ar-state.com Open in urlscan Pro
104.21.44.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Submission: On September 20 via manual (September 20th 2021, 12:22:39 pm UTC) from CH — Scanned from DE

Summary HTTP 98 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 19 domains to perform 98 HTTP transactions. The main IP is 104.21.44.254, located in and belongs to CLOUDFLARENET, US. The main domain is ar-state.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2021. Valid for: a year.

This is the only time ar-state.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.21.44.254 104.21.44.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::6815:4529	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	185.156.202.211 185.156.202.211	56388 (AMBER-AS ...) (AMBER-AS ---CLIENTS---)
16	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
6	104.19.135.80 104.19.135.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	104.19.139.80 104.19.139.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.225.78.28 13.225.78.28	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:6a::6	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	64.58.116.142 64.58.116.142	7979 (SERVERS-COM) (SERVERS-COM)
98	23

7 104.21.44.254 (None, )

ASN13335 (CLOUDFLARENET, US)

ar-state.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:4529 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.siteswithcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.156.202.211 (Belize)

ASN56388 (AMBER-AS ---CLIENTS---, BZ)

m.uttclimber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.135.80 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.19.139.80 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.28 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-28.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:6a::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5ednsl.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.116.142 (United States)

ASN7979 (SERVERS-COM, US)

c.siteswithcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	steepto.com cdn.steepto.com s-img.steepto.com cm.steepto.com	111 KB
14	youtube-nocookie.com www.youtube-nocookie.com	736 KB
13	mgid.com jsc.mgid.com c.mgid.com servicer.mgid.com cm.mgid.com	202 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	212 KB
8	ytimg.com i.ytimg.com	143 KB
7	googlevideo.com r1---sn-4g5ednsl.googlevideo.com	1 MB
7	ar-state.com ar-state.com	80 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	siteswithcontent.com cdn.siteswithcontent.com c.siteswithcontent.com	3 KB
3	bootstrapcdn.com netdna.bootstrapcdn.com maxcdn.bootstrapcdn.com	94 KB
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	youtube.com www.youtube.com	46 KB
2	uttclimber.com m.uttclimber.com	55 KB
2	facebook.net connect.facebook.net	69 KB
1	facebook.com www.facebook.com
1	ggpht.com yt3.ggpht.com	2 KB
1	google.com www.google.com	14 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
98	19

	Domain	Requested by
14	www.youtube-nocookie.com	www.youtube.com www.youtube-nocookie.com ar-state.com
10	s-img.steepto.com	ar-state.com jsc.mgid.com
9	fonts.gstatic.com	fonts.googleapis.com www.youtube-nocookie.com
8	i.ytimg.com	ar-state.com
7	r1---sn-4g5ednsl.googlevideo.com	www.youtube-nocookie.com
7	ar-state.com	ar-state.com
5	c.mgid.com	jsc.mgid.com cdn.siteswithcontent.com ar-state.com
5	jsc.mgid.com	ar-state.com jsc.mgid.com
4	cdn.steepto.com	ar-state.com jsc.mgid.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com ar-state.com
3	fonts.googleapis.com	ar-state.com client
2	www.gstatic.com	www.youtube-nocookie.com www.gstatic.com
2	match.adsrvr.org	2 redirects
2	cm.steepto.com	jsc.mgid.com
2	servicer.mgid.com	jsc.mgid.com
2	www.youtube.com	ar-state.com www.youtube.com
2	m.uttclimber.com	ar-state.com
2	connect.facebook.net	ar-state.com connect.facebook.net
2	cdn.siteswithcontent.com	ar-state.com cdn.siteswithcontent.com
2	netdna.bootstrapcdn.com	ar-state.com netdna.bootstrapcdn.com
1	c.siteswithcontent.com
1	www.facebook.com	connect.facebook.net
1	cm.mgid.com	ar-state.com
1	yt3.ggpht.com	ar-state.com
1	www.google.com	www.youtube-nocookie.com
1	maxcdn.bootstrapcdn.com	ar-state.com
1	cdnjs.cloudflare.com	ar-state.com
1	ajax.googleapis.com	ar-state.com
98	28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
herbeauty.co

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-01` - `2022-07-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
uttclimber.com R3	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-17` - `2021-10-26`	2 months	crt.sh
siteswithcontent.com R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Frame ID: D393F2C20FD1875DC8C4B046D62477DF
Requests: 58 HTTP requests in this frame

Frame: https://jsc.mgid.com/f/r/frlist.info.385488.js?t=202182012
Frame ID: 1192A916CE63C8BC17386751B95C251F
Requests: 7 HTTP requests in this frame

Frame: https://m.uttclimber.com/
Frame ID: DF35E3AC566D7E8D0F6DB34ADE999DF9
Requests: 1 HTTP requests in this frame

Frame: https://m.uttclimber.com/
Frame ID: 59D4F8BC4A2720095D15CE807A26CCDD
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
Frame ID: B786A1049FABCAE6909AEDABF30C8A47
Requests: 29 HTTP requests in this frame

Frame: https://cm.steepto.com/i-noref.js?cbuster=163214055257560404159
Frame ID: 06FF9ED8F545BB6654BA9BEAEE11BB03
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28a37271f0eec%26domain%3Dar-state.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Far-state.com%252Ff2ce811d6012948%26relation%3Dparent.parent&color_scheme=light&container_width=1021&height=100&href=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&locale=de_DE&numposts=20&order_by=reverse_time&sdk=joey&version=v3.2&width=
Frame ID: 0895BE60D95746F1A85D50BD1AB9512E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How to Spot the 3 Fake ID Types! Bouncer Tips 2019

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

98
Requests

100 %
HTTPS

65 %
IPv6

19
Domains

28
Subdomains

23
IPs

4
Countries

3310 kB
Transfer

6554 kB
Size

15
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Far-state.com

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Far-state.com

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/lifestyle/9-of-the-best-family-friendly-dog-breeds/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/entertainment/6-female-tv-characters-that-deserve-their-own-spinoff/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/en/entertainment/7-beloved-movies-that-would-be-problematic-today/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/fashion/12-necessary-styling-tips-a-tall-girls-need-to-know/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/entertainment/8-once-loved-celebs-who-are-now-hated/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/lifestyle/11-signs-you-re-too-much-of-a-perfectionist/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/fashion/12-female-fashion-statements-guaranteed-to-repel-men/

Search URL Search Domain Scan URL

URL: https://herbeauty.co/lifestyle/10-most-influential-women-in-history/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=120&ns__t=1632140552675&ns_c=UTF-8&cv=3.5&c8=How%20to%20Spot%20the%203%20Fake%20ID%20Types!%20Bouncer%20Tips%202019&c7=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1632140552675&ns_c=UTF-8&cv=3.5&c8=How%20to%20Spot%20the%203%20Fake%20ID%20Types!%20Bouncer%20Tips%202019&c7=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&c9=

Request Chain 76

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=029ee8aa-0f96-4dae-8e5b-36d0d910ba5f&ttl=1634732553

98 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request how-to.html Show response
ar-state.com/v/lJipftyRe8uirNo/ 48 KB
13 KB 1562ms
1522ms Document
text/html 104.21.44.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.44.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f842bac894347b588d99240059fcecfc38ef23f43b22f99ad1fbcf4332ca9056

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: ar-state.com
:scheme: https
:path: /v/lJipftyRe8uirNo/how-to.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=14400, no-transform
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 20 Sep 2021 12:22:31 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFpl5zaSKq2qE60xVwqoqbgBjpesraneT5FkLVHGWnoQWHEr6VJxJIZ%2BwwDL4xd07USYphSuOTXpjdK8kt3061WrTzKN7jYhYXmovvoRwUg8pO2qbNORWVN4%2FFwgTvA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 691b0505ea9205f5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 54 KB
3 KB 44ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34e55059b2641fbeb1905a7cfd7b69c3970670b962f45a1a12f3047591a49fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 12:22:31 GMT
server: ESF
date: Mon, 20 Sep 2021 12:22:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Sep 2021 12:22:31 GMT

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ 37 KB
8 KB 37ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css?ver=4.9.7

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 718, 718
age: 12985651
cdn-cachedat: 2021-04-23 06:59:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c5faf1e0cd0b7f0c279448adec2a6391
cf-ray: 691b050faaa15c0e-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 style.css
ar-state.com/css/ 83 KB
16 KB 19ms
18ms Stylesheet
text/css 104.21.44.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ar-state.com/css/style.css?ver=4.9.7

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.44.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e120c901fa79ebc3ba0290c9b2b4dfbb3b906f99295e78fe56abc4999ccf3191

