urlscan.io logo urlscan.io
SecurityTrails logo

ronny-simon-milb.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2ee0  Public Scan

Go To Rescan Add Verdict Report
URL: https://ronny-simon-milb.pages.dev/
Submission Tags: @ecarlesi threat malware x332 Search All
Submission: On January 12 via api from IT — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 31 HTTP transactions. The main IP is 2606:4700:310c::ac42:2ee0, located in and belongs to CLOUDFLARENET, US. The main domain is ronny-simon-milb.pages.dev.
TLS certificate: Issued by WE1 on November 14th 2025. Valid for: 3 months.
This is the only time ronny-simon-milb.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:310c::ac42:2ee0 (None, )

ASN13335 (CLOUDFLARENET, US)
ronny-simon-milb.pages.dev
1    2606:4700:3033::6815:15a7 (None, )

ASN13335 (CLOUDFLARENET, US)
mtevor.com
1    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tse1.mm.bing.net
4    2606:4700:310c::ac42:2c87 (None, )

ASN13335 (CLOUDFLARENET, US)
adxpy.pages.dev
7    2607:f8b0:4004:c0b::5b (Washington, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)
walletblossomendanger.com
2    2607:f8b0:4004:c08::9a (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4004:c1b::94 (Washington, United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2607:f8b0:4004:c27::77 (Washington, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2607:f8b0:4004:c21::84 (Washington, United States)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2607:f8b0:4004:c0b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4004:c07::67 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
Apex Domain
Subdomains		 Transfer
8 pages.dev
ronny-simon-milb.pages.dev
adxpy.pages.dev
25 KB
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 90 Failed
930 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
static.doubleclick.net — Cisco Umbrella Rank: 269
664 B
3 walletblossomendanger.com
walletblossomendanger.com
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
55 KB
2 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 301
311 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
22 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 294
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 104
48 KB
1 bing.net
tse1.mm.bing.net — Cisco Umbrella Rank: 2698
21 KB
1 mtevor.com
mtevor.com
3 KB
31 11
Domain Requested by
7 www.youtube.com ronny-simon-milb.pages.dev
mtevor.com
www.youtube.com
4 adxpy.pages.dev mtevor.com
ronny-simon-milb.pages.dev
adxpy.pages.dev
4 ronny-simon-milb.pages.dev ronny-simon-milb.pages.dev
3 walletblossomendanger.com adxpy.pages.dev
2 jnn-pa.googleapis.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 www.google.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 tse1.mm.bing.net ronny-simon-milb.pages.dev
1 mtevor.com ronny-simon-milb.pages.dev
31 14
Subject Issuer Validity Valid
ronny-simon-milb.pages.dev
WE1		 2025-11-14 -
2026-02-12		 3 months crt.sh
mtevor.com
WE1		 2025-11-29 -
2026-02-27		 3 months crt.sh
*.mm.bing.net
Microsoft Azure RSA TLS Issuing CA 07		 2025-10-19 -
2026-04-17		 6 months crt.sh
adxpy.pages.dev
WE1		 2025-12-07 -
2026-03-07		 3 months crt.sh
*.google.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.gstatic.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
walletblossomendanger.com
R13		 2025-12-10 -
2026-03-10		 3 months crt.sh
*.doubleclick.net
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
edgestatic.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
*.googleusercontent.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh
upload.video.google.com
WR2		 2025-12-03 -
2026-02-25		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://ronny-simon-milb.pages.dev/
Frame ID: 39C5A457281188D9083AA54874B0EBEE
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Frame ID: D5B16C82AE3EF29DE30F5EF8083F9E0E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Frame ID: 82D925B729ABC244E7CAA5A68C7E0BB1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ronny Simon MiLB: The Rise & Future Star Potential | Ronny Simon Milb

