VE1
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
225 B 26ms
24ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=239207905&t=pageview&_s=1&dl=https%3A%2F%2F49.12.208.158.sslip.io%2F&dp=%2F&ul=de-de&de=UTF-8&dt=DOTABUFF%20-%20Dota%202%20Statistics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1937248374&gjid=408972235&cid=912210531.1719190347&tid=UA-34232227-1&_gid=1217681205.1719190347&_r=1&_slc=1&cd2=false&z=1829562215

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

bc04539bc36395e36a0d4858f5ef7b052421f9d64f88a24197193854583d54df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:52:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
96 KB 82ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PT3JLZNXYV&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a505a0df2a34819459d6f5e6827ab34c6fa2fa7951eaa8af9f5b3f42b9a917b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98108
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jun 2024 00:52:26 GMT

OPTIONS
H2 200 d
attr-shift.dotabuff.com/ Frame 0
0 233ms
161ms Preflight 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attr-shift.dotabuff.com/d?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://49.12.208.158.sslip.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
access-control-max-age: 7200
cache-control: public, max-age=300
content-length: 0
date: Mon, 24 Jun 2024 00:52:27 GMT
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cph2320034-CPH
x-timer: S1719190347.069789,VS0,VE127

POST
H2 200 d Show response
attr-shift.dotabuff.com/ 21 KB
21 KB 164ms
163ms Fetch
application/json 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attr-shift.dotabuff.com/d?upapi=true
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d32b2472d0b563cb8efe79f6f8fd4301357de75f01fc1eeaf86a8b5203f26de0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-cph2320034-CPH
date: Mon, 24 Jun 2024 00:52:27 GMT
via: 1.1 varnish
x-timer: S1719190347.232161,VS0,VE130
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json
access-control-allow-origin: *
x-cache: MISS
cache-control: private, no-store
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 0

POST
H2 200 d Show response
attr-shift.dotabuff.com/ 32 KB
32 KB 170ms
169ms Fetch
application/json 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attr-shift.dotabuff.com/d?upapi=true
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c7904ea9b1c172c24cd6912b7e015d87e4cbca28ad3d89649808b00e7c201479

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-cph2320034-CPH
date: Mon, 24 Jun 2024 00:52:27 GMT
via: 1.1 varnish
x-timer: S1719190347.231964,VS0,VE132
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json
access-control-allow-origin: *
x-cache: MISS
cache-control: private, no-store
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 0

OPTIONS
H2 200 d
attr-shift.dotabuff.com/ Frame 0
0 230ms
160ms Preflight 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attr-shift.dotabuff.com/d?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://49.12.208.158.sslip.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
access-control-max-age: 7200
cache-control: public, max-age=300
content-length: 0
date: Mon, 24 Jun 2024 00:52:27 GMT
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-cph2320034-CPH
x-timer: S1719190347.069865,VS0,VE127

POST
H2 204 v
attr-shift.dotabuff.com/ 0
92 B 161ms
161ms Ping
text/plain 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attr-shift.dotabuff.com/v?upapi=true
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-cph2320030-CPH
date: Mon, 24 Jun 2024 00:52:27 GMT
via: 1.1 varnish
x-timer: S1719190347.002206,VS0,VE127
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
x-cache: MISS
access-control-allow-origin: *
cache-control: private, no-store
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 80ms
26ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PT3JLZNXYV&gtm=45je46j0v9134509541za200&_p=1719190346914&gcd=13l3lPl2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=912210531.1719190347&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2F49.12.208.158.sslip.io%2F&dp=%2F&dt=DOTABUFF%20-%20Dota%202%20Statistics&sid=1719190347&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_2=false&tfd=1121&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PT3JLZNXYV&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:52:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon-d5ca7cfbf2ac980fd3c73099a6f0e904e1dcaafc0fd05834d45871745c6ca02c.png
49.12.208.158.sslip.io/assets/ 1 KB
2 KB 56ms
55ms Other
image/png 49.12.208.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://49.12.208.158.sslip.io/assets/favicon-d5ca7cfbf2ac980fd3c73099a6f0e904e1dcaafc0fd05834d45871745c6ca02c.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

49.12.208.158 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.158.208.12.49.clients.your-server.de

Software

nginx/1.26.1 /

Resource Hash

a6c9d750400872d536f8d3376a67851d3d5ee5a9b3d1beda17c66ab92ad62cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-chi-klot8100139-CHI, cache-fra-eddf8230059-FRA
date: Mon, 24 Jun 2024 00:52:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 06 Jun 2024 20:45:21 GMT
server: nginx/1.26.1
age: 1483337
x-timer: S1719190347.127450,VS0,VE0
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1371
x-cache-hits: 1, 639

GET
H2 204 choice.js Show response
cmp.inmobi.com/choice/kE_YTEQhq5e4s/sslip.io/ 0
325 B 137ms
61ms Script
text/plain 2600:9000:275b:a00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/kE_YTEQhq5e4s/sslip.io/choice.js?tag_version=V3
Requested by: Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:a00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA60-P7
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Miss from cloudfront
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Zp2fzpntT7MNZ4It9DYsOp6EkyJXVrjrJu4yBmIMOD9ANYNIWh3Pmg==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ 49 KB
19 KB 97ms
35ms Script
text/javascript 2600:9000:236e:a400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e7e0407ef58a9674b7825a26a976ecf167caaa6c4f5da2a076a6349896181c42

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UlTIpqkF9BYJOUoBOYlW5ic7uta2lMikRbiVneM-Ney5E20X_HFm8Q==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160621/4130// 216 KB
65 KB 195ms
78ms Script
application/javascript 23.43.22.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160621/4130//pwt.js
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.22.118 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-22-118.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4d835449f17ec98cb538bcf33749f92bbc8c8a4cc4bbebaaa17fc03f87de5264

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:38:05 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=23478
accept-ranges: bytes
content-length: 66647
expires: Mon, 24 Jun 2024 07:23:45 GMT

GET
H2 200 520763a89d5cbcadd009736084.png
cdn.gin.bet/team/ 31 KB
31 KB 112ms
48ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/520763a89d5cbcadd009736084.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f80b6476c5859c05e317945dadeb67ed92f63a03e622a2d8f429ef072c0bd922

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:13:30 GMT
server: cloudflare
age: 1575759
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38dfd39bb0-FRA

GET
H2 200 522463d59cba2cb96180119623.png
cdn.gin.bet/team/ 17 KB
17 KB 92ms
29ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/522463d59cba2cb96180119623.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33ee78b1ceb04ddb0301d668d93da270fc2282fe2c6b3fbfd16c8e9dda734df9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:14:10 GMT
server: cloudflare
age: 187656
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38dfcd9bb0-FRA

GET
H2 200 t96172648032af099b1996693680.png
cdn.gin.bet/team/ 2 KB
3 KB 112ms
49ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t96172648032af099b1996693680.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b588bfbf2d0fceb475ae099603b58c4629fd813803999011400d992775e841

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:16:00 GMT
server: cloudflare
age: 154594
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffe29bb0-FRA

GET
H2 200 t9800865b20dff7cc47696409599.png
cdn.gin.bet/team/ 3 KB
3 KB 112ms
49ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t9800865b20dff7cc47696409599.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d00120335ca167067907692f94d5480c18ddb37d628cda5bcc194e98ab9d801

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:19:34 GMT
server: cloudflare
age: 245422
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffe19bb0-FRA

GET
H2 200 t15412611d24d36c999390336365.png
cdn.gin.bet/team/ 29 KB
29 KB 112ms
49ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t15412611d24d36c999390336365.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf627cab2ef0f2e08702ca1bd15eb8e9e7fc9ba8ac01c94ab0fa98533b60362f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:05:29 GMT
server: cloudflare
age: 2139290
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffe09bb0-FRA

GET
H2 200 t37672611d258985585106927381.png
cdn.gin.bet/team/ 5 KB
5 KB 92ms
29ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t37672611d258985585106927381.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a925e48f3b911d60d0fca690e2f53f01b616b90e9712f3eb16a14141ac1ffce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:05:45 GMT
server: cloudflare
age: 245422
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38dfce9bb0-FRA

GET
H2 200 t3593611d256fba9e0308941324.png
cdn.gin.bet/team/ 103 KB
104 KB 124ms
70ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t3593611d256fba9e0308941324.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b2d634d3c2712ba8d8333afb3dc64190196c63c17dd9cce7afc5f4757ea8741

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:05:43 GMT
server: cloudflare
age: 154594
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffe69bb0-FRA

GET
H2 200 50px-Dota_2_default_allmode665ea78829b75850656930.png
cdn.gin.bet/team/ 5 KB
5 KB 101ms
48ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/50px-Dota_2_default_allmode665ea78829b75850656930.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b839145ca37f0105a3f3cf08eb5142e302bbae0d9748dbb337602a7fa69ef94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 05:35:04 GMT
server: cloudflare
age: 154594
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38dfd29bb0-FRA

GET
H2 200 t911966285bb72159bd843526653.png
cdn.gin.bet/team/ 19 KB
19 KB 102ms
48ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t911966285bb72159bd843526653.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092865be2f097c5a91300a939a3296b6ba4cae64255199cd9e0ded653f139c70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:09:37 GMT
server: cloudflare
age: 543339
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38dfd09bb0-FRA

GET
H2 200 t99099660127ffa7703918098772.png
cdn.gin.bet/team/ 15 KB
15 KB 119ms
65ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t99099660127ffa7703918098772.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94b2779de18886067ef97e76bc53086b33712dcb4e215d56e6b6bfdad381345

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2024 07:30:07 GMT
server: cloudflare
age: 56968
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffe59bb0-FRA

GET
H2 200 t361761528c711a9e6188045442.png
cdn.gin.bet/team/ 37 KB
38 KB 102ms
48ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t361761528c711a9e6188045442.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cdd28a29236094251a16ecfca5a4f11f1827b1c12965660f57d31717db9e3d6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:07:20 GMT
server: cloudflare
age: 669013
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38dfcf9bb0-FRA

GET
H2 200 t9890265f3f8ffd53fb397645740.png
cdn.gin.bet/team/ 155 KB
156 KB 83ms
30ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t9890265f3f8ffd53fb397645740.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7469354cc70c28aa9b09535ad74a67d61dc696c017f628feddfb78b19d00c7ab

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Fri, 15 Mar 2024 07:30:07 GMT
server: cloudflare
age: 1281345
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38dfca9bb0-FRA

GET
H2 200 t939296384475cddc91561109181.png
cdn.gin.bet/team/ 43 KB
44 KB 102ms
48ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t939296384475cddc91561109181.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77c1655c4a30a5c9a64fd1085b2793d49cd5c0c165f88747544af469d10d32fa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:13:19 GMT
server: cloudflare
age: 1060886
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38dfcc9bb0-FRA

GET
H2 200 t960426437af8019d4f688162715.png
cdn.gin.bet/team/ 22 KB
23 KB 102ms
49ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t960426437af8019d4f688162715.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0eeb8d0e497bcd3370483dc19612d0253bc194f9235f1d214b958dc37a60694

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:15:32 GMT
server: cloudflare
age: 409743
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffde9bb0-FRA

GET
H2 200 50px-Dota_2_default_allmode66744d1caceb7885802900.png
cdn.gin.bet/team/ 5 KB
5 KB 61ms
58ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/50px-Dota_2_default_allmode66744d1caceb7885802900.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b839145ca37f0105a3f3cf08eb5142e302bbae0d9748dbb337602a7fa69ef94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Jun 2024 15:39:08 GMT
server: cloudflare
age: 292378
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffe89bb0-FRA

GET
H2 200 t982716634927f2d105264391763.png
cdn.gin.bet/team/ 357 KB
358 KB 60ms
58ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t982716634927f2d105264391763.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7369121d67641a7e9f23f655f6ded413ea3a4290c56c0b626927d6578675bb70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Fri, 03 May 2024 07:30:07 GMT
server: cloudflare
age: 157722
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffea9bb0-FRA

GET
H2 200 t9567464cca902b3db3699726487.png
cdn.gin.bet/team/ 16 KB
16 KB 60ms
58ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t9567464cca902b3db3699726487.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc9d6ea6bc282119adb7d13372a9c9a799d5c5237e59025a5070534c76990ead

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:16:38 GMT
server: cloudflare
age: 497336
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffeb9bb0-FRA

GET
H2 200 50px-Dota2_logo65f2a415ab615416025917.png
cdn.gin.bet/team/ 4 KB
5 KB 61ms
59ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/50px-Dota2_logo65f2a415ab615416025917.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f612029d0e065bfbacafe6a9d6b3f96b7a8ea215abfe3fe724fae58cbac7b0ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Mar 2024 07:15:33 GMT
server: cloudflare
age: 59580
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffec9bb0-FRA

GET
H2 200 t100019666e947ae035c806766954.png
cdn.gin.bet/team/ 23 KB
23 KB 60ms
58ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t100019666e947ae035c806766954.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f7c09da2f37c94281db1d3ba64df5aa249e2458bf326fa42312ac8ca35418cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Sun, 16 Jun 2024 07:30:02 GMT
server: cloudflare
age: 115558
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffef9bb0-FRA

GET
H2 200 43px-AcatSuki_allmode64f5d1cd23c2f987302259.png
cdn.gin.bet/team/ 5 KB
5 KB 62ms
60ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/43px-AcatSuki_allmode64f5d1cd23c2f987302259.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983782836f96308180e87d6c9d99b972f7524da26df4582f499c3d10ca7f811e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:17:12 GMT
server: cloudflare
age: 154884
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fff09bb0-FRA

GET
H2 200 t34830611d255a5272d546995397.png
cdn.gin.bet/team/ 14 KB
14 KB 61ms
59ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t34830611d255a5272d546995397.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1eb66e5d180fa7efaaa575676955a308b3bdef07a2974573d542fb21df7ed3f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:05:41 GMT
server: cloudflare
age: 157722
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fff29bb0-FRA

GET
H2 200 t91321664312fd64104475259457.png
cdn.gin.bet/team/ 115 KB
116 KB 63ms
61ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t91321664312fd64104475259457.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d82330fcdffb99f4688afe387eae9ee07a9c1e0dd2672dbe8d464995264bea4e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 14 May 2024 07:30:05 GMT
server: cloudflare
age: 157722
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fff39bb0-FRA