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /css/style.css?ver=4.9.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ar-state.com
referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10907295
cf-polished: origSize=85942
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 20 Sep 2019 16:58:52 GMT
server: cloudflare
etag: W/"5d85054c-14fb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPmzunTleKO%2FT8DcasCw5Fufuq4LJplzsHKDyhCDct0L7iLidn7U5rJY1cqHX04e3xWSgABd8Ma9ZHoc1VUw6aDNX1beXwuEZTbYPkayamiw%2B1MbYEfvI4tk%2FjrkCGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 691b050f8bd905f5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 media-queries.css
ar-state.com/css/ 62 KB
8 KB 21ms
20ms Stylesheet
text/css 104.21.44.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ar-state.com/css/media-queries.css?ver=4.9.7

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.44.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b36f21287eb023a9da87936acd63e1ad0750781e2539b15247c2c4a6ddea5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /css/media-queries.css?ver=4.9.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ar-state.com
referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10872855
cf-polished: origSize=65132
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 05 Mar 2019 12:49:10 GMT
server: cloudflare
etag: W/"5c7e7046-fe6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zq3BK95rhO7BTnJHa%2FjYqiwZdOh3x0WpXVW1kXtLoZBATolXeq%2BbKiCTvaXwdcIgt%2FXh8%2Fy6%2FaLVoC5Ry5mG6dydlmqT41RnUVpPPcYbmddsq6342jKo%2Bb6W3nDkNsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 691b050f8bdc05f5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 08:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Thu, 15 Sep 2022 08:46:15 GMT

GET
H3 200 ui.js Show response
ar-state.com/js/ 32 KB
11 KB 26ms
25ms Script
application/javascript 104.21.44.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ar-state.com/js/ui.js

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7099a2273add53eb39c829e4f35d6847aa949fc597badfdef4cf00602cc01f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /js/ui.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ar-state.com
referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3766942
cf-polished: origSize=33025
cf-cached-on: Fri, 30 Jul 2021 05:21:21 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 07 Aug 2021 22:00:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZa3taT3EEWufBpPpf3hx2TPnocVqqB3AzIkWuQ8E%2BQzje0Nzk4hTnj8sWyj8CUnY0Q2hD5J7U4bz5Id2nchE2gXYZvDua069FXHsrIc7hBULF%2BuW3nGxNSu%2BPHxZKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
cf-ray: 691b050fde99c272-FRA
cf-bgj: minify

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/ 3 KB
2 KB 36ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyload/1.9.1/jquery.lazyload.min.js

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 396803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1120
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-d35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFirI%2FjN0zQum6Hdkgz5uFpPIZknVBPU%2BkMM2JMDphEy9stzk71wrTmUCX2seso9385IXAA1S%2F3JENvmoEA8r%2F6aqZUgZmtfYI55%2BDeQ3bbJnDATdPco3w0GGNFA%2BV99AHXi5DMSs5azkIWPlNk1IdnJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 691b050ff9ca4a92-FRA
expires: Sat, 10 Sep 2022 12:22:31 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 63ms
20ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617
age: 12978754
cdn-cachedat: 2021-04-23 07:45:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e11de8f0379d75f2db00967b88483f70
cf-ray: 691b05101aa54eb6-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3 200 loc.js Show response
ar-state.com/js/ 100 KB
29 KB 27ms
25ms Script
application/javascript 104.21.44.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ar-state.com/js/loc.js

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f52156b6b6ed2413b975eda17f7056b676cb415555b24d1032f099cfc5c057d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /js/loc.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ar-state.com
referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3514802
cf-polished: origSize=102788
cf-cached-on: Sat, 31 Jul 2021 17:09:40 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 10 Aug 2021 20:02:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sut50s9JRYu0%2FYLWkFLMBtqnaY7xzE%2BR9VKHokOSm24K6CRjUpDG73W8KrPENOskza0YFcG8aLdcETYsBO7mcFA1u2DMzi0jeu%2FPngbcXPPykTAfOu2yo2KXlSPLbLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=315360000
cf-ray: 691b050fde9fc272-FRA
cf-bgj: minify

GET
H2 200 news-siteswithcontent-subscribe.js Show response
cdn.siteswithcontent.com/js/push/ 245 B
960 B 89ms
27ms Script
application/javascript 2606:4700:3032::6815:4529
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.siteswithcontent.com/js/push/news-siteswithcontent-subscribe.js
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4529 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71244774f573182024211e740b557d930bda762cb08ea79861f8b81e1b484338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1979
x-cached-since: 2021-08-20T11:19:01+00:00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: SVNA1QRXJNZQKSFH
x-amz-id-2: 0W+JQt4suiqp+pSJEsv3CgfYvPXoSjlzblsLUe6woMln9JlHSWGsa8MWlR0xgmOzfYM6t4xF1zg=
last-modified: Mon, 04 May 2020 12:18:12 GMT
server: cloudflare
etag: W/"e580ee4907b26673277b666ced16cd19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jz%2B28uKYSxicHUaYa8veas8NO12khu5DzCod5AeDx5ogbbpiELFu0%2ByffE7qDMJJcJxrCQQfnQ4AZpTBsNjI7vyDdK724O2WYGiSDm9iPDhDsl52avQXtbik0U98Nl%2Bwtnj8kWV6vH4deRDHYJBRzkKhZcNuM%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
cf-ray: 691b0510381cc290-FRA

GET
H3 200 video.js Show response
ar-state.com/js/ 6 KB
3 KB 19ms
17ms Script
application/javascript 104.21.44.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ar-state.com/js/video.js

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1045f21eee60c3c0d34e2d24263b806fa7f0c0ebe90e9ac9280bfc9fe4e1d059

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /js/video.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ar-state.com
referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242121
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 31 Aug 2019 19:17:17 GMT
server: cloudflare
etag: W/"5d6ac7bd-1651"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=og8GBzd6RyiAfmI3lM5opujGvarjC52JNd7nrRLQlPPUfkNOAhQdqPzj5qG4vziMqmCbhjAJKcGsIBEvpc89BU7ggITt%2Bvc6BgcBWykn3Qo1iAnl18nhqXfqpYW%2BkAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=315360000
cf-ray: 691b050fdea0c272-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frlist.info.831766.js Show response
jsc.mgid.com/f/r/ 2 KB
1 KB 58ms
19ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/r/frlist.info.831766.js
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 677e7710c9e6a088bbeb20a8616ec18b0189615f1d30912f21bb963351269086

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 1747
last-modified: Wed, 08 Sep 2021 12:43:53 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 59JK263411DTSVVG
x-amz-id-2: ahYwkJdzhIy7tApj8kuQeA/jfDCUyyXodCmVl3J67M2qvYdPmLzYCPwXgCCsveCVn50Znjk+nnw=
cf-bgj: minify
server: cloudflare
etag: W/"813d47c1101c9774f8358056f3299165"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 691b05101d800631-FRA
expires: Mon, 20 Sep 2021 15:22:31 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/hafbUjUodr4/ 22 KB
22 KB 94ms
66ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/hafbUjUodr4/mqdefault.jpg

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ee71a6ac7e6ef246a154e39e032248195d903fce384fe575fd805047458c9c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
x-content-type-options: nosniff
server: sffe
etag: "1552083455"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22047
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Sep 2021 14:22:31 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/_l4eLlF5Wv0/ 17 KB
17 KB 44ms
17ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_l4eLlF5Wv0/mqdefault.jpg

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

990c69b468cda306d4cb562b496935738cac581354d7838f3083c8cdbea07ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17537
x-xss-protection: 0
server: sffe
etag: "1531764101"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Sep 2021 14:22:31 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/ERApKPQkwb4/ 19 KB
19 KB 51ms
25ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ERApKPQkwb4/mqdefault.jpg

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ae04e759390c53a5f64f1e797553d6c435a4fe002e0b399a4833ae0985879be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
x-content-type-options: nosniff
server: sffe
etag: "1631737512"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19037
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Sep 2021 14:22:31 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/_IDqxb3V7iE/ 16 KB
17 KB 35ms
8ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_IDqxb3V7iE/mqdefault.jpg

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28b0d0f374c065a4dae81dd0dd069a4ebe7a54b56ac5f4287b95ee93b5013e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:14:48 GMT
x-content-type-options: nosniff
age: 463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16466
x-xss-protection: 0
server: sffe
etag: "1631798093"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Sep 2021 14:14:48 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/K2hU2PlssqI/ 16 KB
16 KB 37ms
11ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/K2hU2PlssqI/mqdefault.jpg

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

726470436f84d20fe35958e06099f28911b7d4df7f540e4823ede01a63ec0dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:17:53 GMT
x-content-type-options: nosniff
age: 278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16218
x-xss-protection: 0
server: sffe
etag: "1632035916"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Sep 2021 12:22:53 GMT

GET
H3 200 c.gif
ar-state.com/img/ 43 B
756 B 16ms
16ms Image
image/gif 104.21.44.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ar-state.com/img/c.gif