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

31
Requests

94 %
HTTPS

93 %
IPv6

11
Domains

14
Subdomains

15
IPs

2
Countries

1109 kB
Transfer

4003 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ronny-simon-milb.pages.dev/ 		29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ronny-simon-milb.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2ee0 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ddaee5a6e09111dc2511e19dfcf14acd0b74cbab1cef4422d90a54b9eefbc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
9bcf08a28baa8c89-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 12 Jan 2026 19:24:22 GMT
etag
W/"94f549cb643962e428041fa0f8f54caf"
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=37p%2BRznZDUTkSYxvyNqtjMad6qrRJCGfeKi0yE6FjuWOeZ2dpb%2BSUwuWd%2BO8MnjIS3nNpoJzByZiEjI4vVw7%2Fr1EkRYurGwoOZ1dtYuDvyFM29MrURz8bgcJyGIKaiCs%2FSeqHNTQ"}]}
server
cloudflare
server-timing
cfExtPri
vary
accept-encoding
x-content-type-options
nosniff
stylesheet.a482bf00fa5c046040ef7973ad5fdf5657890cacb596c93f1382f664ca542074.css
ronny-simon-milb.pages.dev/assets/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ronny-simon-milb.pages.dev/assets/css/stylesheet.a482bf00fa5c046040ef7973ad5fdf5657890cacb596c93f1382f664ca542074.css
Requested by
Host: ronny-simon-milb.pages.dev
URL: https://ronny-simon-milb.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2ee0 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a482bf00fa5c046040ef7973ad5fdf5657890cacb596c93f1382f664ca542074
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://ronny-simon-milb.pages.dev
Referer
https://ronny-simon-milb.pages.dev/

Response headers

content-encoding
br
etag
W/"53e05fd175c1632d3f6826cdf1c8006d"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AU495IpYTo7RDZt%2BBj9y%2B0ECa4e40gqLzZ5T7P6Cl6qbAvYCjrAUmbYSGrHe%2BXLvlLd23Ygzb%2Fi8E%2BkdmEhOALuvlGiQ5ee%2F%2BAOvdxYnFPZP995%2F3o6KaWUqSip8uHf459UP6eAB"}]}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 12 Jan 2026 19:24:22 GMT
content-type
text/css; charset=utf-8
vary
accept-encoding
priority
u=0,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
9bcf08a32c428c89-EWR
access-control-allow-origin
*
server
cloudflare
pages-dev.js
mtevor.com/hg/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mtevor.com/hg/pages-dev.js
Requested by
Host: ronny-simon-milb.pages.dev
URL: https://ronny-simon-milb.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:15a7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ac7a1de2c648120d1715dc383b9c0c4ade765039bd7668551d07bdaea6cc0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
589015
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wmoCx7gZUjQ5s7Sfxuopvy0ZZ5ftChj1C5CWFv1Ix4DXxgMv1aiQ7ikdBWDBV%2FWEUKPc%2B1gvNsMIRPLBkLWLksu3fOATf4%2BkOCnpDUXXlV0NTFp2hkw%3D"}]}
cf-ray
9bcf08a3bd505ed0-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 12 Jan 2026 19:24:23 GMT
content-type
application/javascript
last-modified
Mon, 05 Jan 2026 23:47:27 GMT
server
cloudflare
priority
u=1,i=?0
vary
accept-encoding
th
tse1.mm.bing.net/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=ronny%20simon%20milb&w=720&h=405&c=5&rs=1&p=0
Requested by
Host: ronny-simon-milb.pages.dev
URL: https://ronny-simon-milb.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
bcdee3821499881f27062f5feb6c24de1a08ab7b067a68b93c3e0ef4bb095e5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

cache-control
public, max-age=5184000
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
httpcacheability
4
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 29A97CDA9E23486582AE815AAB0EAA11 Ref B: PHL30EDGE0122 Ref C: 2026-01-12T19:24:23Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=nadatio"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-length
21080
date
Mon, 12 Jan 2026 19:24:23 GMT
content-type
image/jpeg
x-powered-by
ASP.NET
access-control-allow-headers
*
adx-mainstream.json
adxpy.pages.dev/ 		1 KB
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adxpy.pages.dev/adx-mainstream.json
Requested by
Host: mtevor.com
URL: https://mtevor.com/hg/pages-dev.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e271f9647224dc6604cf3842071d13541c70c9f0747790104c024a52865bcb85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

