URL: https://netutv.downsfrip.xyz/?p=1390
Submission: On May 26 via manual from IN — Scanned from DE

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3033::6815:3263, located in United States and belongs to CLOUDFLARENET, US. The main domain is netutv.downsfrip.xyz.
TLS certificate: Issued by GTS CA 1P5 on May 3rd 2023. Valid for: 3 months.
This is the only time netutv.downsfrip.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
2 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 2001:4860:486... 15169 (GOOGLE)
1 3 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 104.196.247.193 396982 (GOOGLE-CL...)
36 13
Apex Domain
Subdomains
Transfer
15 ncdn22.xyz
ncdn22.xyz
111 KB
5 downsfrip.xyz
netutv.downsfrip.xyz
39 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3734
2 KB
3 testingmetriksbre.ru
testingmetriksbre.ru — Cisco Umbrella Rank: 119013
3 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 822
41 KB
2 videocdnmetrika.com
videocdnmetrika.com — Cisco Umbrella Rank: 91295
2 KB
1 greenlanemarketing.com
www.greenlanemarketing.com
490 KB
1 wsrv.nl
wsrv.nl — Cisco Umbrella Rank: 90458
546 B
1 dns.google
dns.google — Cisco Umbrella Rank: 1335
488 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
88 KB
1 alleviatepracticableaddicted.com
alleviatepracticableaddicted.com — Cisco Umbrella Rank: 192479
1 commentsmodule.com
commentsmodule.com — Cisco Umbrella Rank: 97226
36 12
Domain Requested by
15 ncdn22.xyz netutv.downsfrip.xyz
ncdn22.xyz
unpkg.com
5 netutv.downsfrip.xyz netutv.downsfrip.xyz
3 mc.yandex.ru 1 redirects videocdnmetrika.com
3 testingmetriksbre.ru ncdn22.xyz
testingmetriksbre.ru
3 unpkg.com ncdn22.xyz
2 videocdnmetrika.com testingmetriksbre.ru
videocdnmetrika.com
1 www.greenlanemarketing.com ncdn22.xyz
1 wsrv.nl
1 dns.google ncdn22.xyz
1 cdn.jsdelivr.net videocdnmetrika.com
1 alleviatepracticableaddicted.com ncdn22.xyz
1 commentsmodule.com ncdn22.xyz
36 12

This site contains no links.

Subject Issuer Validity Valid
downsfrip.xyz
GTS CA 1P5
2023-05-03 -
2023-08-01
3 months crt.sh
ncdn22.xyz
GTS CA 1P5
2023-04-19 -
2023-07-18
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
testingmetriksbre.ru
GTS CA 1P5
2023-04-22 -
2023-07-21
3 months crt.sh
commentsmodule.com
GTS CA 1P5
2023-04-18 -
2023-07-17
3 months crt.sh
alleviatepracticableaddicted.com
R3
2023-05-02 -
2023-07-31
3 months crt.sh
*.videocdnmetrika.com
GTS CA 1P5
2023-04-04 -
2023-07-03
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
dns.google
GTS CA 1C3
2023-05-08 -
2023-07-31
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-03-17 -
2023-08-27
5 months crt.sh
wsrv.nl
E1
2023-05-02 -
2023-07-31
3 months crt.sh
www.greenlanemarketing.com
R3
2023-03-29 -
2023-06-27
3 months crt.sh

This page contains 3 frames:

Primary Page: https://netutv.downsfrip.xyz/?p=1390
Frame ID: F0367E660A50785C2AF6B4D3BE520E7E
Requests: 5 HTTP requests in this frame

Frame: https://ncdn22.xyz/blocked.html
Frame ID: 16511FE1FA57AE5143B6403C9BD78825
Requests: 25 HTTP requests in this frame

Frame: https://videocdnmetrika.com/f.php?sid=212040&rand=49089145
Frame ID: 47C5BC7FD31A8581248C86B21CA0AD4D
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