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.44.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /img/c.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ar-state.com
referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8547386
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cached-on: Fri, 23 Apr 2021 22:45:31 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
cf-request-id: 0aa74ab9d90000e0ae7899f000000001
last-modified: Sun, 13 Jun 2021 14:06:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=d5s%2Fxnb4DVzPXz80dtS8gjfGZu2LbaVxEsPf4075nw3YKnkMPp6lVFQBHXM7e1yDRxnqQu%2F1jDkV9M4ORafWoOZocB2v2vumGdiCf5ZmUUDtODM6LEL3NZgw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 691b050fdea3c272-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 315ms
14ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css?ver=4.9.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.css?ver=4.9.7
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 2364843
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e7338a2bcbd226cf3fa573c5d03a712e
accept-ranges: bytes
cf-ray: 691b0511ce104eb6-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700|Lato:400,700|Work+Sans:900|Montserrat:400,700|Open+Sans:800|Playfair+Display:400,700,900|Quicksand|Raleway:200,400,700|Roboto+Slab:400,700|Work+Sans:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,400italic,500,600,700,700italic,800,900|Lato:100,200,300,400,400italic,500,600,700,700italic,800,900|Montserrat:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:13:08 GMT
x-content-type-options: nosniff
age: 547763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 04:13:08 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 41ms
14ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 13:18:36 GMT
x-content-type-options: nosniff
age: 428635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 13:18:36 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 39ms
18ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 106965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 06:39:46 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/de_DE/ 3 KB
2 KB 27ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

433e11d06cb4daed2fe637e8b1ee574670a203b91aba875022de32249699909d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /eaF2e5HtmLBUi12kpXfFw==
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Sep 2021 12:35:23 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: QFHJmuk5oaQNe6ydu6xR2FpfpT2cRfTsvzbxYbSXAXX/SmAotJarkuVjiYs7MgTSKSxRhsYNGzgWmrd79lEUXQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 72ef9a37114cab83740ecdd81e9e996f
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 20 Sep 2021 12:22:31 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "2ae434ff98c3c8a70e83faca4d632553"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v11/ 46 KB
46 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v11/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:07:56 GMT
x-content-type-options: nosniff
age: 285275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47452
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 17:39:43 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 05:07:56 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 22:28:30 GMT
x-content-type-options: nosniff
age: 395641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 22:28:30 GMT

GET
H3 200 frlist.info.385488.js Show response
jsc.mgid.com/f/r/ Frame 1192 2 KB
1 KB 53ms
25ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/r/frlist.info.385488.js?t=202182012
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0347a3db95d6f5d12730923ed949ce6e1f58d151777b668e18c662fb1172dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 7089
last-modified: Wed, 08 Sep 2021 08:10:23 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 2A2FC6DB467WMD9Y
x-amz-id-2: WOXhZgLoG+AR/hGPLDZIIeemlvEzDRKjJR03lqTLHFN6X/opHMIKIwYedx6yK9gFJ9SeMHQPDZA=
cf-bgj: minify
server: cloudflare
etag: W/"e738593d7e56d8c56e9a562a51cd3eb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 691b05106bf7430f-FRA
expires: Mon, 20 Sep 2021 15:22:31 GMT

POST
H2 200 / Show response
m.uttclimber.com/ Frame DF35 97 KB
55 KB 179ms
44ms XHR
text/plain 185.156.202.211
AMBER-AS ---CLIEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.uttclimber.com/
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.156.202.211 , Belize, ASN56388 (AMBER-AS ---CLIENTS---, BZ),
Reverse DNS
Software: openresty /
Resource Hash: 07d33f7f85c431824e0aedf246db310297e46c71d2a059e956db705a58bb086b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
x-cache-date: Mon, 20 Sep 2021 12:21:43 GMT
x-cache: HIT
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
2 KB 49ms
27ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: ar-state.com
URL: https://ar-state.com/js/video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15f82c1390578d6d20727a3bb7191dc62d07b221005c34f191eddae4cfe0e21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Mon, 20 Sep 2021 12:22:31 GMT

GET
H3 200 frlist.info.831766.es6.js Show response
jsc.mgid.com/f/r/ 230 KB
65 KB 42ms
42ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/r/frlist.info.831766.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.831766.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb85e6c9339fd57ac2b70b6016d1e33cbc840b456c2c3cdf2e8aa1274ef5754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 1746
last-modified: Wed, 08 Sep 2021 12:43:53 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BN8ZM65S7C390KJM
x-amz-id-2: hKXgDDfH/+KJemhAqjTiHpZBbGPyLPojRQ8nXZZ0RTBtJpXr1W1mwaLbT8w7srq++hsrfYcGF/4=
cf-bgj: minify
server: cloudflare
etag: W/"6e635ffdc81c3310078247e7e3bd5149"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 691b0510ed1c430f-FRA
expires: Mon, 20 Sep 2021 15:22:31 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/de_DE/ 223 KB
66 KB 21ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js?hash=99eb908fa0537d22e36fe9862ab62dd9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62f849314da40bdf3e5b5da7f724060267d5426dfe02f06742883d23b7c8449f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Kmd83kr0N9VucSEBTry3Ng==
cross-origin-resource-policy: cross-origin
expires: Tue, 20 Sep 2022 10:37:14 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67000
x-fb-rlafr: 0
x-fb-debug: enZZb4MS/RTxHov7SPccBHn8sqev1VMdSBJfyb1y78myomDxdmRJYaSg/K/r6ADH1AS645RzP40J/KMJNbObAQ==
x-fb-trip-id: 686109401
x-fb-content-md5: e9c39a0cec75d241915ac44af9153922
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 20 Sep 2021 12:22:31 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d29a48b88acad79452fb115980ee32ab"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/5z4ktg-MnNo/ 13 KB
13 KB 310ms
9ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/5z4ktg-MnNo/mqdefault.jpg

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c8bdf0519dfc72837604481ee8f11ce3f382f5e9ef3b886d6f1bba4fecaeace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 11:26:23 GMT
x-content-type-options: nosniff
age: 3369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13291
x-xss-protection: 0
server: sffe
etag: "1630031917"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Sep 2021 13:26:23 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/d-7o9xYp7eE/ 5 KB
5 KB 309ms
8ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/d-7o9xYp7eE/mqdefault.jpg

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

929ab71386a66a9dd19de45ddbf0f4a25e757ae521cd898ba1722c27616044d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 11:09:07 GMT
x-content-type-options: nosniff
age: 4405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5241
x-xss-protection: 0
server: sffe
etag: "1363093034"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Sep 2021 13:09:07 GMT

GET
H2 200 subscribe.js Show response
cdn.siteswithcontent.com/js/push/ 4 KB
2 KB 316ms
15ms Script
application/javascript 2606:4700:3032::6815:4529
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.siteswithcontent.com/js/push/subscribe.js?t=1.2.6
Requested by: Host: cdn.siteswithcontent.com
URL: https://cdn.siteswithcontent.com/js/push/news-siteswithcontent-subscribe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4529 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62761d0cd40a9eeecb3d39dd4f289e55f1edf39e056b76431843fb640963ddcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Mon, 20 Sep 2021 12:22:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1938
x-cached-since: 2021-08-13T14:36:37+00:00
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: B4ERXET9JA0S90P0
x-amz-id-2: WkWr58OtU9rybtZZMxleXBS8bzQxLYWz1XsemspASA9uax+M8IMuA/v/Xx/PxpigRvanb0mREJg=
last-modified: Mon, 04 May 2020 12:18:12 GMT
server: cloudflare
etag: W/"189f6ddd0a08dd184bfe6cd4082874bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cky6z4kVqUDTkbWQw%2FC5ZqGhEE83FADUcooWaVw1cakTAuCO7XIaJfbCxzVN9O9RcmKOz5TK1GZ1bYlVFuG9N2ta%2FcLbfLh53I1Ta7m1eXPNAqDUsjAf7mf%2BuZbPcfgZ6IIIQXAHnpbhwtz00tss596MYubfNNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cache: HIT
cf-ray: 691b0512cbfcc290-FRA

GET
H3 200 frlist.info.385488.es6.js Show response
jsc.mgid.com/f/r/ Frame 1192 229 KB
64 KB 54ms
54ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/r/frlist.info.385488.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.385488.js?t=202182012
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7331b660b9bcb60fa85162ac7797c92b77a9babe6077ba124fc73f97db36526

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 6343
last-modified: Wed, 08 Sep 2021 08:10:23 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XX4MQKQSC019R1Q6
x-amz-id-2: PkxiGCeoTCU5tbX/ckMg4Fi04UlAblY/weNuDVlE46e6P4fX+UVF6kWi6wC3qpdJe2hCs/ibuSU=
cf-bgj: minify
server: cloudflare
etag: W/"92eed16ca377989cce4f763d4bf0d64d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 691b0510ed2c430f-FRA
expires: Mon, 20 Sep 2021 15:22:31 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/ 135 KB
44 KB 311ms
10ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16de1d7645521d4b2909a9590e266c6a19dd4992b357f984d05b8e0683245bae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 11:00:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 11:00:48 GMT