content-encoding
br
etag
W/"6abedca1fb1f51c6f871f08ca6c2d5ed"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oBOLVGqXgd1JEdZALZ9VpoGyYKjRtBJviJNkk6xIm5KYT8Z8UOzYDVlmIxwZSxEM%2BwhVtZtVAdEWOwATz%2BY8vnvtv1sk2sq%2Bx%2FpABjj3b%2FLGh6wc0fHqwPjXYg%3D%3D"}]}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 12 Jan 2026 19:24:23 GMT
content-type
application/json
vary
accept-encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
9bcf08a48cb16c9b-EWR
access-control-allow-origin
*
server
cloudflare
Lb4Safok7_U
www.youtube.com/embed/ Frame D5B1 		0
0
Lb4Safok7_U
www.youtube.com/embed/ Frame 82D9 		118 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Requested by
Host: mtevor.com
URL: https://mtevor.com/hg/pages-dev.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
319a003907917726592e76ad6319a1b3a93d456a464b78e5f0e8fea2242875e8
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-eval' 'self' 'unsafe-inline' https://www.google.com https://apis.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://*.youtube.com https://*.google.com https://*.gstatic.com https://youtube.com https://www.youtube.com https://google.com https://*.doubleclick.net https://*.googleapis.com https://www.googleadservices.com https://tpc.googlesyndication.com https://www.youtubekids.com https://www.youtube-nocookie.com https://www.youtubeeducation.com https://www-onepick-opensocial.googleusercontent.com;report-uri https://csp.withgoogle.com/csp/youtube_main/allowlist require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ronny-simon-milb.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
script-src 'unsafe-eval' 'self' 'unsafe-inline' https://www.google.com https://apis.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.googletagmanager.com https://www.google-analytics.com https://*.youtube.com https://*.google.com https://*.gstatic.com https://youtube.com https://www.youtube.com https://google.com https://*.doubleclick.net https://*.googleapis.com https://www.googleadservices.com https://tpc.googlesyndication.com https://www.youtubekids.com https://www.youtube-nocookie.com https://www.youtubeeducation.com https://www-onepick-opensocial.googleusercontent.com;report-uri https://csp.withgoogle.com/csp/youtube_main/allowlist require-trusted-types-for 'script'
content-security-policy-report-only
report-uri https://csp.withgoogle.com/csp/youtube_main/strict;base-uri 'self';object-src 'none';script-src 'report-sample' 'nonce-RPlfUC0yHDyU6r5OCqcpXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Jan 2026 19:24:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 AiDEBptUfVeO93q48VdVMe/ubupazdAl8AaHP+NBzdnW8quUcHdzJUyGSfrmtpKJu7EOvwRp9ug2rEo3XU+WMAMAAAB2eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJEZXZpY2VCb3VuZFNlc3Npb25DcmVkZW50aWFsczIiLCJleHBpcnkiOjE3NzQzMTA0MDAsImlzU3ViZG9tYWluIjp0cnVlfQ== ApTXX1w2dkJZuuxlV9csQYg+9ZVXekg+mOu8mS9vb7/V2oeMLKqGC8blgR6ech+eqbhGAgLKPthyai7z89MdTAgAAACLeyJvcmlnaW4iOiJodHRwczovL3d3dy55b3V0dWJlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRG9jdW1lbnRQb2xpY3lJbmNsdWRlSlNDYWxsU3RhY2tzSW5DcmFzaFJlcG9ydHMiLCJleHBpcnkiOjE3NDk1MTM2MDAsImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
magic.js
adxpy.pages.dev/ 		671 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adxpy.pages.dev/magic.js
Requested by
Host: mtevor.com
URL: https://mtevor.com/hg/pages-dev.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26277e44f2fe29283a55a632166f8a45dd1407a0970c13e08287406f94a0772
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

content-encoding
br
etag
W/"c49d59185af245830cb91e4818c56238"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mJJL0VA2qkuanGhMqOODeuFS1%2FKoL5lLZSNplIe2tZC5BrMW4QjoUdvXKF7ASVES3ranGLXiCwcysZnud9NIst7hbZ3IZzaORywfE13iObZuiVQPShRxQgxPZg%3D%3D"}]}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 12 Jan 2026 19:24:23 GMT
content-type
application/javascript
vary
accept-encoding
priority
u=3,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
9bcf08a548539e04-EWR
access-control-allow-origin
*
server
cloudflare
arrow-up.gif
adxpy.pages.dev/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adxpy.pages.dev/arrow-up.gif
Requested by
Host: ronny-simon-milb.pages.dev
URL: https://ronny-simon-milb.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8794063dced5ec3d5035d4fd6e7cce885671224284469fe85e7b392a0fabf0a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