GET
H2 200 50px-Dota2_logo65f6ef480315e545788069.png
cdn.gin.bet/team/ 4 KB
5 KB 60ms
58ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/50px-Dota2_logo65f6ef480315e545788069.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f612029d0e065bfbacafe6a9d6b3f96b7a8ea215abfe3fe724fae58cbac7b0ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Mar 2024 13:25:28 GMT
server: cloudflare
age: 245422
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fff49bb0-FRA

GET
H2 200 50px-Dota_2_default_allmode66744caa44ab2351777045.png
cdn.gin.bet/team/ 5 KB
5 KB 61ms
59ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/50px-Dota_2_default_allmode66744caa44ab2351777045.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b839145ca37f0105a3f3cf08eb5142e302bbae0d9748dbb337602a7fa69ef94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Jun 2024 15:37:14 GMT
server: cloudflare
age: 245422
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fff59bb0-FRA

GET
H2 200 t934256411740584d8b068084406.png
cdn.gin.bet/team/ 32 KB
33 KB 60ms
59ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t934256411740584d8b068084406.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 892b29f08b97df3eac95baf03ca7c1a6f381b10ab9e4e8d46bfa1371bd6eddbb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:15:04 GMT
server: cloudflare
age: 115623
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fff69bb0-FRA

GET
H2 200 50px-Dota_2_default_allmode66744cae2bc11500901160.png
cdn.gin.bet/team/ 5 KB
5 KB 62ms
60ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/50px-Dota_2_default_allmode66744cae2bc11500901160.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b839145ca37f0105a3f3cf08eb5142e302bbae0d9748dbb337602a7fa69ef94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Jun 2024 15:37:18 GMT
server: cloudflare
age: 154909
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fff79bb0-FRA

GET
H2 200 t9469563c10887173b2631211915.png
cdn.gin.bet/team/ 28 KB
28 KB 60ms
59ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t9469563c10887173b2631211915.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e034cab5e9d9f211e4591f2a7e53a3449a6e198ec97ea55accbdb51dfb1c30e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:13:38 GMT
server: cloudflare
age: 60640
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fff99bb0-FRA

GET
H2 200 dota_generic_team_logo.png
attr-shift.dotabuff.com/ 4 KB
4 KB 35ms
34ms Image
image/png 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://attr-shift.dotabuff.com/dota_generic_team_logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5f5daed58aa5f768f4aa45ba8bb5c12674903dbad221f21fb1ef6ad2f07e514d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
via: 1.1 varnish
age: 2182
x-cache: HIT
content-length: 4087
x-served-by: cache-cph2320030-CPH
last-modified: Wed, 05 Jun 2024 12:28:26 GMT
x-timer: S1719190348.600897,VS0,VE1
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 0

GET
H2 200 t50848611d26bb32af4608468592.png
cdn.gin.bet/team/ 17 KB
17 KB 61ms
59ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t50848611d26bb32af4608468592.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d333485a7a328c6877fdce60f939af7344e366f2a1d13531bbaa3f82c858c5f7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:06:10 GMT
server: cloudflare
age: 3094326
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fffa9bb0-FRA

GET
H2 200 600px-NoPing_e-sports_2021_allmode649885b1b6e65603129653.png
cdn.gin.bet/team/ 106 KB
107 KB 61ms
60ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/600px-NoPing_e-sports_2021_allmode649885b1b6e65603129653.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e7888910a81d130f3c594fd11c94a2c7916916b643642db916b4171b172478

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Feb 2024 09:16:13 GMT
server: cloudflare
age: 240167
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fffb9bb0-FRA

GET
H2 200 50px-Dota2_logo65fa1c99e04d0392439592.png
cdn.gin.bet/team/ 4 KB
5 KB 63ms
61ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/50px-Dota2_logo65fa1c99e04d0392439592.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f612029d0e065bfbacafe6a9d6b3f96b7a8ea215abfe3fe724fae58cbac7b0ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Mar 2024 23:15:37 GMT
server: cloudflare
age: 154909
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fffc9bb0-FRA

GET
H2 200 50px-Dota_2_default_allmode665ebeb7ea77b538818533.png
cdn.gin.bet/team/ 5 KB
5 KB 63ms
62ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/50px-Dota_2_default_allmode665ebeb7ea77b538818533.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b839145ca37f0105a3f3cf08eb5142e302bbae0d9748dbb337602a7fa69ef94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Jun 2024 07:13:59 GMT
server: cloudflare
age: 154909
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fffd9bb0-FRA

GET
H2 200 t99161661f7a7f943d0399543480.png
cdn.gin.bet/team/ 47 KB
48 KB 62ms
60ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t99161661f7a7f943d0399543480.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60fb52d53eaf0a054f420dd7a3a267553171b711899ab23461c4b9d3276e1780

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2024 07:30:07 GMT
server: cloudflare
age: 245422
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38fffe9bb0-FRA

GET
H2 200 t700356649aa7b90b24995985181.png
cdn.gin.bet/team/ 6 KB
6 KB 61ms
60ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t700356649aa7b90b24995985181.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 018575d6e772d626ca4f547b905e21fd545293fb0da96316f37a362da984600e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Sun, 19 May 2024 07:30:03 GMT
server: cloudflare
age: 809848
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38ffff9bb0-FRA

GET
H2 200 t9912265f7ed7f974b9532942908.png
cdn.gin.bet/team/ 54 KB
54 KB 62ms
61ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t9912265f7ed7f974b9532942908.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e69425bd4bc6357f3b08af43c0a1d20a77fc6299336f818be3099791eddbc69c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2024 07:30:07 GMT
server: cloudflare
age: 154911
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38f8009bb0-FRA

GET
H2 200 t980316654367ed9132365050426.png
cdn.gin.bet/team/ 14 KB
14 KB 62ms
61ms Image
image/png 2a07:180::8
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gin.bet/team/t980316654367ed9132365050426.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a07:180::8 , Belize, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1185a127a2a08b8d764fcbb44e72c6d4a40067de235e64d4f28f2d91a65cf555

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
cf-cache-status: HIT
last-modified: Mon, 27 May 2024 07:30:06 GMT
server: cloudflare
age: 416127
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 8988bc38f8029bb0-FRA

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 0492 6 KB
2 KB 35ms
34ms Script
text/javascript 2600:9000:236e:a400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f287cb0446dfeffdb494cca31ccc4bb73f1918d86b933a836b5ab359b5e3c7c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Sh33oRfAJ2cMf0Jw7dxwgH0jSE4VSntu3pNyJ1iTgPGA6kmF-isTyg==

GET
H3 200 deflate.min.js Show response
live.primis.tech/main/js/ Frame 0492 13 KB
7 KB 33ms
33ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/main/js/deflate.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 09:50:08 GMT
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/"64db4a50-3217"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: lQ1_OULNWfnsuCcUuB6wM_t4BvuThsuRW59bWyJm8m4-YSD2CLtbfQ==

GET
H3 200 omweb-v1.min.js Show response
live.primis.tech/content/omid/static/ Frame 0492 39 KB
20 KB 34ms
33ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/omid/static/omweb-v1.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 08:33:05 GMT
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/"64d0ac41-9c3c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: W4wbBaB2fd-7spuUraZ75OiYq_o5MyZzOPgXDO9u3XtQRywkEXnK1A==

GET
H3 200 omid-session-client-v1.js Show response
live.primis.tech/content/omid/static/ Frame 0492 64 KB
20 KB 54ms
53ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/omid/static/omid-session-client-v1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 08:33:05 GMT
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/"64d0ac41-1013e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: A2QeiCFv4D8fuE3Ndy18LxJWnnK7RLnFzAiGeCSbv8apc90sl9UWog==

GET
H3 200 iab_consent_sdk.v1.0.js Show response
live.primis.tech/content/ClientDetections/ Frame 0492 19 KB
8 KB 55ms
54ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/"5e441350-4be0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sXFz6F8yeS8bQ5Uq25YJwLsMQTQlKRSsr3Zoot37fgzBlfN-EA5Fzw==
expires: Tue, 24 Jun 2025 00:52:26 GMT

GET
H3 200 DetectGDPR2.v1.4.js Show response
live.primis.tech/content/ClientDetections/ Frame 0492 9 KB
4 KB 34ms
33ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.4.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e9841498d7693ad1625faaad6aa2312fbd9d5139fea5750cd32325f7f4c097ef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Sun, 17 Mar 2024 18:40:03 GMT
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/"65f73903-251c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: u2bz2aTO7CvuzwYT22t4hKmEZcvmVgSNn3v0mDQSJPp9bLSrjkjtaQ==
expires: Tue, 24 Jun 2025 00:52:27 GMT

GET
H3 200 DetectGDPR.v1.2.js Show response
live.primis.tech/content/ClientDetections/ Frame 0492 8 KB
3 KB 56ms
54ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.2.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: c0a8661cc5f834fabfe540b41a9b5de58b22e6cff5b54ef92f7365540618b9c5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Mon, 18 Dec 2023 11:17:52 GMT
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/"65802a60-2136"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: paGMRDPuBcKdCIVXiFBfSLtOKSrCMA9twtRdAuKagt5fUQ4ZJabw7Q==
expires: Tue, 24 Jun 2025 00:52:27 GMT

GET
H3 200 hls.0.12.4_3.min.js Show response
live.primis.tech/content/video/hls/ Frame 0492 258 KB
115 KB 34ms
34ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 12:48:36 GMT
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/"623b1724-409bc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VJTmXoQlfbh7ilJ3Fd3EU0RCqzOKWFMLCbrQcB6LfNaY8BN4EB1DZw==
expires: Tue, 24 Jun 2025 00:52:27 GMT

GET
H3 200 pal.js Show response
live.primis.tech/content/pal/ Frame 0492 140 KB
68 KB 58ms
57ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/pal/pal.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 678f12cbea984230dc14c0ea0335a149919c34428144e2e80ff951bc49b6e5ee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Sun, 14 Jan 2024 11:28:39 GMT
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/"65a3c567-22ffe"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: STEba8VHF0hWm7n3yk4n6AgMImlFm3mj6FWo61uzmJL29ePOgxF8DA==

GET
H3 200 prebidVid.7.16.0_28.min.js Show response
live.primis.tech/content/prebid/ Frame 0492 553 KB
277 KB 57ms
56ms Script
application/javascript 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_28.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6a5f4fe28c7299a1a30a89c39b64304b3f94341d0c104b5ae50918a395dc1278

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Sun, 16 Jun 2024 10:34:33 GMT
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/"666ebfb9-8a2b1"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ObVdcLRcbqdcWlkzzpHpj3Dy-l3yWwbzGwOCTI9p3vulC2oOwu3Glg==
expires: Tue, 24 Jun 2025 00:52:27 GMT

GET
H3 200 liveVideo.php Show response
live.primis.tech/live/ Frame 0492 651 KB
260 KB 83ms
82ms Script
text/html 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105614&subId=home-sidebar&cbuster=1719190347&pubUrlAuto=https%3A%2F%2F49.12.208.158.sslip.io%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 7dc448042136d529e9fd63630c574efd863619346cc273e450e5cb6cca39104c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:26 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: u236BMcZpeP9DjHwCzF4r1ZHOVrHnRP6csQs5N64Xgm3RTuBU-w-FA==

GET
H3 200 primisslate.css
live.primis.tech/content/video/css/ 18 KB
7 KB 34ms
33ms Stylesheet
text/css 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/css/primisslate.css
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 5904191bceefb2eeb3a93b27faf9c6be9b3e7980c3e0b8683b76c2a7faa1baa8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 09:00:57 GMT
server: nginx
x-amz-cf-pop: FRA60-P1
etag: W/"656ee6c9-47bd"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8vTwJvzX6q6NM3E9cXTUz9B9cQHgyO3HhDgYOlJytsPmZgoRFxNlYg==

OPTIONS
H3 204 integrator.json
pubads.g.doubleclick.net/adsid/ Frame 0
0 118ms
65ms Preflight
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/adsid/integrator.json

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-afma-token-requester-type
Access-Control-Request-Method: GET
Origin: https://49.12.208.158.sslip.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-afma-token-requester-type
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://49.12.208.158.sslip.io
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 24 Jun 2024 00:52:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 0492 308 KB
76 KB 96ms
24ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:35:26 GMT
content-encoding: gzip
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2024 21:55:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1022
x-amz-server-side-encryption: AES256
etag: W/"8f94a6a072a070cbb8299e59a43dbe3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Bt__1SR0ibIfaH6rVD3HYjQUy9Qe_DwpRq9ROpT0090W-VYUYXAWBA==

GET
H2 200 css
fonts.googleapis.com/ Frame 1D35 2 KB
1018 B 75ms
28ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: 49.12.208.158.sslip.io
URL: https://49.12.208.158.sslip.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 23 Jun 2024 23:54:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jun 2024 00:52:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 781 B
459 B 67ms
29ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 00:45:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jun 2024 00:52:27 GMT