POST
H2 200 / Show response
m.uttclimber.com/ Frame 59D4 93 B
439 B 42ms
42ms XHR
text/plain 185.156.202.211
AMBER-AS ---CLIEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.uttclimber.com/
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.156.202.211 , Belize, ASN56388 (AMBER-AS ---CLIENTS---, BZ),
Reverse DNS
Software: openresty /
Resource Hash: 1576e64fcf23a50939a238dfee4ede2393e6a924a038b4a9192ed23908b49486

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
content-encoding
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 93

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 318ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 10:58:43 GMT
server: ESF
date: Mon, 20 Sep 2021 12:22:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Sep 2021 12:22:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
619 B 318ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 11:00:13 GMT
server: ESF
date: Mon, 20 Sep 2021 12:22:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Sep 2021 12:22:32 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
303 B 178ms
137ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&src_id=ar-state.com&cbuster=1632140552108120663662&uniqId=17d30&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&lu=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&sessionId=61487d08-1311c&pageView=1&pvid=17c032867ada178030a&site=441239&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.831766.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 691b0512fc2a0631-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 3 KB
3 KB 81ms
21ms Image
image/png 104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: HIT
age: 1246
cf-ray: 691b05133a404ed9-FRA
content-length: 2745
x-amz-id-2: zY++PgQGL2dBqzQgFkLcESWYtonZbngWjodaOB2RO9NnEUpHZajTf/olS/qnWdcupC29ECrhUAI=
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 587E9DN9Q6QCV21T
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/png
expires: Mon, 20 Sep 2021 16:22:32 GMT

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ Frame 1192 3 KB
3 KB 80ms
24ms Image
image/png 104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.385488.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: HIT
age: 1246
cf-ray: 691b05133a444ed9-FRA
content-length: 2745
x-amz-id-2: zY++PgQGL2dBqzQgFkLcESWYtonZbngWjodaOB2RO9NnEUpHZajTf/olS/qnWdcupC29ECrhUAI=
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 587E9DN9Q6QCV21T
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/png
expires: Mon, 20 Sep 2021 16:22:32 GMT

GET
H2 200 js-cookie-muidn Show response
c.mgid.com/ 65 B
258 B 146ms
145ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/js-cookie-muidn
Requested by: Host: cdn.siteswithcontent.com
URL: https://cdn.siteswithcontent.com/js/push/subscribe.js?t=1.2.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2d7a5db57a24b83c5374b385913deceb7431ded5039c62b3778d3fd5be61c16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 2cbb3868-042f-4419-b2ea-cae7fc88219c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 691b0512fc2d0631-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 frlist.info.831766.es6.js Show response
jsc.mgid.com/f/r/ Frame 59D4 230 KB
65 KB 47ms
47ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/r/frlist.info.831766.es6.js
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb85e6c9339fd57ac2b70b6016d1e33cbc840b456c2c3cdf2e8aa1274ef5754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
content-encoding: br
cf-cache-status: HIT
age: 1747
last-modified: Wed, 08 Sep 2021 12:43:53 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: BN8ZM65S7C390KJM
x-amz-id-2: hKXgDDfH/+KJemhAqjTiHpZBbGPyLPojRQ8nXZZ0RTBtJpXr1W1mwaLbT8w7srq++hsrfYcGF/4=
cf-bgj: minify
server: cloudflare
etag: W/"6e635ffdc81c3310078247e7e3bd5149"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 691b05131af7430f-FRA
expires: Mon, 20 Sep 2021 15:22:32 GMT

GET
H2 200 dgDHx-Gfoxw Show response
www.youtube-nocookie.com/embed/ Frame B786 55 KB
24 KB 75ms
73ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a479a1b28bb5008efb442bdef76661a640a46c3be4cff68c64a44ea4b054e1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube-nocookie.com
:scheme: https
:path: /embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ar-state.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Sep 2021 12:22:32 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to: {"group":"AZM8iraF8kvpPgkkYf7NfrxN7y50wX-O9sdgO44AY1Q0Xw3I5lf8_mKJYJs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraF8kvpPgkkYf7NfrxN7y50wX-O9sdgO44AY1Q0Xw3I5lf8_mKJYJs"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraF8kvpPgkkYf7NfrxN7y50wX-O9sdgO44AY1Q0Xw3I5lf8_mKJYJs"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+953; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
c.mgid.com/pv/ Frame 59D4 0
125 B 151ms
151ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&src_id=ar-state.com&cbuster=1632140552108120663662&uniqId=17d30&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&lu=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&sessionId=61487d08-1311c&pageView=1&pvid=17c032867ada178030a&site=441239&implVersion=11&dpr=1
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 691b05138d770631-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 www-player-webp.css
www.youtube-nocookie.com/s/player/d7a19ed1/ Frame B786 329 KB
45 KB 314ms
12ms Stylesheet
text/css 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/www-player-webp.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46352
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:43:09 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/www-embed-player.vflset/ Frame B786 201 KB
66 KB 319ms
18ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 16:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67291
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 19 Sep 2022 16:31:29 GMT

GET
H2 200 base.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame B786 2 MB
505 KB 329ms
29ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:40:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516948
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:40:11 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/fetch-polyfill.vflset/ Frame B786 8 KB
3 KB 328ms
27ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 10:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 19 Sep 2022 10:07:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B786 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 09:07:47 GMT
x-content-type-options: nosniff
age: 530085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 09:07:47 GMT

GET
H2 200 1 Show response
servicer.mgid.com/831766/ 5 KB
2 KB 93ms
63ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/831766/1?pv=5&src_id=ar-state.com&cbuster=1632140552385729289999&uniqId=17d30&niet=4g&nisd=false&jsv=es6&w=1085&h=202&wrongImageSize=1&cols=3&ref=&cxurl=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&lu=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&sessionId=61487d08-1311c&pageView=1&pvid=17c032867ada178030a&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.831766.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eca3be988ce294e34489ff74be4820d1d74a22fb67ad45f24687532599c246c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 691b05149f900631-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/385488/ 2 KB
1 KB 81ms
57ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/385488/1?w=300&h=152&wrongImageSize=1&cols=1&pv=5&src_id=ar-state.com&cbuster=1632140552390254612687&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&lu=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&sessionId=61487d08-1311c&pageView=0&pvid=17c032867ada178030a&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.385488.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea864f33f36a92165ed49249f2844f4599973aafed1652f3a596d8a704e2ddb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 691b05149f920631-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ Frame 1192 3 KB
3 KB 19ms
19ms Image
image/png 104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.385488.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: HIT
age: 1246
cf-ray: 691b0514fe284ed9-FRA
content-length: 2745
x-amz-id-2: zY++PgQGL2dBqzQgFkLcESWYtonZbngWjodaOB2RO9NnEUpHZajTf/olS/qnWdcupC29ECrhUAI=
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 587E9DN9Q6QCV21T
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/png
expires: Mon, 20 Sep 2021 16:22:32 GMT

GET
H2 200 steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 3 KB
3 KB 16ms
16ms Image
image/png 104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.831766.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: HIT
age: 1246
cf-ray: 691b05150e3a4ed9-FRA
content-length: 2745
x-amz-id-2: zY++PgQGL2dBqzQgFkLcESWYtonZbngWjodaOB2RO9NnEUpHZajTf/olS/qnWdcupC29ECrhUAI=
last-modified: Mon, 04 May 2020 12:16:55 GMT
server: cloudflare
etag: "7e16c555b09abddb8088e5bfca7a1cde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 587E9DN9Q6QCV21T
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/png
expires: Mon, 20 Sep 2021 16:22:32 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp
s-img.steepto.com/g/8164919/370x209/0x89x598x398/ 13 KB
13 KB 298ms
261ms Image
image/webp 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/8164919/370x209/0x89x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp?v=1632140552-2F2ZTPufO-r_r9UtqU8OFJ0IEd8poxXLvoJF1nkW3nU
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3a20513da7b356028234dd04edfe6aaceca4c2e3b242c9858ae5d4011962049

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 11:33:53 GMT
x-mg-request-uuid: a49daf56-bb72-4646-879c-9f39b6cbf313
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 691b05154c4142e7-FRA
content-length: 13078
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp
s-img.steepto.com/g/8164890/370x209/0x0x900x600/ 6 KB
6 KB 56ms
19ms Image
image/webp 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/8164890/370x209/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp?v=1632140552-LQx_BVFrWfEJgfl_mj6lcCeJMSVmlpXXd7jQTqOu8Eg
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53395926f571438977c98604cd01a4158461a0df47084d143753346ea480c2c9