etag
"abc38753b71c3201854a4e8b3ffdce52"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=H0Qe%2FEPRAvGpY9uErUTdH2QCAA0siIfVSS3Hmyi2M9vBVtLZs3dbHfil58aE%2F%2FID30dCkrlzFJjWiIJvNfPlDwLHQeQsVpsDCMphCwS1QS4LdXQdE9SNCNTA3A%3D%3D"}]}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 12 Jan 2026 19:24:23 GMT
content-type
image/gif
vary
accept-encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
9bcf08a558559e04-EWR
access-control-allow-origin
*
content-length
4491
server
cloudflare
ads.js
adxpy.pages.dev/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adxpy.pages.dev/ads.js
Requested by
Host: adxpy.pages.dev
URL: https://adxpy.pages.dev/magic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81496c62f33c7090e09cd8ea1d016980fc4432fb6ca00450ccea59b926daa7e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

content-encoding
br
etag
W/"1bc4a8b41519c6fae69917cf3ea9f576"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=w5%2BSAYMfM65vggVwomTxnWk%2BeBinfqPD%2FTCvs6JyBCWrNenKpBWDhmPwi%2FOfsEWfqb6yptJ6jKaOkZBXoBUAY5PEyQ1O%2FcRc4IqhAcA8u9yKfEFgMA15Ulyt8A%3D%3D"}]}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 12 Jan 2026 19:24:23 GMT
content-type
application/javascript
vary
accept-encoding
priority
u=3,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
9bcf08a5a89d9e04-EWR
access-control-allow-origin
*
server
cloudflare
www-player.css
www.youtube.com/s/player/b75a8e80/ Frame 82D9 		512 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b75a8e80/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644559b7590cf725119fd0ab8ed45a236d0faf9751693abb303038d7c349d2b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0

Response headers

content-encoding
br
age
91
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 12 Jan 2027 19:22:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 19:22:52 GMT
last-modified
Wed, 07 Jan 2026 05:32:47 GMT
content-type
text/css
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
60382
x-xss-protection
0
server
sffe
embed.js
www.youtube.com/s/player/b75a8e80/player_ias.vflset/en_US/ Frame 82D9 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b75a8e80/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b187395ab221b37acb18539589c78af6292f85466f0e019b486918c4c388296f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0

Response headers

content-encoding
br
age
115
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 12 Jan 2027 19:22:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 19:22:28 GMT
last-modified
Wed, 07 Jan 2026 05:32:47 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
9439
x-xss-protection
0
server
sffe
www-embed-player-es6.js
www.youtube.com/s/embeds/390179f0/www-embed-player-es6.vflset/ Frame 82D9 		335 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/embeds/390179f0/www-embed-player-es6.vflset/www-embed-player-es6.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74479581b907c82abd5ffe8962866dbc01d03b941886cea43fdaed71f1ea5c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0

Response headers

content-encoding
br
age
330
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 12 Jan 2027 19:18:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 19:18:53 GMT
last-modified
Fri, 09 Jan 2026 20:09:06 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
105490
x-xss-protection
0
server
sffe
base.js
www.youtube.com/s/player/b75a8e80/player_ias.vflset/en_US/ Frame 82D9 		3 MB
672 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b75a8e80/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e2a057f95bfae35c12f9c491d371245ab5b3540eb3b956032a63a92e99924d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0

Response headers

content-encoding
br
age
2634
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 12 Jan 2027 18:40:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 18:40:29 GMT
last-modified
Wed, 07 Jan 2026 05:32:47 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
687881
x-xss-protection
0
server
sffe
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v48/ Frame 82D9 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Origin
https://www.youtube.com
Referer
https://www.youtube.com/