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 0492 2 B
369 B 49ms
49ms XHR
application/json 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ1MDtyMxZ2nWRyo182MDA1NWUlMzElNWImNmAmNmt1MDE1JTJGqzyxNwQ5NDI4ZzE0ZWYjZDAjOTYlODA1NC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFq0jmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TxRVq09DOTJuV1JfYwE4Mx1EQTFOV1V5TW1FrU5XSXcOrxF6TacaMU1ERTFMM1cjWxRZME9UUXyPR1cbTxqWoU1HUXqNRGflTWcaq05UUXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrxU1TUReq01EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM01Un3yPRFy4TxRBS2ZRLxFmUzgQS252OVcLZzgXrwRWOXc2OW8jpXZ6ZXt1ZVqJOWuzMzRjZ0VNVFUzqzyxX2NioaRyoaRsnWQ9MmM1MmxlNvZ2nWRsY29hqGVhqF9xZXNwPU1ipzUepzVaqWkupvg5ZWFlLXJiqW5xK3VjZGF0ZXMeo24eqGuynXIeq2F5K2ZipvgEo3RuKmIzqzyxX2NioaRyoaRsqGy0oGU9TW9lZSglZWq1oGFlK3yyYXIgpz91ozQeqXBxYXRyplgiovg0nGVcpvg3YXxeZz9lK0RiqGEeMvZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD04NDY1JaBfYXyypxyhp3RuozNySWQ9MTYkNTpmMwU3MDYlMmx1NDE1NCZ4PTQlOCZ5PTMlOSZjqWJVpzj9nHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmYlRDMlMmQ1RwMjMmM3RDqCNmMmMTM1MmQmMDM1MmYmODMjN0Q3QwQmMmUmNmqEN0I1MmYkNDpmOTp0NUE1MmMkN0E2MTU3NTI2QmU5NxQ0Nwp5NTt3QTUkMmU0QmZBNDU3OTRDNxE0OTp3NEY0MmM0Nmt0RTU0Nwp3NTYmMmM0RTpmNwE1ODQkNmU2MTU3MmtmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMlMmt3RDqCNTxmMmMlMmx3RDqCNwYmMTqEN0I0QmM5MmMmMwMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRwQ5LwElLwIjOC4kNTthp3NfnXAhnW8yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIjMDEyM0EkYwYjJTNBMvUmQTI0MCUmQTMlNDpyM0EyM0EkMCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTI2LwAhMC4jK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwY3OGMmNGJuNwx5MCZwYaVmqGVlPTE3MTxkOTAmNDp5MDMzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 22
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: 3HIZfwMgb2qVxebTubvlwA6wvOREOdyhR7jKuWYiJDMrtL87WcE2SQ==

GET
H3 200 integrator.json Show response
pubads.g.doubleclick.net/adsid/ Frame 0492 15 B
58 B 68ms
28ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/adsid/integrator.json

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/pal/pal.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6cb74b1c20520023a412d8e0bc04e0bcc832be2f66b0a584056db181dcd5a052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-afma-token-requester-type: requester_type_9

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://49.12.208.158.sslip.io
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0492 11 KB
9 KB 72ms
33ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?tid=pal&tv=1.0

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/pal/pal.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

066a3d3e2a91027742bab4ad215f244cf796dac7feac4ccbd610ceac28725cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8737
x-xss-protection: 0

GET
H3 200 liveView.php
live.primis.tech/live/ 0
344 B 35ms
34ms Image
text/html 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTpkOTE5MDM0NlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1NwE0JaN0YT0jJat9NDI4Jax9MmI5JaZcZF9jYXNmRG9gYWyhPTQ5LwElLwIjOC4kNTthp3NfnXAhnW8zp3VvSWQ9nG9gZS1mnWRyYzFlXmQ5LwElLwIjOC4kNTthp3NfnXAhnW8zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZmZGg2PSZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwM0MxQmMDM2MxQmMwM0NUYmMDMmN0Q3QwpmMmEmNTM0MmAmNTM2MmtmMDqEN0I0MmM1Mmp3RDqCNTM2MTQ3Mmx3NDVBNTMmMTqBNwE1NmUlNxM1OTZENDY3OTU4N0E1MTM1NEM2QTQ1Nmx0QmZBNDx3NmRGNDMmNDp4NEU1NDY3NmU2MmMmNEU3MmYkNTt0MTp1NwE1NmM4M0Q3RDqCNwI2MmY4NmI2RwZENwU3RDqCNmE2NDY1NmM2Qwp0NxY3MDqEN0I2Rwp3Nwx2RTY0NxY3NmpmN0Q3QwU4MmQmMwM4N0Q3QwU5MmMmMwM5N0Q3QwY2MmE3RDqCNEMmOTMmMmImMTqERxVGRSZxnWFcZD0zqXNypxyjQWRxpw0lMDAkJTNBMWI2MCUmQTIyM0ElNDAyM0EmMwQ3JTNBJTNBMTAzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTI2LwAhMC4jJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02Nwp4YmM0YzE2OTxjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE3MTxkOTAmNDp4OTQzqWyxPVNyn2yhZG9TUGkurWVlNwY3OGMmNGJvOWVwYlZjqWJVpzj9nHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZCZjrGyxPTM4NmBxZTIkYTFyNGQ4ZGZzNTVvMzVxZzVxNmpjNzFx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: RCB9CHihwXvtZ309VP_CsWKadiVkz_FZvLn9DVFd-QfEYqeX5Orqig==

GET
H2 200 vid649428fa4ef0d009628054.jpg
video.primis.tech/uploads/cn10/video/users/converted/24508/video_60055e22a25b3703785015/ 17 KB
18 KB 100ms
21ms Image
image/jpeg 2600:9000:2491:8a00:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn10/video/users/converted/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.jpg?cbuster=1687431450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9fe89323bd7d8b35e19798754e4ca45a2cb14fdfa22ec11120019463b550c086

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 07:45:30 GMT
via: 1.1 e67eec39bafe7d4b59266632bc2a9886.cloudfront.net (CloudFront), 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2, FRA56-P7
age: 61617
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17385
last-modified: Thu, 22 Jun 2023 11:01:51 GMT
server: nginx
etag: "7c03c5fdc617383581a787b8c5b25393"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: HaJ4rAub7TXY6Bmo-3RA7awPdSAFgZy96VTR3JH5OVJKwrcaUoVOig==
expires: Mon, 24 Jun 2024 07:45:30 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://elo-io.videoplayerhub.com/videoplayer.js
https://btloader.com/tag?h=elo-io&upapi=true

55 KB
19 KB

72ms
28ms

Script
application/javascript

2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=elo-io&upapi=true
Protocol: H2
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51b0d08f23d6d1d7598d5a2a073ff1056562dd265a3937585aeba2d787f5aa5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 24 Jun 2024 00:50:21 GMT
server: cloudflare
age: 87
etag: "a5e8710743e87907d6998a37d6856015"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8988bc3b7e10085a-FRA
content-length: 18711

Redirect headers

date: Mon, 24 Jun 2024 00:52:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yr7oYXDgv3HBG%2FRgOO%2BKqj6gdxeH81wtYGiHj2nBP7SncTeJZeTE%2BeH9qYdmJgaayHsKRhUNIoWrwl%2BBOmIFz20uiINGjLIiOCkczDvXBeRrlzcBJDYRmemBv0axYxR0Qs%2FdjQuBXSnXir4zvd3qtAnY3tcsj2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://btloader.com/tag?h=elo-io&upapi=true
cache-control: max-age=3600
cf-ray: 8988bc3ae9593733-FRA
content-length: 167
expires: Mon, 24 Jun 2024 01:52:27 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
31 KB 88ms
34ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e74137976d56696de669d08e88c6f9ba1cca019428501335b251a91ae44ff672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31468
x-xss-protection: 0
server: cafe
etag: 745 / 19898 / m202406170101 / config-hash: 994685364493883849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Jun 2024 00:52:27 GMT

GET
H2 200 latest.js Show response
static.kueezrtb.com/js/ 57 KB
27 KB 78ms
29ms Script
application/javascript 2606:4700:10::6816:237b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kueezrtb.com/js/latest.js?_=1719190347920
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f43a59271ca03094b0eaa318b26a7b8a35517a37862514ee3a324dd4101f8f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 May 2024 11:15:15 GMT
server: cloudflare
x-amz-request-id: 9HMY7BCRG6NM648S
age: 307293
etag: W/"3c0ea4960f3c69bbde4cd5cd58f49738"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
cf-ray: 8988bc3aefb79054-FRA
x-amz-id-2: qSX1foOgMOtpH0mc6D2YTe1r3UfxYf4db6y72/2uoOkVbDeycN3+2NWZdcMiFAlfOCGVpYH398o=

GET
H2 200 pb.js Show response
attr-shift.dotabuff.com/ 446 KB
135 KB 35ms
34ms Script
text/javascript 199.232.198.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://attr-shift.dotabuff.com/pb.js?upapi=true
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/cargo.js?upapi=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f20d7f217d790da494d8650f43f8eb037356ad3b0cfe2c0f2fd0ceb62219807e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 varnish
age: 870
x-cache: HIT
content-length: 137650
x-served-by: cache-cph2320030-CPH
last-modified: Wed, 05 Jun 2024 12:28:26 GMT
x-timer: S1719190348.935480,VS0,VE1
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Content-Length, Content-Type, X-Engage-Path
x-cache-hits: 0

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 0492 46 KB
8 KB 53ms
52ms XHR
application/json 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ1MDtyMxZ2nWRyo182MDA1NWUlMzElNWImNmAmNmt1MDE1JTJGqzyxNwQ5NDI4ZzE0ZWYjZDAjOTYlODA1NC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFq0jmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TxRVq09DOTJuV1JfYwE4Mx1EQTFOV1V5TW1FrU5XSXcOrxF6TacaMU1ERTFMM1cjWxRZME9UUXyPR1cbTxqWoU1HUXqNRGflTWcaq05UUXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrxU1TUReq01EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM01Un3yPRFy4TxRBS2ZRLxFmUzgQS252OVcLZzgXrwRWOXc2OW8jpXZ6ZXt1ZVqJOWuzMzRjZ0VNVFUzqzyxX2NioaRyoaRsnWQ9MmM1MmxlNvZ2nWRsY29hqGVhqF9xZXNwPU1ipzUepzVaqWkupvg5ZWFlLXJiqW5xK3VjZGF0ZXMeo24eqGuynXIeq2F5K2ZipvgEo3RuKmIzqzyxX2NioaRyoaRsqGy0oGU9TW9lZSglZWq1oGFlK3yyYXIgpz91ozQeqXBxYXRyplgiovg0nGVcpvg3YXxeZz9lK0RiqGEeMvZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD04NDY1JaBfYXyypxyhp3RuozNySWQ9MTYkNTpmMwU3MDYlMmx1NDE1NCZ4PTQlOCZ5PTI0MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmYlRDMlMmQ1RwMjMmM3RDqCNmMmMTM1MmQmMDM1MmYmODMjN0Q3QwQmMmUmNmqEN0I1MmYkNDpmOTp0NUE1MmMkN0E2MTU3NTI2QmU5NxQ0Nwp5NTt3QTUkMmU0QmZBNDU3OTRDNxE0OTp3NEY0MmM0Nmt0RTU0Nwp3NTYmMmM0RTpmNwE1ODQkNmU2MTU3MmtmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMlMmt3RDqCNTxmMmMlMmx3RDqCNwYmMTqEN0I0QmM5MmMmMwMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRwQ5LwElLwIjOC4kNTthp3NfnXAhnW8yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIjMDEyM0EkYwYjJTNBMvUmQTI0MCUmQTMlNDpyM0EyM0EkMCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTI2LwAhMC4jK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwY3OGMmNGJuNwx5MCZwYaVmqGVlPTE3MTxkOTAmNDp5NDxzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 80311e96e7352e0be1854ef87e4d655af2fa691da6001636d0671ef0cef3e842

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 7648
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: Q4JzfSzbaEa6MAFxkxMg9aAV1A_nBzlEx4BhSPJZjjd6uJV3SfIBkA==

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 0492 2 B
369 B 46ms
45ms XHR
application/json 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ1MDtyMxZ2nWRyo182MDA1NWUlMzElNWImNmAmNmt1MDE1JTJGqzyxNwQ5NDI4ZzE0ZWYjZDAjOTYlODA1NC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFq0jmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TxRVq09DOTJuV1JfYwE4Mx1EQTFOV1V5TW1FrU5XSXcOrxF6TacaMU1ERTFMM1cjWxRZME9UUXyPR1cbTxqWoU1HUXqNRGflTWcaq05UUXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrxU1TUReq01EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM01Un3yPRFy4TxRBS2ZRLxFmUzgQS252OVcLZzgXrwRWOXc2OW8jpXZ6ZXt1ZVqJOWuzMzRjZ0VNVFUzqzyxX2NioaRyoaRsnWQ9MmM1MmxlNvZ2nWRsY29hqGVhqF9xZXNwPU1ipzUepzVaqWkupvg5ZWFlLXJiqW5xK3VjZGF0ZXMeo24eqGuynXIeq2F5K2ZipvgEo3RuKmIzqzyxX2NioaRyoaRsqGy0oGU9TW9lZSglZWq1oGFlK3yyYXIgpz91ozQeqXBxYXRyplgiovg0nGVcpvg3YXxeZz9lK0RiqGEeMvZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD04NDY1JaBfYXyypxyhp3RuozNySWQ9MTYkNTpmMwU3MDYlMmx1NDE1NCZ4PTQlOCZ5PTI0MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmYlRDMlMmQ1RwMjMmM3RDqCNmMmMTM1MmQmMDM1MmYmODMjN0Q3QwQmMmUmNmqEN0I1MmYkNDpmOTp0NUE1MmMkN0E2MTU3NTI2QmU5NxQ0Nwp5NTt3QTUkMmU0QmZBNDU3OTRDNxE0OTp3NEY0MmM0Nmt0RTU0Nwp3NTYmMmM0RTpmNwE1ODQkNmU2MTU3MmtmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMlMmt3RDqCNTxmMmMlMmx3RDqCNwYmMTqEN0I0QmM5MmMmMwMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRwQ5LwElLwIjOC4kNTthp3NfnXAhnW8yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIjMDEyM0EkYwYjJTNBMvUmQTI0MCUmQTMlNDpyM0EyM0EkMCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTI2LwAhMC4jK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwY3OGMmNGJuNwx5MCZwYaVmqGVlPTE3MTxkOTAmNDp5NDxzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 22
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: LhyFQNBXyU-Eky4cXMmwD2Jb0qVLmR-5s4x3OVenurEs1LfSFsXrPQ==