Virupaksha tel embed source netutv | Streaming Netu Embed Movies

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

36
Requests

97 %
HTTPS

83 %
IPv6

12
Domains

12
Subdomains

13
IPs

2
Countries

777 kB
Transfer

1360 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://mc.yandex.ru/watch/90175160?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D49089145&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1xbwdxt5f7y0a20lu2cmgnz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1043%3Acn%3A1%3Adp%3A0%3Als%3A967277611869%3Ahid%3A756259005%3Az%3A0%3Ai%3A20230526042424%3Aet%3A1685075064%3Ac%3A1%3Arn%3A272629545%3Arqn%3A1%3Au%3A168507506420641150%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A10%2C48%2C114%2C1%2C2%2C0%2C%2C11%2C0%2C%2C%2C%2C189%3Aco%3A0%3Acpf%3A1%3Ans%3A1685075063691%3Arqnl%3A1%3Ast%3A1685075064%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D49089145&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1xbwdxt5f7y0a20lu2cmgnz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1043%3Acn%3A1%3Adp%3A0%3Als%3A967277611869%3Ahid%3A756259005%3Az%3A0%3Ai%3A20230526042424%3Aet%3A1685075064%3Ac%3A1%3Arn%3A272629545%3Arqn%3A1%3Au%3A168507506420641150%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A10%2C48%2C114%2C1%2C2%2C0%2C%2C11%2C0%2C%2C%2C%2C189%3Aco%3A0%3Acpf%3A1%3Ans%3A1685075063691%3Arqnl%3A1%3Ast%3A1685075064%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