Response headers

age
260729
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 09 Jan 2027 18:58:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 09 Jan 2026 18:58:54 GMT
last-modified
Thu, 29 May 2025 23:30:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
c64aa11db612c16c65959b87a44dac81.js
walletblossomendanger.com/c6/4a/a1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://walletblossomendanger.com/c6/4a/a1/c64aa11db612c16c65959b87a44dac81.js
Requested by
Host: adxpy.pages.dev
URL: https://adxpy.pages.dev/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

accept-ch
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time
1
Connection
keep-alive
access-control-allow-origin
*
Content-Length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 12 Jan 2026 19:24:23 GMT
Content-Type
application/javascript
Host
walletblossomendanger.com
Server
nginx/1.21.6
c207ec84c2456af201cc563cadc36c46.js
walletblossomendanger.com/c2/07/ec/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://walletblossomendanger.com/c2/07/ec/c207ec84c2456af201cc563cadc36c46.js
Requested by
Host: adxpy.pages.dev
URL: https://adxpy.pages.dev/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

accept-ch
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time
1
Connection
keep-alive
access-control-allow-origin
*
Content-Length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 12 Jan 2026 19:24:23 GMT
Content-Type
application/javascript
Host
walletblossomendanger.com
Server
nginx/1.21.6
id
googleads.g.doubleclick.net/pagead/ Frame 82D9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Protocol
H3
Server
2607:f8b0:4004:c08::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
462be5af37b2b7e0802668d183aee103e5159d0f3d62117502782195ff2eada6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 12 Jan 2026 19:24:24 GMT
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
content-length
120
x-xss-protection
0
server
cafe

Redirect headers

x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 12 Jan 2026 19:24:24 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
content-length
0
x-xss-protection
0
server
cafe
ad_status.js
static.doubleclick.net/instream/ Frame 82D9 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/embeds/390179f0/www-embed-player-es6.vflset/www-embed-player-es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::94 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

age
462
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Mon, 12 Jan 2026 19:31:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 19:16:42 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
content-type
text/javascript
cache-control
public, max-age=900
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
29
x-xss-protection
0
server
sffe
remote.js
www.youtube.com/s/player/b75a8e80/player_ias.vflset/en_US/ Frame 82D9 		122 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b75a8e80/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b75a8e80/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b217b8239fb9a5b54bc86b39dc4c910bcc2236af92de2332d93b72ea0e1ef7db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0

Response headers

content-encoding
br
age
903
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Tue, 12 Jan 2027 19:09:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 19:09:21 GMT
last-modified
Wed, 07 Jan 2026 05:32:47 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
36089
x-xss-protection
0
server
sffe
maxresdefault.webp
i.ytimg.com/vi_webp/Lb4Safok7_U/ Frame 82D9 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/Lb4Safok7_U/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c27::77 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5de53052c85d421a132310188b0a0821fe6c29150b8b47ba7440bb4a2f9f1980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

cache-control
public, max-age=7200
etag
"1760539969"
cross-origin-resource-policy
cross-origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Mon, 12 Jan 2026 21:24:24 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
48216
date
Mon, 12 Jan 2026 19:24:24 GMT
x-xss-protection
0
content-type
image/webp
vary
Origin
server
sffe
truncated
/ Frame 82D9 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
578TGvUlPWEK2VuwicPKmXAxTcoim2AR3AWpJKf95Iv5i375BFRHDu7vHlqrpMYihG8XtxojGQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 82D9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/578TGvUlPWEK2VuwicPKmXAxTcoim2AR3AWpJKf95Iv5i375BFRHDu7vHlqrpMYihG8XtxojGQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
43c5e44a20becc957cfe9a1bc0f78cf6d46b1333cdda23023effea49aa296470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
0
x-content-type-options
nosniff
expires
Tue, 13 Jan 2026 19:24:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 19:24:24 GMT
content-disposition
inline;filename="channels4_profile.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
3117
x-xss-protection
0
server
fife
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 82D9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b75a8e80/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
x-content-type-options
nosniff
expires
Mon, 12 Jan 2026 19:24:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 19:24:24 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="cloudview"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
accept-ranges
bytes
content-length
2007
x-xss-protection
0
server
sffe
cast_sender.js
www.gstatic.com/eureka/clank/143/ Frame 82D9 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/143/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccec0c86cc7f2a5a86158c88b6085c3283e9fd84606316097b8b1153471305aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
age
55572
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
x-content-type-options
nosniff
expires
Tue, 13 Jan 2026 03:58:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 03:58:12 GMT
last-modified
Mon, 27 Oct 2025 15:03:43 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
accept-ranges
bytes
content-length
13379
x-xss-protection
0
server
sffe
favicon.svg
ronny-simon-milb.pages.dev/ 		1 KB
1009 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ronny-simon-milb.pages.dev/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2ee0 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4183fc50d0ecbe4f28d32f897b93b712a6e90df092b0b5d921b51ce9da6931ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