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 0492 2 B
369 B 51ms
50ms XHR
application/json 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ1MDtyMxZ2nWRyo182MDA1NWUlMzElNWImNmAmNmt1MDE1JTJGqzyxNwQ5NDI4ZzE0ZWYjZDAjOTYlODA1NC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFq0jmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TxRVq09DOTJuV1JfYwE4Mx1EQTFOV1V5TW1FrU5XSXcOrxF6TacaMU1ERTFMM1cjWxRZME9UUXyPR1cbTxqWoU1HUXqNRGflTWcaq05UUXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrxU1TUReq01EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM01Un3yPRFy4TxRBS2ZRLxFmUzgQS252OVcLZzgXrwRWOXc2OW8jpXZ6ZXt1ZVqJOWuzMzRjZ0VNVFUzqzyxX2NioaRyoaRsnWQ9MmM1MmxlNvZ2nWRsY29hqGVhqF9xZXNwPU1ipzUepzVaqWkupvg5ZWFlLXJiqW5xK3VjZGF0ZXMeo24eqGuynXIeq2F5K2ZipvgEo3RuKmIzqzyxX2NioaRyoaRsqGy0oGU9TW9lZSglZWq1oGFlK3yyYXIgpz91ozQeqXBxYXRyplgiovg0nGVcpvg3YXxeZz9lK0RiqGEeMvZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD04NDY1JaBfYXyypxyhp3RuozNySWQ9MTYkNTpmMwU3MDYlMmx1NDE1NCZ4PTQlOCZ5PTI0MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmYlRDMlMmQ1RwMjMmM3RDqCNmMmMTM1MmQmMDM1MmYmODMjN0Q3QwQmMmUmNmqEN0I1MmYkNDpmOTp0NUE1MmMkN0E2MTU3NTI2QmU5NxQ0Nwp5NTt3QTUkMmU0QmZBNDU3OTRDNxE0OTp3NEY0MmM0Nmt0RTU0Nwp3NTYmMmM0RTpmNwE1ODQkNmU2MTU3MmtmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMlMmt3RDqCNTxmMmMlMmx3RDqCNwYmMTqEN0I0QmM5MmMmMwMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRwQ5LwElLwIjOC4kNTthp3NfnXAhnW8yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIjMDEyM0EkYwYjJTNBMvUmQTI0MCUmQTMlNDpyM0EyM0EkMCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTI2LwAhMC4jK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwY3OGMmNGJuNwx5MCZwYaVmqGVlPTE3MTxkOTAmNDp5NDxzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 22
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: sWT7X5Xn4FRHIPItgbcaAp_dX1pVLPMpiZwToGPzhq3wCfBK0jKR6w==

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 0492 46 KB
8 KB 53ms
50ms XHR
application/json 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ1MDtyMxZ2nWRyo182MDA1NWUlMzElNWImNmAmNmt1MDE1JTJGqzyxNwQ5NDI4ZzE0ZWYjZDAjOTYlODA1NC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFq0jmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TxRVq09DOTJuV1JfYwE4Mx1EQTFOV1V5TW1FrU5XSXcOrxF6TacaMU1ERTFMM1cjWxRZME9UUXyPR1cbTxqWoU1HUXqNRGflTWcaq05UUXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrxU1TUReq01EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM01Un3yPRFy4TxRBS2ZRLxFmUzgQS252OVcLZzgXrwRWOXc2OW8jpXZ6ZXt1ZVqJOWuzMzRjZ0VNVFUzqzyxX2NioaRyoaRsnWQ9MmM1MmxlNvZ2nWRsY29hqGVhqF9xZXNwPU1ipzUepzVaqWkupvg5ZWFlLXJiqW5xK3VjZGF0ZXMeo24eqGuynXIeq2F5K2ZipvgEo3RuKmIzqzyxX2NioaRyoaRsqGy0oGU9TW9lZSglZWq1oGFlK3yyYXIgpz91ozQeqXBxYXRyplgiovg0nGVcpvg3YXxeZz9lK0RiqGEeMvZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD04NDY1JaBfYXyypxyhp3RuozNySWQ9MTYkNTpmMwU3MDYlMmx1NDE1NCZ4PTQlOCZ5PTI0MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmYlRDMlMmQ1RwMjMmM3RDqCNmMmMTM1MmQmMDM1MmYmODMjN0Q3QwQmMmUmNmqEN0I1MmYkNDpmOTp0NUE1MmMkN0E2MTU3NTI2QmU5NxQ0Nwp5NTt3QTUkMmU0QmZBNDU3OTRDNxE0OTp3NEY0MmM0Nmt0RTU0Nwp3NTYmMmM0RTpmNwE1ODQkNmU2MTU3MmtmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMlMmt3RDqCNTxmMmMlMmx3RDqCNwYmMTqEN0I0QmM5MmMmMwMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRwQ5LwElLwIjOC4kNTthp3NfnXAhnW8yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIjMDEyM0EkYwYjJTNBMvUmQTI0MCUmQTMlNDpyM0EyM0EkMCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTI2LwAhMC4jK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwY3OGMmNGJuNwx5MCZwYaVmqGVlPTE3MTxkOTAmNDp5NTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: d1193db8f771e2decd7f6eb85d285ee2bc0a56414457742eb748f4aac887b97d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 7645
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: gqH5974oFHQaWIuE182LeeeohSkfQ7EkRiKDbGCSKS6h5VzR7rWApw==

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 0492 46 KB
8 KB 53ms
51ms XHR
application/json 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ1MDtyMxZ2nWRyo182MDA1NWUlMzElNWImNmAmNmt1MDE1JTJGqzyxNwQ5NDI4ZzE0ZWYjZDAjOTYlODA1NC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFq0jmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TxRVq09DOTJuV1JfYwE4Mx1EQTFOV1V5TW1FrU5XSXcOrxF6TacaMU1ERTFMM1cjWxRZME9UUXyPR1cbTxqWoU1HUXqNRGflTWcaq05UUXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrxU1TUReq01EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM01Un3yPRFy4TxRBS2ZRLxFmUzgQS252OVcLZzgXrwRWOXc2OW8jpXZ6ZXt1ZVqJOWuzMzRjZ0VNVFUzqzyxX2NioaRyoaRsnWQ9MmM1MmxlNvZ2nWRsY29hqGVhqF9xZXNwPU1ipzUepzVaqWkupvg5ZWFlLXJiqW5xK3VjZGF0ZXMeo24eqGuynXIeq2F5K2ZipvgEo3RuKmIzqzyxX2NioaRyoaRsqGy0oGU9TW9lZSglZWq1oGFlK3yyYXIgpz91ozQeqXBxYXRyplgiovg0nGVcpvg3YXxeZz9lK0RiqGEeMvZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTMzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD04NDY1JaBfYXyypxyhp3RuozNySWQ9MTYkNTpmMwU3MDYlMmx1NDE1NCZ4PTM1MCZ5PTE5NlZjqWJVpzj9nHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmYlRDMlMmQ1RwMjMmM3RDqCNmMmMTM1MmQmMDM1MmYmODMjN0Q3QwQmMmUmNmqEN0I1MmYkNDpmOTp0NUE1MmMkN0E2MTU3NTI2QmU5NxQ0Nwp5NTt3QTUkMmU0QmZBNDU3OTRDNxE0OTp3NEY0MmM0Nmt0RTU0Nwp3NTYmMmM0RTpmNwE1ODQkNmU2MTU3MmtmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMlMmt3RDqCNTxmMmMlMmx3RDqCNwYmMTqEN0I0QmM5MmMmMwMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRwQ5LwElLwIjOC4kNTthp3NfnXAhnW8yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIjMDEyM0EkYwYjJTNBMvUmQTI0MCUmQTMlNDpyM0EyM0EkMCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTI2LwAhMC4jK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwY3OGMmNGJuNwx5MCZwYaVmqGVlPTE3MTxkOTAmNDp5NTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: a86c4e6d1de0285e191cb8721d31b9aaaf8b7809dd36715ed9fe15bfcea72d73

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 7642
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: DghumXW0FZrwex_hvMTdYR5EjcO0ec8dYrn5_3p9CKA9Oks1puoydA==

GET
H3 200 liveView.php Show response
live.primis.tech/live/ Frame 0492 54 KB
8 KB 54ms
52ms XHR
application/json 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTAyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwQ1MDtyMxZ2nWRyo182MDA1NWUlMzElNWImNmAmNmt1MDE1JTJGqzyxNwQ5NDI4ZzE0ZWYjZDAjOTYlODA1NC5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFq0jmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TxRVq09DOTJuV1JfYwE4Mx1EQTFOV1V5TW1FrU5XSXcOrxF6TacaMU1ERTFMM1cjWxRZME9UUXyPR1cbTxqWoU1HUXqNRGflTWcaq05UUXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOrxU1TUReq01EQXqMQW9aSUNBZ0ygVwRwQ0x2SURFM01Un3yPRFy4TxRBS2ZRLxFmUzgQS252OVcLZzgXrwRWOXc2OW8jpXZ6ZXt1ZVqJOWuzMzRjZ0VNVFUzqzyxX2NioaRyoaRsnWQ9MmM1MmxlNvZ2nWRsY29hqGVhqF9xZXNwPU1ipzUepzVaqWkupvg5ZWFlLXJiqW5xK3VjZGF0ZXMeo24eqGuynXIeq2F5K2ZipvgEo3RuKmIzqzyxX2NioaRyoaRsqGy0oGU9TW9lZSglZWq1oGFlK3yyYXIgpz91ozQeqXBxYXRyplgiovg0nGVcpvg3YXxeZz9lK0RiqGEeMvZ2nWRsY29hqGVhqF9xqXJuqGyiow02MSZjoGFwZW1yoaRTqHJyYW1UrXByPTEzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD04NDY1JaBfYXyypxyhp3RuozNySWQ9MTYkNTpmMwU3MDYlMmx1NDE1NCZ4PTM1MCZ5PTE5NlZjqWJVpzj9nHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmQlRDMjMmYlRDMlMmQ1RwMjMmM3RDqCNmMmMTM1MmQmMDM1MmYmODMjN0Q3QwQmMmUmNmqEN0I1MmYkNDpmOTp0NUE1MmMkN0E2MTU3NTI2QmU5NxQ0Nwp5NTt3QTUkMmU0QmZBNDU3OTRDNxE0OTp3NEY0MmM0Nmt0RTU0Nwp3NTYmMmM0RTpmNwE1ODQkNmU2MTU3MmtmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMlMmt3RDqCNTxmMmMlMmx3RDqCNwYmMTqEN0I0QmM5MmMmMwMkN0RGRUZFJzFjpE5uoWU9JzymQXBjPTAzYXBjSWQ9JzRcYWyxPSZupHBCqW5xoGVJZD1bqHRjplUmQSUlRvUlRwQ5LwElLwIjOC4kNTthp3NfnXAhnW8yMxYzYXBjU3RipzVVpzj9JzFjpFBlnXZuY3yQo2kcY3x9JzFjpEymUGFcZD0zYXBjVzVlp2yiow0zp2Reqw0zYXBjRGV2ZWkipGVlPSZaZW9MYXRcPTUkLwI5OTMzZ2ViTG9hZm05LwQ5MSZ1p2VlSXBBZGRlPTIjMDEyM0EkYwYjJTNBMvUmQTI0MCUmQTMlNDpyM0EyM0EkMCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTI2LwAhMC4jK1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zYXZunWkDYW1jYWyaoaM9JzymQXBjSaM9MCZwp3V1nWQ9NwY3OGMmNGJuNwx5MCZwYaVmqGVlPTE3MTxkOTAmNDp5NTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032342D30362D32345F30337D7B7331353430353638307D7B4335377D7B53614739745A53317A6157526C596D4679587A51354C6A45794C6A49774F4334784E54677563334E73615841756157383D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583432387D7B593332397D7B66317D7B4C393332317DFEFE&userIpAddr=2001%3A1b60%3A2%3A240%3A3247%3A%3A10&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=off&isDoublePreroll=0&autoSkipVideoSec=20&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1719190347&csuuid=6678c34ba6990&debugInfo=15405680_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15405680&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2111mysovphz&secondaryContent=&x=428&y=329&pubUrl=https%3A%2F%2F49.12.208.158.sslip.io%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=1&impGap=1&flow_width=350&flow_height=197&videoType=flow&isOriginImg=0&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=9321&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=home-sidebar&appName=&appBundleId=https%3A%2F%2F49.12.208.158.sslip.io%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: fb2fc077500045af95282868c49b05a0f2adbf107adcddcc83a2c202eae786af

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
age: 0
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
content-length: 8142
pragma: no-cache
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: TZd0hP2z0M7C-mPrU3cX-moJ24Y2bFJ0fKk_n-TbIrmb0roqFDUEtg==

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 73ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://49.12.208.158.sslip.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:10:06 GMT
x-content-type-options: nosniff
age: 466942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 15:10:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D35 15 KB
15 KB 68ms
22ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://49.12.208.158.sslip.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:43:19 GMT
x-content-type-options: nosniff
age: 468549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:43:19 GMT

GET
H2 200 xdEizrWJ.js Show response
tpc.googlesyndication.com/sodar/ Frame 0492 41 KB
15 KB 86ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/xdEizrWJ.js

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/pal/pal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5d122ceb58926c5fc3da5d1d664684af89e5dc8f6ee490449ef4e1f4f1da790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 08:51:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15273
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jun 2025 08:51:20 GMT

GET
H2 200 vid649428fa4ef0d009628054_thumb.jpg
video.primis.tech/uploads/cn10/video/users/converted/24508/video_60055e22a25b3703785015/ 3 KB
3 KB 23ms
22ms Image
image/jpeg 2600:9000:2491:8a00:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn10/video/users/converted/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054_thumb.jpg?cbuster=1687431450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a4d49258ae5659a796d9aeb34e86f0ccd6f8e1795cd1d6197603ed8e5411bc88

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 09:18:52 GMT
via: 1.1 d439433d975e4e608c1677c8e16e7fe2.cloudfront.net (CloudFront), 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2, FRA56-P7
age: 56016
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2601
last-modified: Thu, 22 Jun 2023 11:01:53 GMT
server: nginx
etag: "3b2819b4ec69f2daea60c204ec18aa7c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 1po2vSoU2VMwp7zKRw2CkIg91DijghAChP-EJCBIMhYcQOvAsQ1hsQ==
expires: Mon, 24 Jun 2024 09:18:52 GMT