36 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
netutv.downsfrip.xyz/
13 KB
4 KB
Document
General
Full URL
https://netutv.downsfrip.xyz/?p=1390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0933a2eb683efe0e9767e3d68068c2f50b09397eaeb1dce9b2cfa99b92b3db6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cd33f8879cc1961-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 May 2023 04:24:23 GMT
link
<https://netutv.downsfrip.xyz/index.php?rest_route=/>; rel="https://api.w.org/" <https://netutv.downsfrip.xyz/index.php?rest_route=/wp/v2/posts/1390>; rel="alternate"; type="application/json" <https://netutv.downsfrip.xyz/?p=1390>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHhCbdPKMtD1JJDjcBpEubI%2FrFkZXpQStdyHxzPXOKT2170eMrqCVnTm5vZkZ1JEGLitmbbIOp0e%2FLKcGlhF8KoKveDBzjmDHI8hfF9kddeQLzkQhHgR5m8bk5oV8QgKpMkRyqovUnW26hZZ%2BHXJCQS5Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
miss
x-pingback
https://netutv.downsfrip.xyz/xmlrpc.php
x-turbo-charged-by
LiteSpeed
style.min.css
netutv.downsfrip.xyz/wp-includes/css/dist/block-library/
93 KB
13 KB
Stylesheet
General
Full URL
https://netutv.downsfrip.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.3
Requested by
Host: netutv.downsfrip.xyz
URL: https://netutv.downsfrip.xyz/?p=1390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://netutv.downsfrip.xyz/?p=1390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 May 2023 17:18:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
169969
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voHm%2BIO4NS3IL6O4nUKluFHUbXrNPh6RFgVr3k1fY7WCwGvwEwRXwT02pZ7oIDhV7SogCUCg4r%2F55%2F6gLQSk2i64SmCJJ1fdEsbyNZeXWFLYjKLD8AEVGDhObu3TGX6SiarMOnPxboQ7MkYOdD9YNRU%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cd33f893a801961-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 31 May 2023 05:11:34 GMT
classic-themes.min.css
netutv.downsfrip.xyz/wp-includes/css/
217 B
478 B
Stylesheet
General
Full URL
https://netutv.downsfrip.xyz/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: netutv.downsfrip.xyz
URL: https://netutv.downsfrip.xyz/?p=1390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://netutv.downsfrip.xyz/?p=1390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Jan 2023 05:19:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
169969
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foitCx9WT8ZIHkD09B%2FiLB8SpRb9X9hyEIqBtQbvqA1U4neg3%2BxLYCu0ZxhW7iiVZ8%2F%2F7sePbPxH7XO9ggNg2OjJth1l2kYt956cLKOGLmWJZXZ6AnQVw9%2FJ%2FpOxyP%2FpDgywe8QfVJ9R0xmDYPrZo%2B8X3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cd33f893a851961-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 31 May 2023 05:11:34 GMT
style.css
netutv.downsfrip.xyz/wp-content/themes/ivideo/
2 KB
1 KB
Stylesheet
General
Full URL
https://netutv.downsfrip.xyz/wp-content/themes/ivideo/style.css?ver=6.1.3
Requested by
Host: netutv.downsfrip.xyz
URL: https://netutv.downsfrip.xyz/?p=1390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8ee788393557979384e776bccdcdfbb23a33791516151e87e74d25ce6563837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://netutv.downsfrip.xyz/?p=1390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 28 Jan 2023 20:46:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
169969
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ5iCq97fZdV8EJ%2FnDRFcMtpXmOvL1Im4HHSiU6fOfFWMLRCQ0U3InbW5DuL%2FuQg%2BcWULHJq4X6JWsquzafPszkQfWyfMl3R1iB3cEF7ePi5NzFQizxzYUOQZYzZXEH%2BtV9W%2FHgpE8Gzbjo3Zd6tCrLxmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7cd33f893a861961-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 31 May 2023 05:11:34 GMT
TWJHbUNzZHpxd29MYktyejI0YWFNUT09
ncdn22.xyz/e/ Frame 1651
144 KB
37 KB
Document
General
Full URL
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Requested by
Host: netutv.downsfrip.xyz
URL: https://netutv.downsfrip.xyz/?p=1390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
998f718be2cb5756cb6aa26683ce205e7e39e4e0c78cdc549f123be6e957c711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://netutv.downsfrip.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7cd33f899da89b69-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 26 May 2023 04:24:23 GMT
link
<//ncdn22.xyz>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KR1eipeSeis7mGukyfSB9OWbYE2JWbPiqm08%2Br1WI3x0ZA0KqPL7Sm%2BtT5ifaqlyT9Wl%2B4EjOP3Vn%2BXdr%2F71qZMcJsY4Gk53XZ2LkxPJJSrW9uVqiqH1Voz9AF61mgSuo756euEnZdi6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status-inferno
EXPIRED
x-content-type-options
nosniff
x-inferno-limit-req
PASSED
x-inferno-location
player
x-origin-location
player
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection
1; mode=block;
white_sand.png
netutv.downsfrip.xyz/wp-content/themes/ivideo/images/
21 KB
21 KB
Image
General
Full URL