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:08:32 GMT
x-mg-request-uuid: 26723817-efc2-4a8a-bd10-6161f2a680cc
age: 423972
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 691b05154c4342e7-FRA
content-length: 6140
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.steepto.com/g/8193526/370x209/0x26x798x532/ 10 KB
10 KB 288ms
259ms Image
image/webp 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/8193526/370x209/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1632140552-mTlbfMnR3xp97sZugQI0O4zkTxSLLC-TtV2haZXNxDI
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c60a4f204c8115c6abc0fdabf9b84d813e115e8c7b532f90ce3f8c5e864ecb

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 11:57:35 GMT
x-mg-request-uuid: 7dbcf8e3-947e-4903-8fea-cc73f835e8a2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 691b05154c4642e7-FRA
content-length: 10124
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.steepto.com/g/8193501/370x209/16x0x492x328/ 5 KB
6 KB 292ms
263ms Image
image/webp 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/8193501/370x209/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1632140552-530pq_U0KFYQaC_lKf6cIh15RZNWKPiiTJ6qxMcaF0I
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa1b9810c258b26172a8cfa92883e7f01972e984d5cd6231c7223db7ca425046

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 11:54:39 GMT
x-mg-request-uuid: b97f5ca8-ab75-4924-9d68-36cd5344d7fe
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 691b05154c4742e7-FRA
content-length: 5580
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.steepto.com/g/8164912/370x209/0x0x1081x720/ 8 KB
8 KB 289ms
260ms Image
image/webp 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/8164912/370x209/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1632140552-AQpllsmuE3ezcQtzP5vyggXGlwWHITFx_pOoe-R3TXc
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57d5704c49588934dae3bdf08b7e24f679b5b6540222c4340f3e1338b290bd96

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 11:11:14 GMT
x-mg-request-uuid: 0adb36d4-db39-4e15-9e2c-d29ca8f8e11e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 691b05154c4542e7-FRA
content-length: 8266
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA3LzEwMTkyNC84ZTAxZTBmM2QzZDNkZWRhMTRhYzVlYzAzZDRkNmVlNC5qcGc.webp
s-img.steepto.com/g/8193513/370x209/0x143x540x360/ 25 KB
25 KB 413ms
385ms Image
image/webp 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/8193513/370x209/0x143x540x360/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA3LzEwMTkyNC84ZTAxZTBmM2QzZDNkZWRhMTRhYzVlYzAzZDRkNmVlNC5qcGc.webp?v=1632140552-B5XOPoSxlkwyimP9sgJCOvD_DJFcJHIaCAA7mX4uOMM
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef9618b93193b300a54ee20a84cb55a61a34828e62c19c728c0bc4f1f96eb5d

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 11:18:18 GMT
x-mg-request-uuid: 24bbdaa4-76a8-44c2-a574-8b1b7949e8e6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 691b05154c4442e7-FRA
content-length: 25478
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0LzMwZmQ1YjY4MjRkMzAwYTdmODkzZmYwM2MyZWRkMGFmLmpwZWc.webp
s-img.steepto.com/g/8164916/370x209/150x0x1176x784/ 6 KB
6 KB 274ms
262ms Image
image/webp 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/8164916/370x209/150x0x1176x784/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0LzMwZmQ1YjY4MjRkMzAwYTdmODkzZmYwM2MyZWRkMGFmLmpwZWc.webp?v=1632140552-7ZxSXmqi-TZijGf3bvOM0xZCQOfQjstRRqaMbpcwzPA
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee9137e26eb239bb46619bf96eda0be32cd7a5e32f3570db68f1583027536b85

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 11:22:06 GMT
x-mg-request-uuid: c606255c-ae3f-4acb-9e34-12f0549cbfe2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 691b05154c3c42e7-FRA
content-length: 5762
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp
s-img.steepto.com/g/8193521/370x209/0x168x565x376/ 7 KB
7 KB 32ms
19ms Image
image/webp 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/8193521/370x209/0x168x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp?v=1632140552-z1XulGIIlYGExiZpdknMJERIBxEcX1FAbD39n8ruNnk
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf2ac69bacefd9ee4da68313966779ebfa97c246643f477cd3ae6fc349e82cbc

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:29:35 GMT
x-mg-request-uuid: 5dcde0a9-4e00-4980-995e-492b358be716
age: 274850
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 691b05154c3f42e7-FRA
content-length: 6750
server: cloudflare

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:49:36 GMT
x-content-type-options: nosniff
age: 412376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 17:49:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:03:18 GMT
x-content-type-options: nosniff
age: 548354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 04:03:18 GMT

GET
H2 200 i.js Show response
cm.steepto.com/ 130 B
273 B 162ms
136ms Script
application/javascript 104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.steepto.com/i.js?&cbuster=1632140552557521633209
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.385488.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:32 GMT
content-encoding: br
cf-cache-status: MISS
x-mg-request-uuid: 2e4f3914-0bcf-41d8-a477-705e24f7f8e7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 691b0515af8b4ed9-FRA
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.steepto.com/ Frame 06FF 19 B
108 B 273ms
265ms Script
application/javascript 104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.steepto.com/i-noref.js?cbuster=163214055257560404159
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.385488.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: MISS
x-mg-request-uuid: e5a4a5f7-973a-43a0-badb-b75a442f7df3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 691b0515af8c4ed9-FRA
content-length: 19
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 75ms
23ms Script
application/javascript 13.225.78.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.385488.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 13:52:01 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 167431
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ctFh5DPVLXRHh_Kwx0EMpa5Jos_qOz5M5SYHxMqzUQ3Yz-iWB2r71A==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp
s-img.steepto.com/g/8164919/370x209/0x89x598x398/ Frame 1192 13 KB
13 KB 206ms
206ms Image
image/webp 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/8164919/370x209/0x89x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp?v=1632140552-2F2ZTPufO-r_r9UtqU8OFJ0IEd8poxXLvoJF1nkW3nU
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.385488.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3a20513da7b356028234dd04edfe6aaceca4c2e3b242c9858ae5d4011962049

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:33:53 GMT
x-mg-request-uuid: a49daf56-bb72-4646-879c-9f39b6cbf313
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 691b0515ddb642e7-FRA
content-length: 13078
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp
s-img.steepto.com/g/8164890/370x209/0x0x900x600/ Frame 1192 6 KB
6 KB 27ms
27ms Image
image/webp 104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/8164890/370x209/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp?v=1632140552-LQx_BVFrWfEJgfl_mj6lcCeJMSVmlpXXd7jQTqOu8Eg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/r/frlist.info.385488.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53395926f571438977c98604cd01a4158461a0df47084d143753346ea480c2c9

Request headers

Referer: https://ar-state.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:08:32 GMT
x-mg-request-uuid: 26723817-efc2-4a8a-bd10-6161f2a680cc
age: 423972
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 691b0515ddba42e7-FRA
content-length: 6140
server: cloudflare

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=120&ns__t=1632140552675&ns_c=UTF-8&cv=3.5&c8=How%20to%20Spot%20the%203%20Fake%20ID%20Types!%20Bouncer%20Tips%202019&c7=https%3A%2F%2Far-state....
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1632140552675&ns_c=UTF-8&cv=3.5&c8=How%20to%20Spot%20the%203%20Fake%20ID%20Types!%20Bouncer%20Tips%202019&c7=https%3A%2F%2Far-state...

64 B
330 B

10ms
10ms

Image
image/gif

13.225.78.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1632140552675&ns_c=UTF-8&cv=3.5&c8=How%20to%20Spot%20the%203%20Fake%20ID%20Types!%20Bouncer%20Tips%202019&c7=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&c9=
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-28.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:32 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: FvqSrEj4uRMV2CFZWiemHjQ9qMQXxkxwUj_lDMvUWKLWVyMsYzw00w==

Redirect headers

date: Mon, 20 Sep 2021 12:22:32 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=120&ns__t=1632140552675&ns_c=UTF-8&cv=3.5&c8=How%20to%20Spot%20the%203%20Fake%20ID%20Types!%20Bouncer%20Tips%202019&c7=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&c9=
content-length: 263
x-amz-cf-id: fEQYfxD8xe_ful5SiLU5dwReaGCfCI6Fhdds1f3No4wXCowWPLQtdg==

GET
H2 200 GC1PfwOhCImT_zoi7oihu6FTBCosSrKGFvr6F_ELNkM.js Show response
www.google.com/js/th/ Frame B786 35 KB
14 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/GC1PfwOhCImT_zoi7oihu6FTBCosSrKGFvr6F_ELNkM.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182d4f7f03a1088993ff3a22ee88a1bba153042a2c4ab28616fafa17f10b3643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 08:23:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 359957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13274
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 08:23:15 GMT

GET
H2 200 embed.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame B786 24 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:43:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7340
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:43:10 GMT

POST
H2 200 player Show response
www.youtube-nocookie.com/youtubei/v1/ Frame B786 80 KB
20 KB 104ms
104ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1080f35feab026416eb03475f67e3f4878aefb3db7bddf577e7612aaf77d4ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210915.1.2
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Goog-Visitor-Id: CgtOc2xtenZTWElaNCiI-qGKBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 20 Sep 2021 12:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20306
x-xss-protection: 0
expires: Mon, 20 Sep 2021 12:22:33 GMT