GET
H2 200 vid64fcf8508c858413676622_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/28307/video_60978e78b6d52638342077/ 2 KB
3 KB 22ms
21ms Image
image/jpeg 2600:9000:2491:8a00:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn1/video/users/converted/28307/video_60978e78b6d52638342077/vid64fcf8508c858413676622_thumb.jpg?cbuster=1694301370
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 02b4e5154bbb6d67308a477042e6d671eaec1b22179599558235b83c68e7b1f6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 11:59:53 GMT
via: 1.1 4a21175361a1e842a337986b5f7399aa.cloudfront.net (CloudFront), 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2, FRA56-P7
age: 50220
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2121
last-modified: Sat, 09 Sep 2023 23:16:11 GMT
server: nginx
etag: "184c39dd25f73bf01fa9a8d9c312ce99"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: YekA0irmwHEkcRG4Zth4geJzyL1XQ3rVyJJM4YwjzY3poK2hgbAk2g==
expires: Mon, 24 Jun 2024 10:55:28 GMT

GET
H2 200 vid660a63c168854949249909_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/31609/video_6602d683a5b1f449367674/ 7 KB
8 KB 36ms
35ms Image
image/jpeg 2600:9000:2491:8a00:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn1/video/users/converted/31609/video_6602d683a5b1f449367674/vid660a63c168854949249909_thumb.jpg?cbuster=1711957446
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 04a8e81db01d3f86384c3994c9dba27dd2bcd551d1a66b6da191c18b4b8138a1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:16:36 GMT
via: 1.1 5893c71b6cde828b408a700f9c0673b0.cloudfront.net (CloudFront), 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2, FRA56-P7
age: 38169
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7231
last-modified: Mon, 01 Apr 2024 07:44:07 GMT
server: nginx
etag: "e67690234ef801f25f5e2fd59b4718bf"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: OikV5-kCdfpO1Pc8n8cndacR4dHNNmW61mtL2p43n0F1n8VoxfMeRA==
expires: Mon, 24 Jun 2024 14:16:18 GMT

GET
H2 200 vid66780ab0d0bea070682664_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/31590/video_656888c94214f045387718/ 2 KB
2 KB 22ms
22ms Image
image/jpeg 2600:9000:2491:8a00:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn1/video/users/converted/31590/video_656888c94214f045387718/vid66780ab0d0bea070682664_thumb.jpg?cbuster=1719143091
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 99c5847bb5e580d12552fe4c7fc01a666f9e6f4054386bddeeb4efb19525adbd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 13:21:05 GMT
via: 1.1 1bf457d3d7fed552451c3ab5896fde02.cloudfront.net (CloudFront), 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2, FRA56-P7
age: 41482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2028
last-modified: Sun, 23 Jun 2024 11:45:12 GMT
server: nginx
etag: "da7d85230625d00f1ce42962de733367"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: IScPGqe--P7tzXBLtm7YDJ8D9eNL6_akTlhw8cerll76fnu8tRtwWQ==
expires: Mon, 24 Jun 2024 13:21:05 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0492 6 KB
3 KB 66ms
26ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 09:05:56 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 56793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 2re2NmSp_nzhiBu--xGH5mJf_KFosg8MPre5Ciob8Zsfm5gUnPuojQ==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 308 KB
0 96ms
24ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: attr-shift.dotabuff.com
URL: https://attr-shift.dotabuff.com/pb.js?upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:35:26 GMT
content-encoding: gzip
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2024 21:55:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1022
x-amz-server-side-encryption: AES256
etag: W/"8f94a6a072a070cbb8299e59a43dbe3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Bt__1SR0ibIfaH6rVD3HYjQUy9Qe_DwpRq9ROpT0090W-VYUYXAWBA==

GET
H2 204 dye
track.kueezrtb.com/ 0
62 B 128ms
119ms Image
text/plain 2606:4700:10::6816:237b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=3a1e2d4efdc0660d&sid=9baeca92cee5d06c&pvi=e8daa5896d3a8693&h=49.12.208.158.sslip.io&wh=1600x1200&b=Chrome&bv=126.0.0.0&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2F49.12.208.158.sslip.io%2F&sr=1600x1200&type=latest:preinit&_=1719190348136
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8988bc3bf81e9054-FRA

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 147ms
137ms Image
text/plain 2606:4700:10::6816:237b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=3a1e2d4efdc0660d&sid=9baeca92cee5d06c&pvi=e8daa5896d3a8693&h=49.12.208.158.sslip.io&wh=1600x1200&b=Chrome&bv=126.0.0.0&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2F49.12.208.158.sslip.io%2F&sr=1600x1200&type=latest:preinit&_=1719190348136
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8988bc3bf8209054-FRA

GET
H2 204 dye
track.kueezrtb.com/ 0
31 B 128ms
119ms Image
text/plain 2606:4700:10::6816:237b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.kueezrtb.com/dye?ac=2&acm=G3L&uid=3a1e2d4efdc0660d&sid=9baeca92cee5d06c&pvi=e8daa5896d3a8693&h=49.12.208.158.sslip.io&wh=1600x1200&b=Chrome&bv=126.0.0.0&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2F49.12.208.158.sslip.io%2F&sr=1600x1200&type=latest:noop&_=1719190348136
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8988bc3bf81d9054-FRA

GET
H2 204 dye
gtrack.kueezrtb.com/ 0
31 B 150ms
141ms Image
text/plain 2606:4700:10::6816:237b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.kueezrtb.com/dye?ac=2&acm=G3L&uid=3a1e2d4efdc0660d&sid=9baeca92cee5d06c&pvi=e8daa5896d3a8693&h=49.12.208.158.sslip.io&wh=1600x1200&b=Chrome&bv=126.0.0.0&dev=&os=Windows%2010&p=&uri=%2F&furl=https%3A%2F%2F49.12.208.158.sslip.io%2F&sr=1600x1200&type=latest:noop&_=1719190348136
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:237b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8988bc3bf81f9054-FRA

GET
H2 200 0eec04d1-9e6a-416c-af5d-b8b143f251bd Show response
config.aps.amazon-adsystem.com/configs/ 563 B
839 B 123ms
21ms Script
application/javascript 18.245.31.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/0eec04d1-9e6a-416c-af5d-b8b143f251bd
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-9.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e6c1d703aa6c715db08ad3c187fe3daf929d96cb055d60343a086e2144a357b3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:31:50 GMT
via: 1.1 f36453eb82bc9ab0c6e360ac52cc5972.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 1238
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: Jfi0Q5sgNxn_l-qLRewlfBER1UUL5Nk4YkkqKpxmVO8qt0d4RZoEkA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 119ms
118ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2F49.12.208.158.sslip.io&pubid=0eec04d1-9e6a-416c-af5d-b8b143f251bd
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:27 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: LraReiGzeVdCTvJ6S_JQQEysrT5Pnf06bYtXYYWPgszzUuHb8wST6A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
0 0ms
0ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 09:05:56 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 56793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 2re2NmSp_nzhiBu--xGH5mJf_KFosg8MPre5Ciob8Zsfm5gUnPuojQ==

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 0492 184 B
492 B 133ms
20ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_28.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 54c1374b67330956156e1020fc12df1485f8f188bb8cfb4d49747d7d20ea7436

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/3.2.0
vary: origin
Content-Type: application/json
access-control-allow-origin: https://49.12.208.158.sslip.io
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 173
Expires: 0