https://netutv.downsfrip.xyz/wp-content/themes/ivideo/images/white_sand.png
Requested by
Host: netutv.downsfrip.xyz
URL: https://netutv.downsfrip.xyz/wp-content/themes/ivideo/style.css?ver=6.1.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3263 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://netutv.downsfrip.xyz/wp-content/themes/ivideo/style.css?ver=6.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
169966
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21591
last-modified
Mon, 20 Jul 2015 14:56:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1bIp0LmctKh9YZCctDQGNftRpN9%2F5%2BVEWmmiaIaCvICNV3tFv6%2FPDOrO7y%2FuB8y%2FIhPRkG52jXV81iAjw9vIsOylD3kZXejwT9pcKAxxqjAE0MI%2FInf3oE%2BxrWAJqxxcrVRsXl2YJxFodCXessI%2Bw%2Bj4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7cd33f897aa91961-FRA
expires
Wed, 31 May 2023 05:11:37 GMT
websocket_ip.min.js
ncdn22.xyz/js/ Frame 1651
5 KB
2 KB
Script
General
Full URL
https://ncdn22.xyz/js/websocket_ip.min.js
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
8260984
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Fri, 20 Jan 2023 13:44:36 GMT
server
cloudflare
etag
W/"63ca9ac4-121c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G31jgfSvmX2%2Bmy3yi%2F9YnOZEK7wU%2FChd6MvYz2%2BovnvVhoVpsuX2QJmhi9m8buNuMeWs%2FIxVZS%2BkRUXOt1dOqlKfLO94Gkn%2BjRQVQ2nv2mep6TgTABUNmeCiMysgjMAW0WJ8%2Bnp46BTb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7cd33f8a2e6a9b69-FRA
email-decode.min.js
ncdn22.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 1651
1 KB
1 KB
Script
General
Full URL
https://ncdn22.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 May 2023 14:45:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64678b77-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zglrFlgTAC2%2FUv3cvs1Wa1eSg%2BsWrEp6Lrlf%2BKqsI%2FoKjew3TMbWffvyhyYmG8I%2FWyCRC5zi87smNDOojWvF%2FxAWFPbdkuFLLeWXWHPsY9W3EDMB4dI7NWzNpNTLIzWRI3fUCcSHU1Wp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7cd33f8a2e6e9b69-FRA
expires
Sun, 28 May 2023 04:24:23 GMT
embed_player.3.css
ncdn22.xyz/styles/global/ Frame 1651
6 KB
2 KB
Stylesheet
General
Full URL
https://ncdn22.xyz/styles/global/embed_player.3.css?130
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
8260983
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Wed, 09 Dec 2020 22:16:37 GMT
server
cloudflare
etag
W/"5fd14cc5-1701"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4o%2FyND8yNBWuF%2BAUtpTp8vGajle1%2F11lyA1I22NfcZ7SIBO%2FJMigXSZK3mzxlkcxzY1%2FpqH9BtRMAHCQznXc1gXiiRRKa3yX1Crk9LVC%2BKuUu8eGjmT3S8fVIE3sDO2nUp37IenWdXn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7cd33f8a2e6f9b69-FRA
modernizr.js
ncdn22.xyz/js/video.jquery_plugs/ Frame 1651
1 KB
957 B
Script
General
Full URL
https://ncdn22.xyz/js/video.jquery_plugs/modernizr.js?12
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
8260983
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Sun, 03 Jun 2018 17:19:35 GMT
server
cloudflare
etag
W/"5b142327-4cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1pi6%2BEPdc5GX730RGqDlfOSVMNKWd5jfD%2Fr9M6B0yJptSFA11tILs6M%2BiC8TiNa8Udi1mY%2FL%2FgXK4yifOhgL5RR2%2BAxW1WgNj78AJd2eC8bJk0QK%2FKaRUDfIs7YSQRbfaW4VQDnRBZg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7cd33f8a2e719b69-FRA
progressbar.min.js
unpkg.com/progressbar.js@1.1.0/dist/ Frame 1651
29 KB
9 KB
Script
General
Full URL
https://unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2420213
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GZ30PT4EPJX4K43T664DFPTM-fra
server
cloudflare
etag
W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7cd33f8a889f9b70-FRA
jquery.min.js
unpkg.com/jquery@2.2.4/dist/ Frame 1651
84 KB
30 KB
Script
General
Full URL
https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5768047
last-modified
Fri, 20 May 2016 17:24:42 GMT
fly-request-id
01GVZ7Z1T62SC7GHYBE2MHVJDC-fra
server
cloudflare
etag
W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7cd33f8a88a09b70-FRA
jquery.cookie.js
unpkg.com/jquery.cookie@1.4.1/ Frame 1651
3 KB
1 KB
Script
General
Full URL
https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
20146511
last-modified
Sun, 27 Apr 2014 20:04:54 GMT
fly-request-id
01GEJQK5JWTXJ3WXSGVH2Z05MG-fra
server
cloudflare
etag
W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7cd33f8a88a19b70-FRA
d_check.js
ncdn22.xyz/js/ Frame 1651
3 KB
1 KB
Script
General
Full URL
https://ncdn22.xyz/js/d_check.js?34
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
8260982
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Thu, 27 Feb 2020 14:57:53 GMT
server
cloudflare
etag
W/"5e57d8f1-d8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fs%2BsS165kHwcFpidHiOfTooFPUuc6BC4pWTRpC7gDmnDMbd56OvHtWVTRhtfXvRb9xS5Lkoqc0%2B%2BM%2BqHxCEWwoVIFqtcqU%2BSJkC1b3liibcRzBzkVuT8zt%2BIJQkSEGUfzXJVj%2FuBjnyu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7cd33f8a2e729b69-FRA