GET
DATA 200
OK truncated
/ Frame B786 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTmxbPkEJfmAxh1Iq8_pjufWhD1AYnZIX5LHabn=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B786 2 KB
2 KB 50ms
26ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTmxbPkEJfmAxh1Iq8_pjufWhD1AYnZIX5LHabn=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7d632fd688f2aa19e5851200acad26dd047bf4712714e190f90e05ebb7cc61a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:33 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2041
x-xss-protection: 0
server: fife
etag: "v6e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 29 Aug 2021 09:21:29 GMT

GET
DATA 200
OK truncated
/ Frame B786 351 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cee9c59ce028a4e5fcfd480496d0a1ae481b475a21412247dfa6486ee057bad3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=029ee8aa-0f96-4dae-8e5b-36d0d910ba5f&ttl=1634732553

43 B
266 B

73ms
55ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=029ee8aa-0f96-4dae-8e5b-36d0d910ba5f&ttl=1634732553
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:33 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 56334de4-5215-4e6e-8fbe-066d7bc146ae
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 691b051998d50631-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:33 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=029ee8aa-0f96-4dae-8e5b-36d0d910ba5f&ttl=1634732553
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 204 generate_204
www.youtube-nocookie.com/ Frame B786 0
39 B 7ms
6ms Image
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?d0fAUw
Requested by: Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 qoe
www.youtube-nocookie.com/api/stats/ Frame B786 0
131 B 19ms
19ms Ping
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/api/stats/qoe?event=streamingstats&fmt=244&afmt=251&cpn=VhhI0461ZJEpLo5P&ei=CX1IYa8VmdfXAvq_t8AJ&el=embedded&docid=dgDHx-Gfoxw&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24084197%2C24096481%2C24101841%2C24102120&cl=397162147&seq=1&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20210915.1.2&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.007:B,0.166:B,0.166:B&cmt=0.007:0.000,0.166:0.000&ctmp=cc:t.158;useVodTrack&afs=0.165:251::i&vfs=0.166:244:244::r&view=0.166:1052:592&bwe=0.166:130000&bat=0.166:1:1&vis=0.166:0&bh=0.166:0.000

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:33 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5ednsl.googlevideo.com/ Frame B786 149 KB
150 KB 201ms
134ms XHR
video/webm 2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1632162153&ei=CX1IYa8VmdfXAvq_t8AJ&ip=2a01%3A4f8%3A212%3A78e%3A30%3A%3A1&id=o-AJohkmvZoIyZ8hbLSkgvXHptefmpm2AoPJTuCnzZgWXP&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=N7&mm=31%2C26&mn=sn-4g5ednsl%2Csn-5hne6nsd&ms=au%2Conr&mv=m&mvi=1&pl=51&initcwndbps=425000&vprv=1&mime=video%2Fwebm&ns=RPUW8QxUezSNnXD7cWoMzAEG&gir=yes&clen=16301723&dur=389.100&lmt=1626412824509237&mt=1632140228&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311222&n=fQZUsM5XzICqYw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgeWsKG90nNPbfg3zrK-gzRfZairia6ChEGAxhDOapl3sCIGudRr9cbKu_TZgzSndy0ZWYvn3rUe1M7sZL0lgX_xyD&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhALUV0ZT4D2cUQIJc2Tb8XFz3trvR-ILJA5Q_Oh0hidNaAiBmhnbxe3UKcIBqf4b0DLrBRfi1nXTYYu_kepSEWsfoqg%3D%3D&alr=yes&cpn=VhhI0461ZJEpLo5P&cver=1.20210915.1.2&range=0-152820&rn=1&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d5854b678660fd1bc2cc87ab41db74cd459c6b0e81e147ac5fed75891bcc25de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 12:22:33 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 152821
Last-Modified: Fri, 16 Jul 2021 05:20:24 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
X-Content-Type-Options: nosniff
Expires: Mon, 20 Sep 2021 12:22:33 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5ednsl.googlevideo.com/ Frame B786 65 KB
66 KB 96ms
30ms XHR
audio/webm 2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1632162153&ei=CX1IYa8VmdfXAvq_t8AJ&ip=2a01%3A4f8%3A212%3A78e%3A30%3A%3A1&id=o-AJohkmvZoIyZ8hbLSkgvXHptefmpm2AoPJTuCnzZgWXP&itag=251&source=youtube&requiressl=yes&mh=N7&mm=31%2C26&mn=sn-4g5ednsl%2Csn-5hne6nsd&ms=au%2Conr&mv=m&mvi=1&pl=51&initcwndbps=425000&vprv=1&mime=audio%2Fwebm&ns=RPUW8QxUezSNnXD7cWoMzAEG&gir=yes&clen=6398543&dur=389.141&lmt=1626409067874616&mt=1632140228&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311222&n=fQZUsM5XzICqYw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUO0-9fDyui0DcqGY2E3Ubyn8Nd_Kc4vi1dk6GDF8BC0CIExoc244wt7BJw0fCn1FxNmh-BOJurb2xQ2hZkFfQEPf&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhALUV0ZT4D2cUQIJc2Tb8XFz3trvR-ILJA5Q_Oh0hidNaAiBmhnbxe3UKcIBqf4b0DLrBRfi1nXTYYu_kepSEWsfoqg%3D%3D&alr=yes&cpn=VhhI0461ZJEpLo5P&cver=1.20210915.1.2&range=0-66461&rn=2&rbuf=0

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1544fe88c9ff2072e0238a518d2abdf218c1988f25caa56b67faf516b35fde68

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 12:22:33 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66462
Last-Modified: Fri, 16 Jul 2021 04:17:47 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Mon, 20 Sep 2021 12:22:33 GMT

GET
H2 200 remote.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame B786 95 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 259344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29920
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Sep 2022 12:20:09 GMT

GET
H2 200 captions.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame B786 63 KB
24 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9040a139631211e17470f010dbf75c22df174e015f73164cd7ccce019a132a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 01:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 299728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24378
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Sep 2022 01:07:05 GMT

GET
H2 200 endscreen.js Show response
www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame B786 26 KB
7 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b219c775b483ef8b92a2310b53c5066f2ccc661bf8126194efc49fa2febbe40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 00:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7110
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Sep 2022 00:06:23 GMT

POST
H2 200 next Show response
www.youtube-nocookie.com/youtubei/v1/ Frame B786 66 KB
5 KB 403ms
402ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8639d26110978ee093607c8c9d2a0f34692035e4189c2f54388cebb9a6be451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210915.1.2
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Goog-Visitor-Id: CgtOc2xtenZTWElaNCiI-qGKBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 20 Sep 2021 12:22:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4691
x-xss-protection: 0
expires: Mon, 20 Sep 2021 12:22:33 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/dgDHx-Gfoxw/ Frame B786 34 KB
35 KB 20ms
20ms Image
image/webp 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/dgDHx-Gfoxw/sddefault.webp

Requested by

Host: ar-state.com
URL: https://ar-state.com/v/lJipftyRe8uirNo/how-to.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e890a75152321f67d0d075759a700e62f4ae1485413523b56a1b6aafbd1fbd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:33 GMT
vary: Origin
server: sffe
x-content-type-options: nosniff
age: 0
etag: "1554348653"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35192
x-xss-protection: 0
expires: Mon, 20 Sep 2021 14:22:33 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B786 4 KB
3 KB 53ms
31ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 12:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Mon, 20 Sep 2021 12:22:33 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/93/ Frame B786 52 KB
15 KB 308ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/93/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 11:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15359
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 15:09:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 21 Sep 2021 11:29:26 GMT

GET
H2 200 comments.php
www.facebook.com/v3.2/plugins/ Frame 0895 0
0 43ms
27ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28a37271f0eec%26domain%3Dar-state.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Far-state.com%252Ff2ce811d6012948%26relation%3Dparent.parent&color_scheme=light&container_width=1021&height=100&href=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&locale=de_DE&numposts=20&order_by=reverse_time&sdk=joey&version=v3.2&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=99eb908fa0537d22e36fe9862ab62dd9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28a37271f0eec%26domain%3Dar-state.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Far-state.com%252Ff2ce811d6012948%26relation%3Dparent.parent&color_scheme=light&container_width=1021&height=100&href=https%3A%2F%2Far-state.com%2Fv%2FlJipftyRe8uirNo%2Fhow-to.html&locale=de_DE&numposts=20&order_by=reverse_time&sdk=joey&version=v3.2&width=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ar-state.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: fG2IZQr93bLQIWHU+LUHu613z0Rhw8mOUCBGDBu26TVboJ5VIdZA8DA61t4A6XybBs5ytxoQWBvO/+avxVoisw==
content-length: 0
date: Mon, 20 Sep 2021 12:22:33 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ar-state.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:19:08 GMT
x-content-type-options: nosniff
age: 259405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Sep 2022 12:19:08 GMT