GET
H2 200 avjp Show response
elo-d.openx.net/v/1.0/ Frame 0492 106 B
512 B 115ms
39ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://elo-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2F49.12.208.158.sslip.io%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4eb0d75e-025a-4e2b-a7d8-ea891cbb466b&nocache=1719190348176&gdpr=0&pubcid=cb03d3c6-91bd-4764-9396-c003cd70bbbe&auid=545685409&vwd=428&vht=241&aucs=adUnit_1&aumfs=1200
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_28.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:52:28 GMT
via: 1.1 google
server: OXGW/0.0.0
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 liveInternalSsp.php Show response
rtb.primis.tech/live/ Frame 0492 25 B
516 B 678ms
667ms XHR
text/html 2600:9000:236e:a400:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22comp%22%3Afalse%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0E0MwtyMxMyMwJbZWyanHQyMwIyM0ElNDEyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMlUlQlUlMzyjJTIlJTNBJTIlMwAjMSUmQTFvNwAyM0ElJTNBMwQjJTNBMmI0NlUmQSUmQTEjJTIlJTJDJTIlZ2ViSWQyMwIyM0E1NlUlQlUlMzFfpGuuMxqyolUlMvUmQSUlMxRFJTIlJTJDJTIlZGV2nWNyqHyjZSUlMvUmQTIyMxMyMwJ0rHREZXZcY2V0rXByJTIlJTNBJTIlZGVmn3RipCUlMvUlQlUlMzJlo3qmZXIyMwIyM0EyMwJwnHJioWUyMwIyMxMyMwJiplUlMvUmQSUlMyqcozRiq3MyMwIyMxMyMwJ0rHRPplUlMvUmQSUlMaqcozRiq3MyMwIyMxMyMwJxZXZcY2VNo2RyoCUlMvUmQSUlMvUlMvUlQlUlMz9mVzVlp2yiovUlMvUmQSUlMwEjLwAyMwIyMxMyMwJxZXZcY2VNYW51ZzFwqHVlZXIyMwIyM0EyMwIyMwIyMxMyMwJxZXZcY2VDo2RyTzFgZSUlMvUmQSUlMvUlMvUlQlUlMaVmZXJBZ2VhqCUlMvUmQSUlMx1irzyfoGEyMxY1LwAyMwAbV2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0KSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjKEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giKSUlMENbpz9gZSUlRwElNv4jLwAhMCUlMFNuZzFlnSUlRwUmNl4mNvUlMvUlQlUlMzkuqCUlMvUmQSUlMwUkLwI5OTMyMwIyMxMyMwJfo24yMwIyM0EyMwI5LwQ5MSUlMvUlQlUlMzFjpE5uoWUyMwIyM0EyMwIyMwIyMxMyMwJupHBJZCUlMvUmQSUlMvUlMvUlQlUlMzymQXBjJTIlJTNBMCUlQlUlMzFjpEJ1ozRfZUyxJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJTIlJTJDJTIlYXBjU3RipzVVpzjyMwIyM0EyMwIyMwIyMxMyMwJupHBQpzy2YWN5UG9fnWN5JTIlJTNBJTIlJTIlJTJDJTIlYXBjSXNQYWyxJTIlJTNBJTIlJTIlJTJDJTIlYXBjRGV2ZWkipGVlJTIlJTNBJTIlJTIlJTJDJTIlnWZuJTIlJTNBJTIlJTIlJTJDJTIlnWZ2JTIlJTNBJTIlJTIlJTJDJTIlYXR0plUlMvUmQTAyMxMyMwJupHBWZXJmnW9hJTIlJTNBJTIlJTIlJTJDJTIlpzVzZXJlZXIyMwIyM0EyMwJbqHRjplUmQSUlRvUlRwQ5LwElLwIjOC4kNTthp3NfnXAhnW8yMxYyMwIyMxMyMwJjYWqyJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJTIlJTJDJTIlZ2RjpvUlMvUmQTEyMxMyMwJaZHBlQ29hp2VhqCUlMvUmQSUlMvUlMvUlQlUlMzymV2VQYXNmR2RjpvUlMvUmQSUlMwAyMwIyMxMyMwJwY3BuJTIlJTNBMCUlQlUlMzNwpGFDo25mZW50JTIlJTNBJTIlJTIlJTJDJTIlZG9gYWyhJTIlJTNBJTIlNDxhMTIhMwA4LwE1OC5mp2kcpC5colUlMvUlQlUlMaqyYaNcqGUyMwIyM0EyMwJ3q3php2VenW5xol5wo20yMwIyMxMyMwJmZWN1pzUyMwIyM0EkJTJDJTIlZ2ViU291pzNyJTIlJTNBJTIlSVAyMwIyMxMyMwJwo3BjYSUlMvUmQTAyMxMyMwJ1qWyxJTIlJTNBJTIlNwY3OGMmNGJuNwx5MCUlMvUlQlUlMzV4qFVmZXJJZHMyMwIyM0EyNUIyN0IyMwJmo3VlY2UyMwIyM0EyMwJjqWJwnWQho3JaJTIlJTJDJTIlqWyxplUlMvUmQSU1QvU3QvUlMzyxJTIlJTNBJTIlY2IjM2QmYmYgOTFvZC00NmY0LTxmOTYgYmAjM2NxNmBvYzJyJTIlJTJDJTIlYXR5pGUyMwIyM0EkJTqEJTVEJTqEJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwIyMwIyMxMyMwJmnXRySWQyMwIyM0EkMDU2MTQyMxMyMwJjqWJfnXNbZXJJZCUlMvUmQTMjMDY1JTJDJTIlpzVanW9hJTIlJTNBJTIlRyIyMwIyMxMyMwJwYW1jYWyaoaMyMwIyM0EyN0IyMwI4Nwp4NlUlMvUmQSU3QvUlMaRlYWNeZXIyMwIyM0EyMwJwYW1jYWyaoxZlZXFDYXAyM0QjJTI1MxYjJTI2Y2FgpGFcZ25JZCUmRDt2Nmt3JTI2p3BuY2UlQWRJZCUmRDE3MwYmMTpmJTIlJTJDJTIlpHJyYzyxTaNmpEyhZGV4JTIlJTNBMCUlQlUlMaNjYWNyMxFxSWQyMwIyM0EyMwIkNmI2MmE3MlUlMvUlQlUlMzRyYWjyMwIyM0EyN0IyMwJcp1J0YxRyYWjyMwIyM0EjJTJDJTIlpaRvRGVuoEyxJTIlJTNBJTIlJTIlJTJDJTIlpaRvU2VuqEyxJTIlJTNBJTIlJTIlJTqEJTJDJTIlpaRvV1NyYXQyMwIyM0EyMwIyMwIyMxMyMwJwYW1jYWyaoxyxJTIlJTNBODY3ODpyMxMyMwJwYW1jYWyaoyNwo3ByJTIlJTNBJTIlpHJcqzF0ZSUlMvUlQlUlMzyhqGVlozFfQaV5ZXJVnWQyMwIyM0EyMwIyMwIyMxMyMwJynWROYW1yJTIlJTNBJTIln3VyZXbhY29gJTIlJTJDJTIlYWRVp2VlSWQyMwIyM0EmMDA2NSUlQlUlMzJwYXQyMwIyM0EyNUIyNUQyMxMyMwJvYWR2JTIlJTNBJTVCJTVEJTJDJTIlYzFmZUZfo29lJTIlJTNBMS4lJTJDJTIlZXu0JTIlJTNBJTqCJTIlpGFlqG5ypvUlMvUmQSUlMwE1MSUlMvUlQlUlMaJyqyNbYXJyJTIlJTNBJTIlMS4jMCUlMvUlQlUlMaVhnXF1ZUyxJTIlJTNBJTIlNwYkZwZvMTx5MzQkYWEjZTUjOGRzM2U0JTIlJTqEJTJDJTIlYaV5ZXJVnWQyMwIyM0EyMwIyMwIyMxMyMwJlZWZypzVhY2VJZCUlMvUmQTIyMxMyMwJvnWRzoG9ipvUlMvUmQTEhMvUlQlUlMzymRz9lY2VJoaN0pzVuoSUlMvUmQWZuoHNyJTJDJTIlp2NbYWyhJTIlJTNBZzFfp2UyMxMyMwJ2nWRyo1BfYWNyoWVhqFR5pGUyMwIyM0EmJTJDJTIlqzyxZW9QoGNgqFR5pGUyMwIyM0ElJTqEJTqEJTJDJTIlpGkuY2VgZW50Q2F0JTIlJTNBJTVCJTIlSUFCOS0mMCUlMvU1RCUlQlUlMaZcZGViUGkwoXRUrXByJTIlJTNBMvUlQlUlMaBfYXyvYWNeoWV0nG9xJTIlJTNBJTVCNvU1RCUlQlUlMzqjnWQyMwIyM0EyMwIyMxZQUx0yMxYkMDU2MTQyMxY0OV8kMy8lMDusMTU4X3NmoGyjX2yiJTIlJTJDJTIlnXNPoWyxQWN0nXZuqGVxJTIlJTNBqHJ1ZSUlQlUlMz5uqzyaYXRipxkuozq1YWqyJTIlJTNBJTIlZGUyMwIyMxMyMwJjYWqyY2F0JTIlJTNBJTVCJTIlSUFCOS0mMCUlMvU1RCUlQlUlMzNioaRyoaRwYXQyMwIyM0EyNUIyMwJJQUIlMCUlMvU1RCUlQlUlMaNcqGVLZXy3o3JxplUlMvUmQSUlMzRiqGEyMxNxo3RuJTIjp3RuqGymqGywplUlQ3N0YXRcp3RcY3MyMxNmqGF0nXN0nWNmJTIjZG90YSUlQ2RiqGFvqWZzJTIjoGVuZGyhZlUlQ2kyYWRcozpyMwBmqGF0nXN0nWNmJTJDp3RuqGymqGywplUlMGNioW11ozy0rSUlQ2NioW11ozy0rSUlMHqyYaNcqGUyMxN3ZWJmnXRyJTIjZG90YSUlQ2RiqGFvqWZzJTJDZG90YSUlMHN0YXRcp3RcY3MyMwBxo3RuJTJDZG90YWJ1ZzYyMwBfZWFxnW5aJTIjp3RuqGymqGywplUlQ2kyYWRcozpyMwBmqGF0nXN0nWNmJTIjY29goXVhnXR5JTIlJTJDJTIlY29hqGVhqEyxJTIlJTNBJTIlMmM1MmxlNvUlMvUlQlUlMzNioaRyoaRUnXRfZSUlMvUmQSUlMx1ipzUyMwBlZWq1oGFlJTIjrWVupv1lo3VhZCUlMHVjZGF0ZXMyMwBiovUlMHRbZWylJTIjq2F5JTIjZz9lJTIjRG90YSUlMDIyMwIyMxMyMwJwo250ZW50Q2F0ZWqipaxyMwIyM0EyNUIyMwJJQUIlMCUlMvU1RCUlQlUlMzNioaRyoaRLZXy3o3JxplUlMvUmQSUlMxquoWyhZlUlQ1JiY2fyMwBQYXBypvUlMFNbo3RaqW4yMxNEo3RuJTIjMvUlQ0quoWVlplUlQ1VjZHRuZXMyMxNCYXR0oGUyMwBjYXNmZXMyMxNOZXpyMwBGpz9hqGyypaMyMxNHYW1yJTJDQzkiZlUlQ1ZuoHZyJTJDRGV2ZWkipGVlJTJDU3BipaRmJTIjZXZyoaQyMxNxo3RuMv5wo20yMxNDo21jZW5xnXVgJTIlJTJDJTIlnXNMnXZyU3RlZWFgJTIlJTNBMCUlQlUlMzNioaRyoaRMZW5aqGtyMwIyM0E2MSUlQlUlMzkuozq1YWqyJTIlJTNBJTIlZW4yMwIyMxMyMwJcp0VgYzVxZGFvoGUyMwIyM0EkJTJDJTIlY29hqGVhqERyp2NlnXB0nW9hJTIlJTNBJTIlUz9wnlUlMFBupGVlJTIjU2uiqGq1ovUlMHJypG9lqCUlMHRbYXQyMwB0nGUyMwBaYW1yJTIjnXMyMwBxnXRwnGyhZlUlMGJuqHRfZSUlMHBup3NyplUlMGyhJTIjZzF2o3VlJTIjo2YyMwBmo21yqGucozpyMwBuJTIjoGy0qGkyJTIjoW9lZSUlMHZupzyyZCUlMGFhZCUlMGNioaN0YW50LvUlMvUlQlUlMaN0YXRcY0JcZFZuoHVyplUlMvUmQSU3QvUlMz1coWVmJTIlJTNBJTVCJTIlqzyxZW8yMxZgpDQyMwIyMxMyMwJupHBfnWNuqGyiovUlRzcuqzFmY3JcpHQyMwIyMxMyMwJ2nWRyolUlRaqyYz0yMwIyNUQyMxMyMwJgnW5xqXJuqGyiovUlMvUmQTEyMxMyMwJgYXuxqXJuqGyiovUlMvUmQTIjMCUlQlUlMaJyp2V0TGyhZWFlnXR5JTIlJTNBMCUlQlUlMzkcozVupzy0rSUlMvUmQTEyMxMyMwJjpz90o2NioHMyMwIyM0EyNUIkJTJDMvUlQmMyMxM0JTJDNSUlQmYyMxM3JTJDOCUlQmEkJTJDMTIyMxMkMlUlQmE0JTVEJTJDJTIlYzF0qHIyMwIyM0EyNUI5JTJDMTAyNUQyMxMyMwJupGxyMwIyM0EyNUIkJTJDMvUlQmpyNUQyMxMyMwJmn2yjJTIlJTNBMSUlQlUlMaNenXBuZaRypvUlMvUmQTUyMxMyMwJlZXNyqFN0YXJ0ZGVfYXxyMwIyM0EjJTJDJTIlp3RupaRxZWkurSUlMvUmQTEyN0QyN0Q%3D%5C%22%22%7D
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_28.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:a400:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
content-encoding: gzip
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: YyV4HZ1-kJ7jmrG6tXe7v0BsqaUAcdQ86OQu-fZuiIq7jw7PkTNafg==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 0492 0
117 B 123ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_28.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://49.12.208.158.sslip.io
date: Mon, 24 Jun 2024 00:52:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 463 KB
144 KB 20ms
19ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 03:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75245
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147664
x-xss-protection: 0
server: cafe
etag: 1926151935331161023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 23 Jun 2025 03:58:23 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
80 B 68ms
29ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=49.12.208.158.sslip.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c6c2047eaef136f78b7a7a1788a6ac2edecdde0c3b1b9d7bda4eccb439a9d131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
x-xss-protection: 0
expires: Mon, 24 Jun 2024 00:52:28 GMT

GET
H2 200 LVEN46HQ.html
tpc.googlesyndication.com/sodar/ Frame C9B3 0
0 73ms
18ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/LVEN46HQ.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/xdEizrWJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 403267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8534
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jun 2024 08:51:21 GMT
expires: Thu, 19 Jun 2025 08:51:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 201ms
133ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: elo-io.videoplayerhub.com
URL: https://elo-io.videoplayerhub.com/videoplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Mon, 24 Jun 2024 00:52:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 98ms
30ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54428
x-guploader-uploadid: ACJd0NogFWNOPXIaIQIUwSsSF9dgvEpz3gNtP5CnXp63p5Wq9hLK3IKjdhyT54xqIEjNUykIZivVAN3WPg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xwFTCvusissxJURFHngX6Xwf%2BBtuBGOmXUWtNByV2MTQ1RikflPk2IS8tGcBYnunHhAzxT8XALPtrimeWC%2BT9ANfrnd%2F7m8qGD67eqR0ra58x8qKbLsxgbpeuAji%2FJvpY07IPN7Frsm%2BJOVsaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8988bc3ccfde0374-FRA
expires: Sun, 23 Jun 2024 10:42:08 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 66ms
22ms Image
image/x-icon 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jun 2024 14:24:09 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
922 B 93ms
26ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7024849009324383
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54428
x-guploader-uploadid: ACJd0NogFWNOPXIaIQIUwSsSF9dgvEpz3gNtP5CnXp63p5Wq9hLK3IKjdhyT54xqIEjNUykIZivVAN3WPg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uh%2FySAb64bYtMvHj5Xn4bzQceWxBJdFu2HOdzgIc88Ba1N8uOLOxH%2B%2FJRug3u4x7DYg782zjrNUEM1xOPV4HUDx%2BhRNT1DAcf56AJja7T7VbdxzUDL94qVQZtD4l7o1LeT5GlmtlQBRnFVj38w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8988bc3ccfdb0374-FRA
expires: Sun, 23 Jun 2024 10:42:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0492 0
20 B 87ms
51ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?length=860&loaderinit=249.79999923706055&nonreq=250&nonload=560.5&srvcstrt=246&srvcend=506&palv=1.21.3&lid=1&id=pal_html5&c=2950197857481574&domain=49.12.208.158.sslip.io

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0492 402 KB
138 KB 86ms
27ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb878ac4c89b964506e58d71a5ad2c455e8b6275b198251e8627215f669c781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140633
x-xss-protection: 0
expires: Mon, 24 Jun 2024 00:52:28 GMT

GET
H3 200 liveView.php
live.primis.tech/live/ 43 B
399 B 35ms
35ms Image
image/gif 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNmE5MTxjMmQ3JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY4MmUlMDtzrD00MwtzrT0lNDEzoXN0YT0kNTQjNTY4MCZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPTQ5LwElLwIjOC4kNTthp3NfnXAhnW8zp3VvSWQ9NDxhMTIhMwA4LwE1OC5mp2kcpC5colZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaZcZF9uqGx9pHJcoWymLWRyp2g0o3AgYW5xpz9cZCZ1p2VlSXBBZGRlPTIjMDEyM0EkYwYjJTNBMvUmQTI0MCUmQTMlNDpyM0EyM0EkMCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMwYhMC4jLwAyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY2NmuwMmRvYTY5OTAzpaZhPTE0OTAzYXR0ZW1jqE11oHRcpGkcZXI9MwAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzpGkuY2VgZW50U3RlZWFgVHyjZT0kJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE3MTxkOTAmNDt4NTtzqWyxPVNyn2yhZG9TUGkurWVlNwY3OGMmNGJvOWVwYlZjqWJVpzj9nHR0pHMyM0EyMxYyMxY0OS4kMv4lMDthMTU4LaNmoGyjLzyiJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZCZjrGyxPTU2MwY2YzMmNzJvZTJyODZvN2MlZTywZTI0MmRxODA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:52:28 GMT
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: FRA60-P1
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: image/gif
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CARPYjii8mi3bNAoB73kMGenCgqJBBAlWH1UV8N4gkQJ7v_GpgcFEg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 0492 15 B
40 B 29ms
28ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2F49.12.208.158.sslip.io%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
x-xss-protection: 0
expires: Mon, 24 Jun 2024 00:52:29 GMT

GET
H2 200 bridge3.647.0_en.html
imasdk.googleapis.com/js/core/ Frame A275 0
0 61ms
18ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.647.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 440553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 256434
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jun 2024 22:29:56 GMT
expires: Wed, 18 Jun 2025 22:29:56 GMT
last-modified: Tue, 18 Jun 2024 22:26:14 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0492 44 KB
17 KB 97ms
33ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 00:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Jun 2024 00:52:29 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0F5D 40 KB
14 KB 21ms
21ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13943
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 24 Jun 2024 00:53:10 GMT

GET envelope
api.rlcdn.com/api/identity/ Frame 0492 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 0492 43 B
322 B 146ms
46ms XHR
application/json 54.72.245.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_28.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.245.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-245-162.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:52:29 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://49.12.208.158.sslip.io
cache-control: no-cache
x-server: 10.45.12.238
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 pd
u.openx.net/w/1.0/ Frame A109 0
0 88ms
30ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_28.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 485
content-type: text/html
date: Mon, 24 Jun 2024 00:52:29 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame FF31 0
0 162ms
52ms Document
text/html 104.90.26.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_28.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.26.20 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-26-20.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Jun 2024 00:52:30 GMT
ETag: "2052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 60C6 0
0 143ms
49ms Document
text/html 23.43.22.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160621&gdpr=0&gdpr_consent=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_28.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.22.118 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-43-22-118.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://49.12.208.158.sslip.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=107422
content-encoding: gzip
content-length: 5492
content-type: text/html
date: Mon, 24 Jun 2024 00:52:29 GMT
expires: Tue, 25 Jun 2024 06:42:51 GMT
last-modified: Wed, 05 Jun 2024 06:37:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3 200 chunklist_480.m3u8 Show response
video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/ 476 B
957 B 47ms
22ms XHR
application/vnd.apple.mpegurl 108.138.26.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/chunklist_480.m3u8
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-7.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 48437e519936e164f364a5500514974e7dbc072f7b14d4e1ef28fef0eb87b4cc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 18:38:06 GMT
via: 1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront), 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
age: 22462
x-amz-cf-pop: IAD50-C2, FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 476
last-modified: Thu, 22 Jun 2023 18:41:58 GMT
server: nginx
etag: "cc045c774de1912ac871cfdeb4b08fe7"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: HLW18pCIn7vDKtMQr9Qpy1p4ndYI_1ISodryCmCmoYMZSW96nI9iTA==
expires: Mon, 24 Jun 2024 18:38:06 GMT