embed.211.js
ncdn22.xyz/js/ Frame 1651
167 KB
41 KB
Script
General
Full URL
https://ncdn22.xyz/js/embed.211.js?736
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d85956e60f098d0e36bd9c3e3457ea595d083561c95edf8ddffb37a577dcb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
2291732
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Sat, 29 Apr 2023 15:48:32 GMT
server
cloudflare
etag
W/"644d3c50-29c06"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSBkejcSHtx7R4AzvpV%2FSlqzDr4XYOOYs26qXNaQpmQ2D4XiVQ7B%2Bm69ASDaP1oA7sYz7pwSvdfan0TBz9aHfxtVNNqGlYyHTsGY4JClOS%2FPAYv4zf98bqePYNwE7ky8fHAUxsRlNGjF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7cd33f8a2e739b69-FRA
popunder.js
ncdn22.xyz/ad/api/ Frame 1651
21 B
360 B
Script
General
Full URL
https://ncdn22.xyz/ad/api/popunder.js
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
x-cache-status-inferno-s
MISS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3713973
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Wed, 15 Sep 2021 14:06:22 GMT
server
cloudflare
etag
"6141fdde-15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGOdzzOJq2UW11dquTAz6JJYOUr%2BhYhwvBnqLT9Oy1Xm8ZBqhsxXf9h7ZIzyQf%2FI8muDnFtb%2BsLwE15MzeFVDe0nfqAmm2sarLnRSw6tOWDhN98mhcVJvQKcaoKfSrU%2BYkODys4wnB1D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7cd33f8a2e749b69-FRA
fuckadblock.js
ncdn22.xyz/js/adv/ Frame 1651
14 KB
4 KB
Script
General
Full URL
https://ncdn22.xyz/js/adv/fuckadblock.js?2
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
8260981
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Tue, 27 Aug 2019 17:39:04 GMT
server
cloudflare
etag
W/"5d656ab8-369e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3akNoHGET5Wsn3VN5JeK2V3hhVvrdwomk9mHrJqcw0IsFEfnnHmIAWR4t0rZZiwNiTI7Tbwnlgn0nca%2FJ7l7HjT59rBhOi7sB7YnSebCEZ56XzOPtbxR%2Bul%2FihtUywB3griJZd2KMdY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7cd33f8a2e759b69-FRA
netu.php
testingmetriksbre.ru/ Frame 1651
1 KB
1 KB
Script
General
Full URL
https://testingmetriksbre.ru/netu.php
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
fd45bb46808611318ab74c39100ef0aa9aa78e5ad508e6219d0ec8d4d52f2a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9Pa045%2B11I1pxvwylfZ%2Fn52xWDkuF3Dgy44IYLW0tTpwIh1pQStbToWVt%2BtGJfZ0PBAcnQ%2Bpzfh30D5TMN5D9QoFKQ8QdaNMld4hHd10UAa%2FP3TkzHTR1EEWsUQ%2Fqh4Flc9kzlbr6dNIbvQ2gFQCjuOPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7cd33f8a89526937-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js.load.1.js
commentsmodule.com/js/ Frame 1651
0
0
Fetch
General
Full URL
https://commentsmodule.com/js/js.load.1.js?7324741654406843
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
2104921
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Thu, 14 Apr 2022 12:20:52 GMT
server
cloudflare
etag
"625811a4-0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9psqisotn1goDbGBNSqBJjR185QA69a9CZ1Ow7NqDA7v%2FWQiCyaLUa2m9LY2dQx9UbX6yS5QTIRdI0Jh7mQUT5BArIMV3JBE6U8dy8M%2Ffu%2FcjEzQ56DGsgAuRMLJxY%2BbLfwoicAo8G5IfTeD3z2IqJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7cd33f8b39d08ffa-FRA
script-2.12.5.js
ncdn22.xyz/js/ Frame 1651
19 KB
5 KB
Script
General
Full URL
https://ncdn22.xyz/js/script-2.12.5.js
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/js/embed.211.js?736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
x-cache-status-inferno-s
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
8261182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Tue, 01 Dec 2020 19:28:37 GMT
server
cloudflare
etag
W/"5fc69965-4cb8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZMttQ7E0OYMReA9f8raRoinMIaoteSbA%2FT6YCs0wHUbiib2wdMI8vty%2Bt%2FWkgGXJT0fk0UfX3lWXbC516%2BopnFjV1wNOTJSwSjR5eOdFBJqlF2di9NCl%2FxsfUdDZzdavlKQZaL%2FlqHi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7cd33f8b0b6918d5-FRA
trace
ncdn22.xyz/cdn-cgi/ Frame 1651
315 B
418 B
XHR
General
Full URL
https://ncdn22.xyz/cdn-cgi/trace
Requested by
Host: unpkg.com
URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b1ebe2bd3f49cae4ecbf3b597a786d23c5a2cdd0437b90d7546dba0a52971a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7cd33f8b1b6c18d5-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
ab0be2a44b7ecf91bdbd5cd360d84937.js
alleviatepracticableaddicted.com/ab/0b/e2/ Frame 1651
0
0
Script
General
Full URL
https://alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 04:24:23 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
get_player_image.php
ncdn22.xyz/player/ Frame 1651
23 KB
14 KB
XHR
General
Full URL
https://ncdn22.xyz/player/get_player_image.php
Requested by
Host: unpkg.com
URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c6d7dfa00d2b0e390f537d5830a1dc421c1ecf7250c2742efe60cc91572a01a