GET
H2 200 push-event-counter
c.siteswithcontent.com/ 43 B
481 B 406ms
127ms Image
image/gif 64.58.116.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.siteswithcontent.com/push-event-counter?permission=default&domain=ar-state.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.58.116.142 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:33 GMT
x-mg-request-uuid: 02a5b574-9986-49aa-9518-fd90f98d1bf3
access-control-allow-methods: POST, OPTIONS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://ar-state.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: *
server: nginx

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5ednsl.googlevideo.com/ Frame B786 106 KB
107 KB 316ms
14ms XHR
video/webm 2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

41accf87da67573f910faf2d3f2aadca3aca13c6ab3f244ca7ac13ff6545a40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 12:22:33 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 108478
Last-Modified: Fri, 16 Jul 2021 05:20:24 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
X-Content-Type-Options: nosniff
Expires: Mon, 20 Sep 2021 12:22:33 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5ednsl.googlevideo.com/ Frame B786 70 KB
71 KB 128ms
127ms XHR
audio/webm 2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1632162153&ei=CX1IYa8VmdfXAvq_t8AJ&ip=2a01%3A4f8%3A212%3A78e%3A30%3A%3A1&id=o-AJohkmvZoIyZ8hbLSkgvXHptefmpm2AoPJTuCnzZgWXP&itag=251&source=youtube&requiressl=yes&mh=N7&mm=31%2C26&mn=sn-4g5ednsl%2Csn-5hne6nsd&ms=au%2Conr&mv=m&mvi=1&pl=51&initcwndbps=425000&vprv=1&mime=audio%2Fwebm&ns=RPUW8QxUezSNnXD7cWoMzAEG&gir=yes&clen=6398543&dur=389.141&lmt=1626409067874616&mt=1632140228&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311222&n=fQZUsM5XzICqYw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUO0-9fDyui0DcqGY2E3Ubyn8Nd_Kc4vi1dk6GDF8BC0CIExoc244wt7BJw0fCn1FxNmh-BOJurb2xQ2hZkFfQEPf&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhALUV0ZT4D2cUQIJc2Tb8XFz3trvR-ILJA5Q_Oh0hidNaAiBmhnbxe3UKcIBqf4b0DLrBRfi1nXTYYu_kepSEWsfoqg%3D%3D&alr=yes&cpn=VhhI0461ZJEpLo5P&cver=1.20210915.1.2&range=66462-137959&rn=4&rbuf=4139

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

dabce1fc11fedcb4fe912e7082b4222fdafe7781c99aaa29f6687701e62df84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 12:22:33 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 71498
Last-Modified: Fri, 16 Jul 2021 04:17:47 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Mon, 20 Sep 2021 12:22:33 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5ednsl.googlevideo.com/ Frame B786 286 KB
287 KB 112ms
112ms XHR
video/webm 2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d2b26fd409169389aac266c6ba5c11f9022ddaddbcf1b3a55e6dc77a3223b257

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 12:22:33 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 292717
Last-Modified: Fri, 16 Jul 2021 05:20:24 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
X-Content-Type-Options: nosniff
Expires: Mon, 20 Sep 2021 12:22:33 GMT

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5ednsl.googlevideo.com/ Frame B786 146 KB
147 KB 94ms
94ms XHR
audio/webm 2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1632162153&ei=CX1IYa8VmdfXAvq_t8AJ&ip=2a01%3A4f8%3A212%3A78e%3A30%3A%3A1&id=o-AJohkmvZoIyZ8hbLSkgvXHptefmpm2AoPJTuCnzZgWXP&itag=251&source=youtube&requiressl=yes&mh=N7&mm=31%2C26&mn=sn-4g5ednsl%2Csn-5hne6nsd&ms=au%2Conr&mv=m&mvi=1&pl=51&initcwndbps=425000&vprv=1&mime=audio%2Fwebm&ns=RPUW8QxUezSNnXD7cWoMzAEG&gir=yes&clen=6398543&dur=389.141&lmt=1626409067874616&mt=1632140228&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311222&n=fQZUsM5XzICqYw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgUO0-9fDyui0DcqGY2E3Ubyn8Nd_Kc4vi1dk6GDF8BC0CIExoc244wt7BJw0fCn1FxNmh-BOJurb2xQ2hZkFfQEPf&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhALUV0ZT4D2cUQIJc2Tb8XFz3trvR-ILJA5Q_Oh0hidNaAiBmhnbxe3UKcIBqf4b0DLrBRfi1nXTYYu_kepSEWsfoqg%3D%3D&alr=yes&cpn=VhhI0461ZJEpLo5P&cver=1.20210915.1.2&range=137960-287460&rn=6&rbuf=8654

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5aa6455859ae820ef35700d9d7e359171c0b768b115beb85fd22da4fd21f6a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 12:22:34 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 149501
Last-Modified: Fri, 16 Jul 2021 04:17:47 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
Expires: Mon, 20 Sep 2021 12:22:34 GMT

GET
H3 200 c
c.mgid.com/ Frame 1192 43 B
441 B 131ms
129ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=297|193|24|M8MvsEuSI6dr2Rb_tDxjR_9Io9zaYF9XWtWT6M2OLM5mG_Qk7vmWGRE87WVmSQFM&fw=1&extjs=66044&v=297|210|24|M8MvsEuSI6dr2Rb_tDxjRzQnnfjFvL4KSglTK2yioZFl9b2xZE7opk5cOuGiWFYK&cid=385488&h2=7ywtgWpG2GP42-PUHWDmXN1ucunlNoedV2F5ygVOwuQ*&rid=6e062d50-1a0d-11ec-800b-2cea7f875b01&tt=Direct&psid=ar-state.com&iv=10&pageImp=1&pvid=17c032867ada178030a&muid=l8kwzpzNvzm5&cbuster=1632140554055774582303&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:34 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 04c86b50-edcf-4410-ba79-eb9fa24fdaeb
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 691b051edef6430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 c
c.mgid.com/ 43 B
441 B 142ms
142ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=351|275|40|j9QuvQ6iMfoVk07LorTFzW5BaIvmjNm_KB6MgtEnKR0XKRaaxrwyUrcN3EwpezGF&fw=1&extjs=66044&v=351|275|8|j9QuvQ6iMfoVk07LorTFzYSKvM-SWF82gfpuDJ1ul3i4dSaEovo1G0-xIQx2MfMd&v=351|275|8|j9QuvQ6iMfoVk07LorTFzb290U4I-6D7DJfK52dwu96Gtq5QEbtCQtVxCL2EU8Ac&cid=831766&h2=7ywtgWpG2GP42-PUHWDmXN1ucunlNoedV2F5ygVOwuQ*&rid=6e0743ec-1a0d-11ec-ad96-d094662c24f7&tt=Direct&psid=ar-state.com&iv=11&pageImp=0&pvid=17c032867ada178030a&muid=l8kwzpzNvzm5&cbuster=1632140554057892776892&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ar-state.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 12:22:34 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4b12b205-37c3-43d6-aaa4-742a3ce1e404
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 691b051edef7430f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H/1.1 200
OK videoplayback Show response
r1---sn-4g5ednsl.googlevideo.com/ Frame B786 677 KB
678 KB 108ms
108ms XHR
video/webm 2a00:1450:4001:6a::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6a::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3cc50a5c1c84c10e91609289d1a1d7883a38f154a3305679ef44caf12f99208e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 12:22:34 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 692810
Last-Modified: Fri, 16 Jul 2021 05:20:24 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube-nocookie.com
X-Content-Type-Options: nosniff
Expires: Mon, 20 Sep 2021 12:22:34 GMT

POST
H2 200 log_event Show response
www.youtube-nocookie.com/youtubei/v1/ Frame B786 28 B
229 B 20ms
20ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/dgDHx-Gfoxw?enablejsapi=1&modestbranding=0&iv_load_policy=3&playsinline=1&autoplay=1&rel=0&color=white&theme=dark&showinfo=0&autohide=1&html5=1&origin=https%3A%2F%2Far-state.com&widgetid=1
X-YouTube-Client-Version: 1.20210915.1.2
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtOc2xtenZTWElaNCiI-qGKBg%3D%3D
X-YouTube-Ad-Signals: dt=1632140552655&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1052%2C592&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 20 Sep 2021 12:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 20 Sep 2021 12:22:35 GMT