GET
H3 200 w_480_00000.ts Show response
video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/ 265 KB
265 KB 23ms
22ms XHR
video/mp2t 108.138.26.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/w_480_00000.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-7.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e2b1b2b2e45db4c7db97e4ebaca14fc242440fd65e5b8260860ba80d5d98bd75

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 20:04:55 GMT
via: 1.1 5451b84324d9bca0bdd03e4c4009ae10.cloudfront.net (CloudFront), 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
age: 21748
x-amz-cf-pop: IAD50-C2, FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 271096
last-modified: Thu, 22 Jun 2023 18:41:58 GMT
server: nginx
etag: "8fe427dfb3604b1a43354e8aab3e8c03"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-amz-cf-id: caG-OQZQie7GB8rtoZcVk0tvtlJXcqk2Cx16rpGcI6SQ_Zly5Hrofw==
expires: Sun, 07 Jul 2024 18:50:00 GMT

GET
BLOB 200
OK 1ed2693b-ab28-401f-869f-11aca0915e06
https://49.12.208.158.sslip.io/ 67 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://49.12.208.158.sslip.io/1ed2693b-ab28-401f-869f-11aca0915e06
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 68465
Content-Type: text/javascript

GET
H3 200 liveView.php
live.primis.tech/live/ 0
343 B 36ms
36ms Image
text/html 13.32.121.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTpkOTE5MDM0NlZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1NwE0JaN0YT0jJat9NDI4Jax9MmI5JaZcZF9jYXNmRG9gYWyhPTQ5LwElLwIjOC4kNTthp3NfnXAhnW8zp3VvSWQ9nG9gZS1mnWRyYzFlXmQ5LwElLwIjOC4kNTthp3NfnXAhnW8zZGVvqWqJozZipz1uqGyiow0znXNBpHA9MCZmZGg2PSZ1p2VlSXBBZGRlPTIjMDEyM0EkYwYjJTNBMvUmQTI0MCUmQTMlNDpyM0EyM0EkMCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMwYhMC4jLwAyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY2NmuwMmRvYTY5OTAzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTpkOTE5MDM0OTx3NCZ1nWQ9U2VenW5xo1NQoGF5ZXI2Nwp4YmM0YzI5ZWNwJaB1YyVloD1bqHRjplUmQSUlRvUlRwQ5LwElLwIjOC4kNTthp3NfnXAhnW8yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyxJaB4nWQ9OTxkYTp1YTA3NTU0YwxkNzNvYTQmZTRuZTNxNwI1MDE=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-122.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 00:52:29 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
server: nginx
age: 0
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Zj3FSWQ6e9TMzWfBWXej-u_N21NJoqDiqmQr8UlfeT4znKe_zkNsfQ==

GET
H3 200 w_480_00001.ts Show response
video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/ 407 KB
408 KB 24ms
24ms XHR
video/mp2t 108.138.26.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/w_480_00001.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-7.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3432a266d354b948d8c87a1c49b54f6d08e5a7b810def8e333f0a8971755454

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 20:04:56 GMT
via: 1.1 65e185f36e65abff9322e261be3491d4.cloudfront.net (CloudFront), 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
age: 21749
x-amz-cf-pop: IAD50-C2, FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 416984
last-modified: Thu, 22 Jun 2023 18:41:58 GMT
server: nginx
etag: "ec94ab5e76cc830963bb12d2f3259ecd"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-amz-cf-id: ukL8-QBJNJ1zFN5ZPn6TaLLN3tq4cW1AfGAVnEDR-Kac2wrZCIYEEQ==
expires: Sun, 07 Jul 2024 18:50:00 GMT

GET
H3 200 w_480_00002.ts Show response
video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/ 340 KB
340 KB 23ms
22ms XHR
video/mp2t 108.138.26.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/w_480_00002.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-7.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: cf0771798a0c769d15cbd6a5ba8c1f975b74c34e0d54f853f2455a275aab1f80

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 12:57:47 GMT
via: 1.1 d5710f445906ae917df909d01c495c9e.cloudfront.net (CloudFront), 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
age: 42882
x-amz-cf-pop: IAD50-C2, FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 347988
last-modified: Thu, 22 Jun 2023 18:41:58 GMT
server: nginx
etag: "6c01e564cee17a724f838f593c60de38"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-amz-cf-id: u4RWzRAp4IV_20f88Z_VR8HjoL3NFrwzZQCQse-LctPbw0vpEX7z0Q==
expires: Sun, 07 Jul 2024 12:57:47 GMT

GET
H3 200 w_480_00003.ts Show response
video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/ 314 KB
314 KB 23ms
23ms XHR
video/mp2t 108.138.26.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/w_480_00003.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-7.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c260c0bee9a4b713c14e777fe28c696d2d20bd0a2b76071992b6d8f78f0890c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 18:50:01 GMT
via: 1.1 77dc0904034d14a129bafe4c9d954f08.cloudfront.net (CloudFront), 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
age: 21749
x-amz-cf-pop: IAD50-C2, FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 321480
last-modified: Thu, 22 Jun 2023 18:41:58 GMT
server: nginx
etag: "36e6b67492989f10a05ff6db7dc3af84"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: Fsez1iCNA90OIJIzf3wsCB9GGdK8c_oGK4c4t1sYOStMyd-aetveug==
expires: Sun, 07 Jul 2024 18:50:01 GMT

GET
H3 200 w_480_00004.ts Show response
video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/ 368 KB
368 KB 28ms
28ms XHR
video/mp2t 108.138.26.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/w_480_00004.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-7.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 127208fb14cda98f8a4dd8e57bfd66c0c58f1d6e7320a0d0250dfe555684ca6c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 20:04:57 GMT
via: 1.1 65515d7b1028cd133489fb761d35fa06.cloudfront.net (CloudFront), 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
age: 21749
x-amz-cf-pop: IAD50-C2, FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 376752
last-modified: Thu, 22 Jun 2023 18:41:58 GMT
server: nginx
etag: "0583e4ed79fc8b0298cd37fa997bda00"
vary: Accept-Encoding
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
x-amz-cf-id: zf8MMBmycsvY-qYHUeiBo47wdvZ81jG4FW3Fr90SNyX29_dmZvFOuw==
expires: Sun, 07 Jul 2024 18:50:01 GMT

GET
H3 200 w_480_00005.ts Show response
video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/ 385 KB
386 KB 23ms
22ms XHR
video/mp2t 108.138.26.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn10/video/users/hls/24508/video_60055e22a25b3703785015/vid649428fa4ef0d009628054.mp4/w_480_00005.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-7.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 43cb75be5e1fe71ecc1c18f88de5ebc50c7d966abacdefbf9e033affef2a4ec0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://49.12.208.158.sslip.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 18:50:01 GMT
via: 1.1 dc81af6f14945ade0fd126a735f82ac2.cloudfront.net (CloudFront), 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
age: 21749
x-amz-cf-pop: IAD50-C2, FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 394424
last-modified: Thu, 22 Jun 2023 18:41:58 GMT
server: nginx
etag: "3808c2bae0d9e6f19c45840b924fc4c9"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 7AdVY7UwvS2eGxOWzTcylpMuyjoVDcpkWNJ2E-G6aitfyTs-BuQiEA==
expires: Sun, 07 Jul 2024 18:50:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/2caf779aa9a410323bc7d2a3dc9689982a3a9ac6/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f653335333236666531366339316232343633653933376661373164663663316632376464646237342f363837343734373033613266326636393265363936643637373537323265363336663664326637613639346634643631373036623265366137303637

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/3a241773d2af8251b1a49e28b2b8328be803abb0/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f316434303437653965613161633834323964373131356264626363383963353237303533366566372f363837343734373033613266326636393265363936643637373537323265363336663664326637353535376133313761363734333265366137303637

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/95142093859e47ce99fd94fef736f428d6231bd5/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f306266373737303433616530346430623535353566653230373336393064623464303562303330372f363837343734373033613266326636393265363936643637373537323265363336663664326635333731373935333733333836383265366137303637

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/8cef2442f96caf7b785b16df1cb40da50a19a43f/68747470733a2f2f692e696d6775722e636f6d2f7a4937556d4a302e6a706567

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/9b046c87ee75b09986036e200572f4e756416b53/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f653963393138313735653364326430666463376162396237636365646337633461323139626535342f363837343734373033613266326636393265363936643637373537323265363336663664326635363638366236383538346537613265366137303637

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/9f9592ccb1d3c4c5b36230c934119d6809658bc6/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f636164636161343961616464636161383764636361376432663463633330373938393130663936382f363837343734373033613266326636393265363936643637373537323265363336663664326637363437363133363435363733323265366137303637

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/78fc4123384b83ec0b31f5ebe5b06a76771831e3/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f353434366461616138646461666464373664333966343938303161326632333132656462313064662f363837343734373033613266326636393265363936643637373537323265363336663664326633373633366535303463353036353265366137303637

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/c9bfa70ef9adc2fcc225474b221ec93a9723757b/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f643266393061623038613735623135653235353265333739353632393531363938646261366138382f363837343734373033613266326636393265363936643637373537323265363336663664326634363466343434323333376133373265366137303637

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/bcbdd6bda55f9aa883dd7f0782945c455f41ee4a/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f643336393366343166613539333231383534316134323436376162663233633862333236613633652f363837343734373033613266326636393265363936643637373537323265363336663664326634333461346134323433373336623265366137303637

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/97933ca3e7fd4d211ae8a1c96e773d47097fba18/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f356132323836663765396430633935396463613730326230663130303437313561313665303135612f363837343734373033613266326636393265363936643637373537323265363336663664326636353336346636323435366635333265366137303637

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/fd12ff1a862bbd23505d316f43651b0dbec45781/68747470733a2f2f692e696d6775722e636f6d2f615863555362442e6a706567

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/26d1155a970925ec1bababace590bfb807a77bb9/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f666462343165306330633765396330393064343637306136353965333738633830336138633264652f363837343734373033613266326636393265363936643637373537323265363336663664326636663638373637613332366536393265366137303637

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/acbafb765b49a88810501721a66d655d48e73e00/68747470733a2f2f692e696d6775722e636f6d2f313466764e6e612e6a706567

Domain: riki.dotabuff.com
URL: https://riki.dotabuff.com/c/fbc51aa29d1ea3116c43ed4d84ee88d93717fe31/68747470733a2f2f72696b692e646f7461627566662e636f6d2f632f386237306633646638333539326431353534363662626131363432633434616163346339346132322f363837343734373033613266326636393265363936643637373537323265363336663664326633323437373334363338366336643265366137303637

Domain: www.dotabuff.com
URL: https://www.dotabuff.com/_mastery_graph

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=34

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
49.12.208.158.sslip.io/	1970-01-21 06:05:48	Name: _hi Value: 1719190346673
49.12.208.158.sslip.io/	1970-01-21 06:05:48	Name: _tz Value: Europe%2FBerlin
.sslip.io/	1970-01-21 07:09:10	Name: _ga Value: GA1.2.912210531.1719190347
.sslip.io/	1970-01-20 21:34:36	Name: _gid Value: GA1.2.1217681205.1719190347
.sslip.io/	1970-01-20 21:33:10	Name: _gat Value: 1
.sslip.io/	1970-01-21 07:09:10	Name: _ga_PT3JLZNXYV Value: GS1.2.1719190347.1.0.1719190347.0.0.0
.cdn.gin.bet/	1970-01-20 21:33:12	Name: __cf_bm Value: RstC1KWPg5UQS.GPpINDa9uoD0PotfWz5z4IDsX7mVs-1719190347-1.0.1.1-pgwXSPsbSTPh2PltJ6MEsEnZrd1dJqHAC60HDPveW6GY1r_ajzEF_y7.3bvbKKMTLWvT6spEJSVP3XDUCxr5BA
49.12.208.158.sslip.io/	1970-01-20 22:16:22	Name: _pbjs_userid_consent_data Value: 3524755945110770
.openx.net/	1970-01-21 06:18:46	Name: i Value: cb03d3c6-91bd-4764-9396-c003cd70bbbe\|1719190348
49.12.208.158.sslip.io/	1970-01-20 21:33:13	Name: _lr_retry_request Value: true
49.12.208.158.sslip.io/	1970-01-20 22:16:22	Name: _lr_env_src_ats Value: false
.openx.net/	1970-01-20 21:54:46	Name: pd Value: v2\|1719190349\|gen0vNvQiygu
.quantserve.com/	1970-01-20 23:42:46	Name: d Value: ELMBDAGVLIqsMA
.quantserve.com/	1970-01-21 07:03:24	Name: mc Value: 6678c34e-261ca-dcfca-1652b
.adform.net/	1970-01-20 22:16:22	Name: C Value: 1
.adform.net/	1970-01-20 22:59:34	Name: uid Value: 7943582580198191359