content-encoding
br
etag
W/"c32bf1839a02c28417636e2fbfe32b83"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=JEOtZOl3FQnfOfarRqxhoC8k8pArixRJE9Yj93taQLD7tQjvRVMafxoD8OhJx6J7S46MqSpOkUdtOXh5p36vGrptbyxlAtqemNiKozZ%2Ffb%2FMLaENFvtyoFzC%2BM3FlPW2cmSZpGeH"}]}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 12 Jan 2026 19:24:24 GMT
content-type
image/svg+xml
vary
accept-encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
9bcf08ae7ece8c89-EWR
access-control-allow-origin
*
server
cloudflare
favicon.ico
ronny-simon-milb.pages.dev/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ronny-simon-milb.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2ee0 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
706553d734db9b8283c014e12b51c9ff7f1e07b0fe100b0055361161be7cf070
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

content-encoding
br
etag
W/"63a5a84e901949b11e19d80d43b52523"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NrLduvEP9OuQHOkpOfRXmcbJFFNzKki3uwtHQDbnpShumS%2F9q7JoiEciycvN4F2Vr0LQiYAJAm6Iug%2Fe6qJu11YLUFaXjv7NzamWE6euGHcA8dIs0VQxjaLNK%2BCVJ%2FkxRDEVp0Im"}]}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 12 Jan 2026 19:24:24 GMT
content-type
image/vnd.microsoft.icon
vary
accept-encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
9bcf08af1f498c89-EWR
access-control-allow-origin
*
server
cloudflare
r43BVKpqVNByaR4gLMQgR4Bxv0Q6w9Dzv0MAphxEz80.js
www.google.com/js/th/ Frame 82D9 		57 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/r43BVKpqVNByaR4gLMQgR4Bxv0Q6w9Dzv0MAphxEz80.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/embeds/390179f0/www-embed-player-es6.vflset/www-embed-player-es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af8dc154aa6a54d072691e202cc420478071bf443ac3d0f3bf4300a61c44cfcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
br
age
24691
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Tue, 12 Jan 2027 12:32:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 12 Jan 2026 12:32:53 GMT
last-modified
Mon, 08 Dec 2025 17:30:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
22307
x-xss-protection
0
server
sffe
generate_204
www.youtube.com/ Frame 82D9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?N7cjuQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 12 Jan 2026 19:24:25 GMT
cross-origin-resource-policy
cross-origin
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 82D9 		102 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/embeds/390179f0/www-embed-player-es6.vflset/www-embed-player-es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b00ba6a2c7fe798fbc77bbf2daa8d10fe808dd8a75c0431d71ec8d46574dfd10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Content-Type
application/json+protobuf

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
date
Mon, 12 Jan 2026 19:24:25 GMT
x-xss-protection
0
content-type
application/json+protobuf; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 12 Jan 2026 19:24:25 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
invoke.js
walletblossomendanger.com/6dd5e3d7ac37d33b5abc87810f6ac7f3/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://walletblossomendanger.com/6dd5e3d7ac37d33b5abc87810f6ac7f3/invoke.js
Requested by
Host: adxpy.pages.dev
URL: https://adxpy.pages.dev/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36
Referer
https://ronny-simon-milb.pages.dev/

Response headers

accept-ch
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time
1
Connection
keep-alive
access-control-allow-origin
*
Content-Length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Mon, 12 Jan 2026 19:24:25 GMT
Content-Type
application/javascript
Host
walletblossomendanger.com
Server
nginx/1.21.6