Request headers

Accept
*/*
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

x-img-cr
j
date
Fri, 26 May 2023 04:24:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-inferno-limit-req
PASSED
x-clickarr-add-e
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-inferno-location
player
pragma
no-cache
x-image-size
17021
server
cloudflare
x-image-colors
0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3MDEhYJdFAdl1M0SsToO2uufms0RZqejewQol%2F6tgJ2cpBp4vimRFFpKANp3Wd7jElwWv34eQMlrMB6CfEm3%2FMmmlluHMQ0r%2F2CxTwFZAFdchoi2GuhC%2Fn1fzkm%2FSp3cqpLV8zcdGb7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, max-age=0
x-origin-location
get_image
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
cf-ray
7cd33f8b6bb718d5-FRA
x-file-located
temp, filename:../files/temp/video_images/z/5/1684610980tbc5z-1.jpg
x-image-colors-src
0
f.php
testingmetriksbre.ru/ Frame 47C5
4 KB
2 KB
Document
General
Full URL
https://testingmetriksbre.ru/f.php?sid=212040
Requested by
Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/netu.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
b571d089cc4e6c0a45fb72bab91ceaaf26ba50c2c2779c9df363e87b23d6f4ff

Request headers

Referer
https://ncdn22.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7cd33f8b6a106937-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 May 2023 04:24:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5%2FfWZXp5250LKm0n5rYwH715h%2FoEqwu5eNnUtsYwTH%2F0HM5mv%2Bv6qH9V8kRP2M1o8oiyo6P2jhiSk2yndXFiiE4VKGUf1ANUzPoM1DfjfrayGjDwKTGtfh8qT%2BtrhV8hMWo6TBcMDEADc2oSdQX8%2FpoaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
x-robots-tag
noindex
banner.gif
testingmetriksbre.ru/ads/ Frame 47C5
42 B
544 B
Image
General
Full URL
https://testingmetriksbre.ru/ads/banner.gif
Requested by
Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/f.php?sid=212040
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:aa2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://testingmetriksbre.ru/f.php?sid=212040
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Jul 2022 17:05:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62c46f48-2a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6KHcCwOf7OopRVCRikLvjK%2BPuUfmMiUORx7wLqhNtVE40N7gNuI3%2Blu%2FJL%2BuXBycmya8AdMHchXrXcfTGPH5QZU5s2%2BgJdnEG8fJPOq4F%2FgiNiO0PuAVVzVm56L%2ByRUKylS%2Fwic1dHi3LSt0Ap5CreiAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
accept-ranges
bytes
cf-ray
7cd33f8bfbe09950-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
f.php
videocdnmetrika.com/ Frame 47C5
4 KB
2 KB
Document
General
Full URL
https://videocdnmetrika.com/f.php?sid=212040&rand=49089145
Requested by
Host: testingmetriksbre.ru
URL: https://testingmetriksbre.ru/f.php?sid=212040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
e92efbfaa89562bf7db7225f24931a041c0e2ea47a392df15978d0a22fb11f2f