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-19 21:22:22	Name: __cf_bm Value: jazhs1be5z0AAOgHUQ0NqX7zLV240eYd5ID.O5NQ8iA-1632140551-0-AeIz8p/eWAAEMPxJK63q6XT7mxb3bCg1UxM1+d3XP0sFEaKVgjLfxgFG2ct3wdqOeyh+aY4smUl2kvbkeRoGRDA=
ar-state.com/	1970-01-20 21:22:20	Name: watched Value: %5B%22dgDHx-Gfoxw%22%5D
ar-state.com/	1970-01-20 21:22:20	Name: wn Value: dgDHx-Gfoxw
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6Wt3WH36_Gs
.youtube.com/	1970-01-20 01:41:32	Name: VISITOR_INFO1_LIVE Value: N27kdxUem_Q
ar-state.com/	1970-01-25 07:39:25	Name: szm_log_id68 Value: nuW89/q8pLyq+6b9qqyn+K+nrf+q+Kv/vOPu
ar-state.com/	1970-01-31 11:09:00	Name: muidn Value: l8kwzpzNvzm5
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l8kwjQ7qE1m5
servicer.mgid.com/	1970-01-19 21:22:21	Name: __mglb Value: 2b804be0d04e992ad0d5ca78c8f32d46
ar-state.com/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C831766%22%3A%7B%22page%22%3A1%2C%22time%22%3A1632140552493%7D%2C%22C385488%22%3A%7B%22page%22%3A1%2C%22time%22%3A1632140552485%7D%7D
.scorecardresearch.com/	1970-01-20 14:39:08	Name: UID Value: 1FEQYFXD8XEFUL5SILU5DWg1632140553
.adsrvr.org/	1970-01-20 06:07:56	Name: TDID Value: 029ee8aa-0f96-4dae-8e5b-36d0d910ba5f
.adsrvr.org/	1970-01-20 06:07:56	Name: TDCPM Value: CAEYBSABKAIyCwiM4bvcgY_-ORAFOAE.
cm.mgid.com/	1970-01-19 22:05:32	Name: mg_sync Value: {"371158":1632140553}
c.siteswithcontent.com/	1970-01-25 20:31:23	Name: muidn Value: l8kxta6gv_m5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ar-state.com
c.mgid.com
c.siteswithcontent.com
cdn.siteswithcontent.com
cdn.steepto.com
cdnjs.cloudflare.com
cm.mgid.com
cm.steepto.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
i.ytimg.com
jsc.mgid.com
m.uttclimber.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
netdna.bootstrapcdn.com
r1---sn-4g5ednsl.googlevideo.com
s-img.steepto.com
sb.scorecardresearch.com
servicer.mgid.com
www.facebook.com
www.google.com
www.gstatic.com
www.youtube-nocookie.com
www.youtube.com
yt3.ggpht.com
104.19.135.78
104.19.135.80
104.19.139.80
104.21.44.254
13.225.78.28
13.248.242.197
185.156.202.211
2606:4700:3032::6815:4529
2606:4700::6810:125e
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:6a::6
2a00:1450:4001:801::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2016
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:831::200a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
64.58.116.142
00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8
07d33f7f85c431824e0aedf246db310297e46c71d2a059e956db705a58bb086b
0ae04e759390c53a5f64f1e797553d6c435a4fe002e0b399a4833ae0985879be
0c8bdf0519dfc72837604481ee8f11ce3f382f5e9ef3b886d6f1bba4fecaeace
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1045f21eee60c3c0d34e2d24263b806fa7f0c0ebe90e9ac9280bfc9fe4e1d059
1544fe88c9ff2072e0238a518d2abdf218c1988f25caa56b67faf516b35fde68
1576e64fcf23a50939a238dfee4ede2393e6a924a038b4a9192ed23908b49486
15f82c1390578d6d20727a3bb7191dc62d07b221005c34f191eddae4cfe0e21b
16de1d7645521d4b2909a9590e266c6a19dd4992b357f984d05b8e0683245bae
17c60a4f204c8115c6abc0fdabf9b84d813e115e8c7b532f90ce3f8c5e864ecb
182d4f7f03a1088993ff3a22ee88a1bba153042a2c4ab28616fafa17f10b3643
28b0d0f374c065a4dae81dd0dd069a4ebe7a54b56ac5f4287b95ee93b5013e9b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2f52156b6b6ed2413b975eda17f7056b676cb415555b24d1032f099cfc5c057d
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
34e55059b2641fbeb1905a7cfd7b69c3970670b962f45a1a12f3047591a49fbb
356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
3cc50a5c1c84c10e91609289d1a1d7883a38f154a3305679ef44caf12f99208e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae
41accf87da67573f910faf2d3f2aadca3aca13c6ab3f244ca7ac13ff6545a40f
433e11d06cb4daed2fe637e8b1ee574670a203b91aba875022de32249699909d
4c95d706475a153fe4bc12a4aae383e5bf845cba076d95d76f413f51424802ee
4ee71a6ac7e6ef246a154e39e032248195d903fce384fe575fd805047458c9c7
53395926f571438977c98604cd01a4158461a0df47084d143753346ea480c2c9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
57d5704c49588934dae3bdf08b7e24f679b5b6540222c4340f3e1338b290bd96
5aa6455859ae820ef35700d9d7e359171c0b768b115beb85fd22da4fd21f6a49
62761d0cd40a9eeecb3d39dd4f289e55f1edf39e056b76431843fb640963ddcd
62f849314da40bdf3e5b5da7f724060267d5426dfe02f06742883d23b7c8449f
677e7710c9e6a088bbeb20a8616ec18b0189615f1d30912f21bb963351269086
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7099a2273add53eb39c829e4f35d6847aa949fc597badfdef4cf00602cc01f2c
70b36f21287eb023a9da87936acd63e1ad0750781e2539b15247c2c4a6ddea5e
71244774f573182024211e740b557d930bda762cb08ea79861f8b81e1b484338
726470436f84d20fe35958e06099f28911b7d4df7f540e4823ede01a63ec0dca
7d632fd688f2aa19e5851200acad26dd047bf4712714e190f90e05ebb7cc61a4
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9040a139631211e17470f010dbf75c22df174e015f73164cd7ccce019a132a1b
929ab71386a66a9dd19de45ddbf0f4a25e757ae521cd898ba1722c27616044d9
990c69b468cda306d4cb562b496935738cac581354d7838f3083c8cdbea07ce5
9ef9618b93193b300a54ee20a84cb55a61a34828e62c19c728c0bc4f1f96eb5d
a0347a3db95d6f5d12730923ed949ce6e1f58d151777b668e18c662fb1172dcd
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
a479a1b28bb5008efb442bdef76661a640a46c3be4cff68c64a44ea4b054e1a7
a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b219c775b483ef8b92a2310b53c5066f2ccc661bf8126194efc49fa2febbe40d
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
b2d7a5db57a24b83c5374b385913deceb7431ded5039c62b3778d3fd5be61c16
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb85e6c9339fd57ac2b70b6016d1e33cbc840b456c2c3cdf2e8aa1274ef5754d
c1080f35feab026416eb03475f67e3f4878aefb3db7bddf577e7612aaf77d4ac
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cee9c59ce028a4e5fcfd480496d0a1ae481b475a21412247dfa6486ee057bad3
cf2ac69bacefd9ee4da68313966779ebfa97c246643f477cd3ae6fc349e82cbc
d2b26fd409169389aac266c6ba5c11f9022ddaddbcf1b3a55e6dc77a3223b257
d5854b678660fd1bc2cc87ab41db74cd459c6b0e81e147ac5fed75891bcc25de
d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8639d26110978ee093607c8c9d2a0f34692035e4189c2f54388cebb9a6be451
dabce1fc11fedcb4fe912e7082b4222fdafe7781c99aaa29f6687701e62df84e
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e120c901fa79ebc3ba0290c9b2b4dfbb3b906f99295e78fe56abc4999ccf3191
e3a20513da7b356028234dd04edfe6aaceca4c2e3b242c9858ae5d4011962049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e890a75152321f67d0d075759a700e62f4ae1485413523b56a1b6aafbd1fbd0d
ea864f33f36a92165ed49249f2844f4599973aafed1652f3a596d8a704e2ddb3
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
eca3be988ce294e34489ff74be4820d1d74a22fb67ad45f24687532599c246c0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee9137e26eb239bb46619bf96eda0be32cd7a5e32f3570db68f1583027536b85
f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c
f7331b660b9bcb60fa85162ac7797c92b77a9babe6077ba124fc73f97db36526
f842bac894347b588d99240059fcecfc38ef23f43b22f99ad1fbcf4332ca9056
fa1b9810c258b26172a8cfa92883e7f01972e984d5cd6231c7223db7ca425046

ar-state.com Open in urlscan Pro 104.21.44.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

65 %IPv6

19 Domains

28 Subdomains

23 IPs

4 Countries

3310 kBTransfer

6554 kBSize

15 Cookies

10 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ar-state.com Open in urlscan Pro
104.21.44.254 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

65 %
IPv6

19
Domains

28
Subdomains

23
IPs

4
Countries

3310 kB
Transfer

6554 kB
Size

15
Cookies

98 HTTP transactions
2 data transactions