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 string| query string| keyword string| hg_niche function| getTypeAds function| keyword_view function| base64Encode function| base64Decode function| isHuman function| handleScriptLoad function| handleScriptError object| mybutton object| dataMagic object| atOptions

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: Ix9Yo0VLThQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ti0GnZBiPjM
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgMA%3D%3D
.youtube.com/ Name: __Secure-ROLLOUT_TOKEN
Value: CILws4P2seq8AxCNxLWU3YaSAxiNxLWU3YaSAw%3D%3D

6 Console Messages

Source Level URL
Text
other warning URL: https://ronny-simon-milb.pages.dev/(Line 2)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://walletblossomendanger.com/c2/07/ec/c207ec84c2456af201cc563cadc36c46.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://walletblossomendanger.com/c6/4a/a1/c64aa11db612c16c65959b87a44dac81.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
violation error URL: https://www.youtube.com/s/player/b75a8e80/player_ias.vflset/en_US/base.js(Line 5397)
Message:
Permissions policy violation: compute-pressure is not allowed in this document.
rendering warning URL: https://www.youtube.com/embed/Lb4Safok7_U?autoplay=0&controls=1&end=0&loop=0&mute=0&start=0
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0704C0064150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network error URL: https://walletblossomendanger.com/6dd5e3d7ac37d33b5abc87810f6ac7f3/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adxpy.pages.dev
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
mtevor.com
ronny-simon-milb.pages.dev
static.doubleclick.net
tse1.mm.bing.net
walletblossomendanger.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
www.youtube.com
172.240.108.76
2606:4700:3033::6815:15a7
2606:4700:310c::ac42:2c87
2606:4700:310c::ac42:2ee0
2607:f8b0:4004:c07::67
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c0b::5b
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c1b::94
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c21::84
2607:f8b0:4004:c27::77
2620:1ec:33:1::10
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
319a003907917726592e76ad6319a1b3a93d456a464b78e5f0e8fea2242875e8
33ac7a1de2c648120d1715dc383b9c0c4ade765039bd7668551d07bdaea6cc0f
4183fc50d0ecbe4f28d32f897b93b712a6e90df092b0b5d921b51ce9da6931ee
43c5e44a20becc957cfe9a1bc0f78cf6d46b1333cdda23023effea49aa296470
462be5af37b2b7e0802668d183aee103e5159d0f3d62117502782195ff2eada6
5de53052c85d421a132310188b0a0821fe6c29150b8b47ba7440bb4a2f9f1980
644559b7590cf725119fd0ab8ed45a236d0faf9751693abb303038d7c349d2b2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e2a057f95bfae35c12f9c491d371245ab5b3540eb3b956032a63a92e99924d6
706553d734db9b8283c014e12b51c9ff7f1e07b0fe100b0055361161be7cf070
74479581b907c82abd5ffe8962866dbc01d03b941886cea43fdaed71f1ea5c80
81496c62f33c7090e09cd8ea1d016980fc4432fb6ca00450ccea59b926daa7e1
8794063dced5ec3d5035d4fd6e7cce885671224284469fe85e7b392a0fabf0a8
a482bf00fa5c046040ef7973ad5fdf5657890cacb596c93f1382f664ca542074
af8dc154aa6a54d072691e202cc420478071bf443ac3d0f3bf4300a61c44cfcd
b00ba6a2c7fe798fbc77bbf2daa8d10fe808dd8a75c0431d71ec8d46574dfd10
b187395ab221b37acb18539589c78af6292f85466f0e019b486918c4c388296f
b217b8239fb9a5b54bc86b39dc4c910bcc2236af92de2332d93b72ea0e1ef7db
b26277e44f2fe29283a55a632166f8a45dd1407a0970c13e08287406f94a0772
bcdee3821499881f27062f5feb6c24de1a08ab7b067a68b93c3e0ef4bb095e5f
c5ddaee5a6e09111dc2511e19dfcf14acd0b74cbab1cef4422d90a54b9eefbc5
ccec0c86cc7f2a5a86158c88b6085c3283e9fd84606316097b8b1153471305aa
e271f9647224dc6604cf3842071d13541c70c9f0747790104c024a52865bcb85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9