Request headers

Referer
https://testingmetriksbre.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7cd33f8c7a9903b8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 May 2023 04:24:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWRucP6ktpYD1qyLZXcizMaNBlw6pA22T2wRmrziZ7OI0F7ps9acW%2BCaB%2FdyOcHddsqMnYUvaxvgjRn3GITPfw38XQCTA4Vx4j38r9K%2FoqAGlWuUArbRBHBJE9uxmjkUyRzEP9tF40dxMKpgbL9k47xl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
x-robots-tag
noindex
truncated
/ Frame 1651
17 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4dd35c026f7e20c912ad21c3e4128016ede063a6458824f5e09b77b804ad1b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/jpeg
banner.gif
videocdnmetrika.com/ads/ Frame 47C5
42 B
408 B
Image
General
Full URL
https://videocdnmetrika.com/ads/banner.gif
Requested by
Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?sid=212040&rand=49089145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videocdnmetrika.com/f.php?sid=212040&rand=49089145
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:23 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 17:05:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
914
etag
"62c46f48-2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwQvO8JSm2s9HhYG8E09NU8NMFJXHCL1rdb9tXXd6LyoNQNHyzumMj4oWSlM2ucw1SuQkB5Rd8614IteAbjvt1meslfshg%2B5mshen2mlO1h1wywCS%2BgvrbAi6Gl9itOOgwLrWD%2FMlog7aKFR4BEjZ9KW"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7cd33f8d4b4a03b8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame 47C5
213 KB
88 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?sid=212040&rand=49089145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
88e5119a2a55b0d746d89a722411f9ced41286d6b26f567f199486f1c5952a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videocdnmetrika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 May 2023 04:24:23 GMT
x-content-type-options
nosniff
content-encoding
br
age
12080
x-jsd-version
1.276.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
89387
x-served-by
cache-fra-eddf8230114-FRA
x-jsd-version-type
version
etag
W/"3558e-x/TQEw7mwfKI62Fvk0X+zRBzlZI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
resolve
dns.google/ Frame 1651
277 B
488 B
Fetch
General
Full URL
https://dns.google/resolve?name=24.218.114.217.in-addr.arpa&type=PTR&cd=true
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4860::8888 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
9e82653e81adaa7a1c7b0154397a5e2988b5474adbc32303b0c515e75d9f9cb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 May 2023 04:24:23 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=21600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192
x-xss-protection
0
expires
Fri, 26 May 2023 04:24:23 GMT
advert.gif
mc.yandex.ru/metrika/ Frame 47C5
43 B
511 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?sid=212040&rand=49089145
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videocdnmetrika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 24 May 2023 11:18:57 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"646dc871-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 26 May 2023 05:24:24 GMT
1
mc.yandex.ru/watch/90175160/ Frame 47C5
Redirect Chain
  • https://mc.yandex.ru/watch/90175160?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D49089145&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%...
  • https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D49089145&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=ch...
435 B
518 B
XHR
General
Full URL
https://mc.yandex.ru/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D49089145&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1xbwdxt5f7y0a20lu2cmgnz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1043%3Acn%3A1%3Adp%3A0%3Als%3A967277611869%3Ahid%3A756259005%3Az%3A0%3Ai%3A20230526042424%3Aet%3A1685075064%3Ac%3A1%3Arn%3A272629545%3Arqn%3A1%3Au%3A168507506420641150%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A10%2C48%2C114%2C1%2C2%2C0%2C%2C11%2C0%2C%2C%2C%2C189%3Aco%3A0%3Acpf%3A1%3Ans%3A1685075063691%3Arqnl%3A1%3Ast%3A1685075064%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
dcbd40f21b446bcb74fe25ed91b5c904cb29e44e2cd2c0d8e3144423624359ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://videocdnmetrika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 May 2023 04:24:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 26-May-2023 04:24:24 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://videocdnmetrika.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Fri, 26-May-2023 04:24:24 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 May 2023 04:24:24 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 26-May-2023 04:24:24 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/90175160/1?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fsid%3D212040%26rand%3D49089145&page-ref=https%3A%2F%2Ftestingmetriksbre.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1xbwdxt5f7y0a20lu2cmgnz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1043%3Acn%3A1%3Adp%3A0%3Als%3A967277611869%3Ahid%3A756259005%3Az%3A0%3Ai%3A20230526042424%3Aet%3A1685075064%3Ac%3A1%3Arn%3A272629545%3Arqn%3A1%3Au%3A168507506420641150%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A10%2C48%2C114%2C1%2C2%2C0%2C%2C11%2C0%2C%2C%2C%2C189%3Aco%3A0%3Acpf%3A1%3Ans%3A1685075063691%3Arqnl%3A1%3Ast%3A1685075064%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://videocdnmetrika.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 26-May-2023 04:24:24 GMT
_adview_.ad.json
ncdn22.xyz/ad/banner/_adsense_/_adserver/ Frame 1651
2 B
432 B
XHR
General
Full URL
https://ncdn22.xyz/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=71676843
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/js/adv/fuckadblock.js?2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UE1AGXiu49Nxx9rDJMvMLqgVouhJ%2FG2pOYuSq93yJubfX%2B%2Fl%2B6dHvY1xvYvLRMb0nrPtiMfb9ALIlk1yZeArHwqaDtjK9bpYRlD%2FXthbOdp9UFm10y4ZdauHkmgYnyxb8fwWCJGBxErY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
7cd33f8f9eed18d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
x-inferno-location
banner
_adview_.ad.json
ncdn22.xyz/ad/banner/_adsense_/_adserver/ Frame 1651
2 B
434 B
XHR
General
Full URL
https://ncdn22.xyz/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=51254033
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/js/adv/fuckadblock.js?2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UMj68wKoYmiYPQlgL5dkxJpx39KIwNz%2FhiBTHwr41h9dbz4Tk5QdB4kBpb2EIo%2BS%2BkTK%2FstTBvoJRIDGRbqd6udCs48n29XRbrkSfA%2FCvShxReefY%2B8pQqbyDHpcg90JTmNvY6CGg%2Fc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
7cd33f8fff2e18d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
x-inferno-location
banner
/
wsrv.nl/ Frame 1651
0
546 B
Image
General
Full URL
https://wsrv.nl/?url=cdn-s9.cfglobalcdn.com%2Fflv%2Fapi%2Ffiles%2Fthumbs_new%2F2023%2F05%2F20%2F1684610980tbc5z%2F1684610980tbc5z-640x480-1.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ncdn22.xyz/
Origin
https://ncdn22.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-images-api
5
date
Fri, 26 May 2023 04:24:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDj%2Fa%2BVXbekiTmm7brilqEIcmW1ei09Alf4eEcQ8Qsy2JCAILD2lH6Vlm3kg%2BQOU05ZjRFMKy%2BovyFjIDrQnBBDUCoUNGHbSvhfb136UY7mA%2BzzUn0xNeMuk4o16DVA1PiuuZnsH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
cf-ray
7cd33f906aa93a5c-FRA
alt-svc
h3=":443"; ma=86400
blocked.html
ncdn22.xyz/ Frame 1651
2 KB
1 KB
Document
General
Full URL
https://ncdn22.xyz/blocked.html
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/js/embed.211.js?736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eda7239b0768d5e229e465e42c5c7008bf6d6e206d3c647fcb08961614c813da

Request headers

Referer
https://ncdn22.xyz/e/TWJHbUNzZHpxd29MYktyejI0YWFNUT09
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
accessing-static
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
cf-cache-status
DYNAMIC
cf-ray
7cd33f959c0918d5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 May 2023 04:24:25 GMT
last-modified
Thu, 30 Apr 2020 05:17:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2Fs2UzScI4QSYTO9EHEG5IfAXY1J%2Fh%2FmY5HTbvEzGdscNjqpqcIWnTI1sJkXZIJGRvX3jNx49YsX4Yi9HErForRbrg32TaYxy7aHtNcL2wnE0irzzVcEEaMiTYXf8QbDa%2BhTPitRsZf9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status-inferno-s
MISS
x-inferno-location
static
blocked.png
www.greenlanemarketing.com/wp-content/uploads/2015/03/ Frame 1651
490 KB
490 KB
Image
General
Full URL
https://www.greenlanemarketing.com/wp-content/uploads/2015/03/blocked.png
Requested by
Host: ncdn22.xyz
URL: https://ncdn22.xyz/blocked.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.247.193 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
193.247.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
11fc82362e782179a0fa1cc4ec21299e2cb7bcfebb8a0c1781c0ca6533277f23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ncdn22.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 26 May 2023 04:24:25 GMT
last-modified
Thu, 12 Mar 2020 14:03:01 GMT
server
nginx
etag
"5e6a4115-7a655"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
501333