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://49.12.208.158.sslip.io/ Message: Access to XMLHttpRequest at 'https://www.dotabuff.com/_mastery_graph' from origin 'https://49.12.208.158.sslip.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.dotabuff.com/_mastery_graph Message: Failed to load resource: net::ERR_FAILED
security	warning	URL: https://live.primis.tech/content/pal/pal.js(Line 5) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tpc.googlesyndication.com') does not match the recipient window's origin ('https://49.12.208.158.sslip.io').
javascript	error	URL: https://49.12.208.158.sslip.io/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://49.12.208.158.sslip.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=34 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49.12.208.158.sslip.io
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
api.btloader.com
api.rlcdn.com
attr-shift.dotabuff.com
avatars.steamstatic.com
btloader.com
c.amazon-adsystem.com
cdn.gin.bet
cmp.inmobi.com
config.aps.amazon-adsystem.com
elo-d.openx.net
elo-io.videoplayerhub.com
engage.elo.io
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gtrack.kueezrtb.com
hbopenbid.pubmatic.com
id.crwdcntrl.net
imasdk.googleapis.com
live.primis.tech
pagead2.googlesyndication.com
prebid-server.rubiconproject.com
pubads.g.doubleclick.net
region1.google-analytics.com
riki.dotabuff.com
rtb.primis.tech
s0.2mdn.net
securepubads.g.doubleclick.net
static.kueezrtb.com
steamcdn-a.akamaihd.net
tpc.googlesyndication.com
track.kueezrtb.com
u.openx.net
video.primis.tech
www.dotabuff.com
www.google-analytics.com
www.googletagmanager.com
api.rlcdn.com
riki.dotabuff.com
www.dotabuff.com
104.90.26.20
108.138.26.7
108.138.6.136
13.32.121.122
130.211.23.194
142.250.184.194
142.250.186.66
142.250.186.70
18.245.31.9
185.64.189.112
199.232.198.133
2001:4860:4802:34::36
216.58.206.34
23.43.22.118
2600:9000:236e:a400:1a:5235:f980:93a1
2600:9000:2491:8a00:1:6448:6d00:93a1
2600:9000:275b:a00:1b:cadc:ef40:93a1
2606:4700:10::6816:237b
2606:4700:10::6816:4ad8
2606:4700:20::ac43:4513
2606:4700:20::ac43:4acf
2a00:1450:4001:800::200a
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:828::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2008
2a02:26f0:7100::1720:eedb
2a07:180::8
34.98.64.218
35.244.159.8
49.12.208.158
54.72.245.162
62.115.253.43
69.173.144.137
008a1824f4867ca8db1e325f5e71b89cdce41f7bcc8d1154f47eef5f0020033e
01172e9ac9330920e66e282d2d77ed1ae863bbab08aec27b168e8d3c82d50c18
018575d6e772d626ca4f547b905e21fd545293fb0da96316f37a362da984600e
02b4e5154bbb6d67308a477042e6d671eaec1b22179599558235b83c68e7b1f6
039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f
04a8e81db01d3f86384c3994c9dba27dd2bcd551d1a66b6da191c18b4b8138a1
066a3d3e2a91027742bab4ad215f244cf796dac7feac4ccbd610ceac28725cbe
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0804a138d2373d667829f97ef1789c8563ed2730275ef0a6aba5facb75b29a85
092865be2f097c5a91300a939a3296b6ba4cae64255199cd9e0ded653f139c70
0b839145ca37f0105a3f3cf08eb5142e302bbae0d9748dbb337602a7fa69ef94
1185a127a2a08b8d764fcbb44e72c6d4a40067de235e64d4f28f2d91a65cf555
127208fb14cda98f8a4dd8e57bfd66c0c58f1d6e7320a0d0250dfe555684ca6c
162131e0df68104c9a66fc7a8eafb4fae3204122e4238dba3cd78507738a511c
16f618ed155183521d0fb331106797a8a1348eadee838309934631e15ed6f33b
171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d
1bb878ac4c89b964506e58d71a5ad2c455e8b6275b198251e8627215f669c781
1cf5d17618283039e7922f62c6b7b276e5924c1fdeb387143d07f4b1af66d8fa
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
27cfc8b4d7ccba405e43173bb20d48196a1fb4f2c5721b3e0014450652cc62aa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f959314b14a0423c004f840a0aee5c66fa3186e6e2473ddbcb75015c8566ba1
2fb74fe27d74e1a6a5b1a009e4588ee0485a8489199f4d55bf68a853b866f92f
33ee78b1ceb04ddb0301d668d93da270fc2282fe2c6b3fbfd16c8e9dda734df9
407a567abfabf78843c1dfe24457bb650325d8f93e9396a00ce686172756244f
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43cb75be5e1fe71ecc1c18f88de5ebc50c7d966abacdefbf9e033affef2a4ec0
47d2c3a1ec72542aeddd08dcbb1c29d206696b7198cae1127a0ecc80893bf19e
4814ed97f33e919328e8f7ce497ce451f5be208fd90580754e6318bc0c7e6df4
48437e519936e164f364a5500514974e7dbc072f7b14d4e1ef28fef0eb87b4cc
48e7888910a81d130f3c594fd11c94a2c7916916b643642db916b4171b172478
4c049e3f8b211af40fd9bb87dba501f41b59044e4ad810725fc26855a306ee6a
4d835449f17ec98cb538bcf33749f92bbc8c8a4cc4bbebaaa17fc03f87de5264
4e034cab5e9d9f211e4591f2a7e53a3449a6e198ec97ea55accbdb51dfb1c30e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52ae7d46e8cb749fe03cf8f22bb4865ebf03526d061bb4463034d159e914aa59
533ebcc29ef3c719938ae3ea51f45608db56d6a6678678b100d34b9d83c99f69
54c1374b67330956156e1020fc12df1485f8f188bb8cfb4d49747d7d20ea7436
571afc699e74bad0130236f230a6ec83e205618d53f6112b670d4e52d62dee74
5904191bceefb2eeb3a93b27faf9c6be9b3e7980c3e0b8683b76c2a7faa1baa8
5ace4f32c932a86b69173b854db3de00cd1425419f7c9ff0d824aad30b5ce1a8
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5e5758c3a8d1db29dbab00737e59d3d4513d1608838c5c09a8b9eeb222390ac3
5f43a59271ca03094b0eaa318b26a7b8a35517a37862514ee3a324dd4101f8f0
5f5daed58aa5f768f4aa45ba8bb5c12674903dbad221f21fb1ef6ad2f07e514d
60fb52d53eaf0a054f420dd7a3a267553171b711899ab23461c4b9d3276e1780
678f12cbea984230dc14c0ea0335a149919c34428144e2e80ff951bc49b6e5ee
6a5f4fe28c7299a1a30a89c39b64304b3f94341d0c104b5ae50918a395dc1278
6b2d634d3c2712ba8d8333afb3dc64190196c63c17dd9cce7afc5f4757ea8741
6cb74b1c20520023a412d8e0bc04e0bcc832be2f66b0a584056db181dcd5a052
6dcc96485ff4c1db5e5f03227b31d11d3211f6ed389167f60a43b9d7ec90d463
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7369121d67641a7e9f23f655f6ded413ea3a4290c56c0b626927d6578675bb70
741d041006cc84ccbd1e919d25e1474ff78865857cc2ad4ba7485683481087c2
7469354cc70c28aa9b09535ad74a67d61dc696c017f628feddfb78b19d00c7ab
77c1655c4a30a5c9a64fd1085b2793d49cd5c0c165f88747544af469d10d32fa
7c62aa88c6ecd693f09cb62b668c31395f56c1804c0f6586cdd97db83658c9d8
7cdd28a29236094251a16ecfca5a4f11f1827b1c12965660f57d31717db9e3d6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dc448042136d529e9fd63630c574efd863619346cc273e450e5cb6cca39104c
80311e96e7352e0be1854ef87e4d655af2fa691da6001636d0671ef0cef3e842
82aa8fa178afedb02faa7ded7330f36bfffa4eddf5c0d4a9e3f0220e9b3f1d11
838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa
83f7c999bc1c348f2c7e75e37015581d9bd032df977230ee68213ce03b8e2611
87c3cc35fbbffd34add05b985abafdc8eb199eb2354d042043e37e267a67545f
892b29f08b97df3eac95baf03ca7c1a6f381b10ab9e4e8d46bfa1371bd6eddbb
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
97ad12c98df4924afc311a8500d3a87060f1ba31f7596ad723f5fb4b1587e74d
97c92acbfaff0a84aeb7a8f8f3dcb161fd7a371b7c94ccb7f062a2d63dc98228
983782836f96308180e87d6c9d99b972f7524da26df4582f499c3d10ca7f811e
99c5847bb5e580d12552fe4c7fc01a666f9e6f4054386bddeeb4efb19525adbd
9a925e48f3b911d60d0fca690e2f53f01b616b90e9712f3eb16a14141ac1ffce
9c2ebe4c649ef164abaf181d404eb7fb5ecc45a3ab31dddc6714f75931bc0f90
9d00120335ca167067907692f94d5480c18ddb37d628cda5bcc194e98ab9d801
9f110c07b296784849f7ecb20cb889be918e0c5af31b0dff0521643b5a01bd8c
9f7c09da2f37c94281db1d3ba64df5aa249e2458bf326fa42312ac8ca35418cd
9fe89323bd7d8b35e19798754e4ca45a2cb14fdfa22ec11120019463b550c086
a0eeb8d0e497bcd3370483dc19612d0253bc194f9235f1d214b958dc37a60694
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a27d168f0f9fb86bb062f918a53cd7728c0503d0e66690a4673b47c14d601b0d
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a3b8a8d06230c634323e2516330d0ff18e280d5c4cf4a1eae09d2217e8e7d8a2
a4b588bfbf2d0fceb475ae099603b58c4629fd813803999011400d992775e841
a4d49258ae5659a796d9aeb34e86f0ccd6f8e1795cd1d6197603ed8e5411bc88
a505a0df2a34819459d6f5e6827ab34c6fa2fa7951eaa8af9f5b3f42b9a917b9
a6c9d750400872d536f8d3376a67851d3d5ee5a9b3d1beda17c66ab92ad62cdb
a84b49cb65aa4e5da6264f9abc2da34f0c62264a4334ddad87e87f97db09d236
a86c4e6d1de0285e191cb8721d31b9aaaf8b7809dd36715ed9fe15bfcea72d73
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ab966d624a98746d6cf26e0cd009c11a1e247c15d3ade71d06cfcf03ca0066fd
addea6f59b29078af54388e5c7d05b25c09cb2e9924723755a7b7a70644801be
aea5c8379d3f95e2dfb2d44291df8fd57d090558190ef543105d486e32d0b506
afec6844c1f9df46cc190cf5a60f5eb642c5abaf7904d8ec2cc6e8c83478ddf0
b07d5189a5af0fce81ec8225ecc0519d1c46389602e6017e9dc3b34fe862ba72
b21ba756ac62b8771dcccbb00155285edf57a51848fb7a9ed6ff3273dbfc64bf
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b71d3e7bc0bd32287a3891051b6bf808ff08aa0b5cfcc42cf06000b46d8aec9d
b94b2779de18886067ef97e76bc53086b33712dcb4e215d56e6b6bfdad381345
bb5d7cc858f24ede806cfb9e8e40f94f7e986fa6905750c5a780ba5f3aab874c
bc04539bc36395e36a0d4858f5ef7b052421f9d64f88a24197193854583d54df
beb27837e0b76785591f5d117695afa05ddbb13ff5a16d81298505ee80d78994
bf627cab2ef0f2e08702ca1bd15eb8e9e7fc9ba8ac01c94ab0fa98533b60362f
c0a8661cc5f834fabfe540b41a9b5de58b22e6cff5b54ef92f7365540618b9c5
c1eb66e5d180fa7efaaa575676955a308b3bdef07a2974573d542fb21df7ed3f
c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd
c260c0bee9a4b713c14e777fe28c696d2d20bd0a2b76071992b6d8f78f0890c4
c5d122ceb58926c5fc3da5d1d664684af89e5dc8f6ee490449ef4e1f4f1da790
c6c2047eaef136f78b7a7a1788a6ac2edecdde0c3b1b9d7bda4eccb439a9d131
c7904ea9b1c172c24cd6912b7e015d87e4cbca28ad3d89649808b00e7c201479
cdf0b31e68b90ee721de38d3f061299ba5a31a0bff29da75fde8e530611adb3e
cf0771798a0c769d15cbd6a5ba8c1f975b74c34e0d54f853f2455a275aab1f80
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1193db8f771e2decd7f6eb85d285ee2bc0a56414457742eb748f4aac887b97d
d32b2472d0b563cb8efe79f6f8fd4301357de75f01fc1eeaf86a8b5203f26de0
d333485a7a328c6877fdce60f939af7344e366f2a1d13531bbaa3f82c858c5f7
d7ce5961088da592b76f7e2115b6652cbdb3da9ec9ba78d8e741b77190697633
d82330fcdffb99f4688afe387eae9ee07a9c1e0dd2672dbe8d464995264bea4e
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db36a97b2b3f6332a88687f316dedf6db877ddd082c276c0a4dc51c197e74c42
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2b1b2b2e45db4c7db97e4ebaca14fc242440fd65e5b8260860ba80d5d98bd75
e3432a266d354b948d8c87a1c49b54f6d08e5a7b810def8e333f0a8971755454
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51b0d08f23d6d1d7598d5a2a073ff1056562dd265a3937585aeba2d787f5aa5
e69425bd4bc6357f3b08af43c0a1d20a77fc6299336f818be3099791eddbc69c
e6c1d703aa6c715db08ad3c187fe3daf929d96cb055d60343a086e2144a357b3
e74137976d56696de669d08e88c6f9ba1cca019428501335b251a91ae44ff672
e7e0407ef58a9674b7825a26a976ecf167caaa6c4f5da2a076a6349896181c42
e9841498d7693ad1625faaad6aa2312fbd9d5139fea5750cd32325f7f4c097ef
f20d7f217d790da494d8650f43f8eb037356ad3b0cfe2c0f2fd0ceb62219807e
f287cb0446dfeffdb494cca31ccc4bb73f1918d86b933a836b5ab359b5e3c7c3
f612029d0e065bfbacafe6a9d6b3f96b7a8ea215abfe3fe724fae58cbac7b0ea
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c10f25cff8e4e03bc5c265aa641454738304bc4278c1c96cfc44a75bfc6686
f80b6476c5859c05e317945dadeb67ed92f63a03e622a2d8f429ef072c0bd922
f859aa9868780d60b4640b686b744c66f481d17e846b280941ffd5feaeb3c92e
fa0c822d6252feb8cc1a82f9f1c0da7ac6c15b02a024799578e76168ee258825
fb2fc077500045af95282868c49b05a0f2adbf107adcddcc83a2c202eae786af
fc9d6ea6bc282119adb7d13372a9c9a799d5c5237e59025a5070534c76990ead
fe0f552afa23bc99d2c359823665ea26d92303e81639f258adb14344c11f4818

49.12.208.158.sslip.io Open in urlscan Pro 49.12.208.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

194 Requests

85 %HTTPS

47 %IPv6

25 Domains

41 Subdomains

36 IPs

7 Countries

6584 kBTransfer

11745 kBSize

16 Cookies

23 Outgoing links

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

49.12.208.158.sslip.io Open in urlscan Pro
49.12.208.158 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

85 %
HTTPS

47 %
IPv6

25
Domains

41
Subdomains

36
IPs

7
Countries

6584 kB
Transfer

11745 kB
Size

16
Cookies

194 HTTP transactions
0 data transactions