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

10 Cookies

Domain/Path Name / Value
ncdn22.xyz/ Name: uid
Value: 0xyrAa4D2qaxd8ooQ1KqJIfz3X9VNHF3
.videocdnmetrika.com/ Name: _ym_uid
Value: 168507506420641150
.videocdnmetrika.com/ Name: _ym_d
Value: 1685075064
mc.yandex.ru/ Name: yabs-sid
Value: 2275923221685075064
.yandex.ru/ Name: i
Value: V/TeDgK7P0iFi2nKhTgjzku1r7ZwfMY9nQNn9dhdTWPxL5FMuVLvH4UXnME97LHSPEdgtd2DQoMA6VElfJ23rEz8Q7g=
.yandex.ru/ Name: yandexuid
Value: 240694031685075064
.yandex.ru/ Name: yuidss
Value: 240694031685075064
.yandex.ru/ Name: ymex
Value: 1716611064.yc.1685075064#1716611064.yrts.1685075064#1716611064.yrtsi.1685075064
.yandex.ru/ Name: bh
Value: KgI/MA==
.videocdnmetrika.com/ Name: _ym_isad
Value: 2

4 Console Messages

Source Level URL
Text
other warning URL: https://testingmetriksbre.ru/netu.php(Line 3)
Message:
Unrecognized feature: 'bluetooth'.
other warning URL: https://testingmetriksbre.ru/netu.php(Line 3)
Message:
Unrecognized feature: 'document-domain'.
other warning URL: https://testingmetriksbre.ru/netu.php(Line 3)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://alleviatepracticableaddicted.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alleviatepracticableaddicted.com
cdn.jsdelivr.net
commentsmodule.com
dns.google
mc.yandex.ru
ncdn22.xyz
netutv.downsfrip.xyz
testingmetriksbre.ru
unpkg.com
videocdnmetrika.com
wsrv.nl
www.greenlanemarketing.com
104.196.247.193
192.243.59.20
2001:4860:4860::8888
2606:4700:3031::6815:5fe6
2606:4700:3033::6815:3263
2606:4700:3037::ac43:aa2d
2606:4700::6810:7daf
2606:4700:e4::ac40:a910
2a02:6b8::1:119
2a04:4e42:400::485
2a06:98c1:3120::3
2a06:98c1:3121::3
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0933a2eb683efe0e9767e3d68068c2f50b09397eaeb1dce9b2cfa99b92b3db6a
10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f
11fc82362e782179a0fa1cc4ec21299e2cb7bcfebb8a0c1781c0ca6533277f23
1d85956e60f098d0e36bd9c3e3457ea595d083561c95edf8ddffb37a577dcb55
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615
3c6d7dfa00d2b0e390f537d5830a1dc421c1ecf7250c2742efe60cc91572a01a
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7
458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea
88e5119a2a55b0d746d89a722411f9ced41286d6b26f567f199486f1c5952a99
8b1ebe2bd3f49cae4ecbf3b597a786d23c5a2cdd0437b90d7546dba0a52971a3
998f718be2cb5756cb6aa26683ce205e7e39e4e0c78cdc549f123be6e957c711
9e82653e81adaa7a1c7b0154397a5e2988b5474adbc32303b0c515e75d9f9cb5
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
b041e7b08a99e947327a5faf96e5ab7aeef39a467c0ef2240710a19857743da3
b571d089cc4e6c0a45fb72bab91ceaaf26ba50c2c2779c9df363e87b23d6f4ff
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
c8ee788393557979384e776bccdcdfbb23a33791516151e87e74d25ce6563837
dcbd40f21b446bcb74fe25ed91b5c904cb29e44e2cd2c0d8e3144423624359ca
e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92efbfaa89562bf7db7225f24931a041c0e2ea47a392df15978d0a22fb11f2f
eda7239b0768d5e229e465e42c5c7008bf6d6e206d3c647fcb08961614c813da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4dd35c026f7e20c912ad21c3e4128016ede063a6458824f5e09b77b804ad1b5
fd45bb46808611318ab74c39100ef0aa9aa78e5ad508e6219d0ec8d4d52f2a46