delightdate.life Open in urlscan Pro
185.155.186.12 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://3hy.online/officialHolmes21
Effective URL:
https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
Submission: On November 07 via api (November 7th 2023, 8:44:50 pm UTC) from US — Scanned from DE

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 79 HTTP transactions. The main IP is 185.155.186.12, located in Switzerland and belongs to TEKNOLOGY, CH. The main domain is delightdate.life.
TLS certificate: Issued by R3 on October 24th 2023. Valid for: 3 months.

This is the only time delightdate.life was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
6	194.147.78.42 194.147.78.42	50738 (HUIZE-TEL...) (HUIZE-TELECOM)
1 2	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
10	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 1	194.36.177.18 194.36.177.18	210281 (WAICORE) (WAICORE)
10	185.155.186.12 185.155.186.12	203639 (TEKNOLOGY) (TEKNOLOGY)
79	16

6 194.147.78.42 (Moscow, Russian Federation)

ASN50738 (HUIZE-TELECOM, GB)
PTR: free.ds

3hy.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1081:1 (Germany) 1 redirects

ASN200325 (BUNNYCDN, SI)

avatars.dicebear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.dicebear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.36.177.18 (Germany) 1 redirects

ASN210281 (WAICORE, GB)
PTR: cloud.hosted-by.srvcheap.me

h3yhome.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.155.186.12 (Switzerland)

ASN203639 (TEKNOLOGY, CH)
PTR: mail.tinderdevote.com

delightdate.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	2 MB
12	gstatic.com fonts.gstatic.com www.gstatic.com	207 KB
10	delightdate.life delightdate.life	466 KB
10	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3931	34 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 jnn-pa.googleapis.com — Cisco Umbrella Rank: 207	66 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
6	3hy.online 3hy.online	41 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	8 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	92 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	30 KB
2	dicebear.com 1 redirects avatars.dicebear.com — Cisco Umbrella Rank: 388857 api.dicebear.com — Cisco Umbrella Rank: 235556	1 KB
1	h3yhome.online 1 redirects h3yhome.online	975 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	11 KB
79	13

	Domain	Requested by
13	www.youtube.com	3hy.online www.youtube.com
10	delightdate.life	3hy.online delightdate.life
10	fonts.gstatic.com	3hy.online fonts.googleapis.com www.youtube.com
10	static.addtoany.com	3hy.online static.addtoany.com
6	jnn-pa.googleapis.com	www.youtube.com
6	3hy.online	3hy.online
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	yt3.ggpht.com	www.youtube.com
2	i.ytimg.com	www.youtube.com
2	www.google.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	fonts.googleapis.com	3hy.online delightdate.life
1	h3yhome.online	1 redirects
1	use.fontawesome.com	3hy.online
1	api.dicebear.com	3hy.online
1	avatars.dicebear.com	1 redirects
79	17

This site contains no links.

Subject Issuer	Validity	Valid
3hy.online R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
static.addtoany.com E1	`2023-10-29` - `2024-01-27`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
delightdate.life R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
Frame ID: F6799A9927CD91E87CADD6C55ACDDF7B
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5qap5aO4i9A
Frame ID: 997645B2D76641640B19B948CA0EEC6A
Requests: 21 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 2F0F0D507C433EC25513438FE7945589
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5qap5aO4i9A
Frame ID: 53E27C806B8D2172204D756756803D07
Requests: 20 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 3EB666EDD86C70B3209728EDCF2B1F8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zum scheissen heute Frauen aus deiner Umgebung

Page URL History Show full URLs

https://3hy.online/officialHolmes21 Page URL
https://h3yhome.online/WCjhv3kx HTTP 302
https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5 Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

86 %
HTTPS

81 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

2941 kB
Transfer

7986 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://3hy.online/officialHolmes21 Page URL
https://h3yhome.online/WCjhv3kx HTTP 302
https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://avatars.dicebear.com/api/micah/Daniel%20Gibson.svg?mouth=smile HTTP 301
https://api.dicebear.com/avatar.svg

Request Chain 28

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 53

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

79 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 officialHolmes21 Show response
3hy.online/ 12 KB
4 KB 295ms
68ms Document
text/html 194.147.78.42
HUIZE-TELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://3hy.online/officialHolmes21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.78.42 Moscow, Russian Federation, ASN50738 (HUIZE-TELECOM, GB),
Reverse DNS: free.ds
Software: nginx /
Resource Hash: 0b9c23fee1f8416306943f07c293a232c2be3bbe55793ea45016457029fe56d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 3906
content-type: text/html; charset=UTF-8
date: Tue, 07 Nov 2023 20:44:43 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 css_013c474410ba80b8d8e3e5f965e38f12.css
3hy.online/assets/ 96 KB
13 KB 70ms
68ms Stylesheet
text/css 194.147.78.42
HUIZE-TELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://3hy.online/assets/css_013c474410ba80b8d8e3e5f965e38f12.css
Requested by: Host: 3hy.online
URL: https://3hy.online/officialHolmes21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.78.42 Moscow, Russian Federation, ASN50738 (HUIZE-TELECOM, GB),
Reverse DNS: free.ds
Software: nginx /
Resource Hash: b0a59cc28632affc6490c5248131315b0c0a2f76ad66951505e38a01276772cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3hy.online/officialHolmes21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
content-encoding: gzip
last-modified: Thu, 02 Nov 2023 13:48:29 GMT
server: nginx
etag: W/"6543a8ad-17f86"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css.css
3hy.online/assets/ 2 KB
563 B 133ms
131ms Stylesheet
text/css 194.147.78.42
HUIZE-TELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://3hy.online/assets/css.css
Requested by: Host: 3hy.online
URL: https://3hy.online/officialHolmes21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.78.42 Moscow, Russian Federation, ASN50738 (HUIZE-TELECOM, GB),
Reverse DNS: free.ds
Software: nginx /
Resource Hash: 2bf12dd09417bd879194b11b5d2a4e81f78e12f3e0869f16e038003b4636a525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3hy.online/officialHolmes21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
content-encoding: gzip
last-modified: Thu, 02 Nov 2023 13:48:29 GMT
server: nginx
etag: W/"6543a8ad-7d8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css_002.css
3hy.online/assets/ 2 KB
576 B 133ms
131ms Stylesheet
text/css 194.147.78.42
HUIZE-TELECOM

General

Check archive.org

Show headers Download Go to

Full URL: https://3hy.online/assets/css_002.css
Requested by: Host: 3hy.online
URL: https://3hy.online/officialHolmes21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.78.42 Moscow, Russian Federation, ASN50738 (HUIZE-TELECOM, GB),
Reverse DNS: free.ds
Software: nginx /
Resource Hash: bb0bf2d733b2a149bef6b82de488a4c375abaccc3c9ab18e6b75fca98c509c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3hy.online/officialHolmes21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
content-encoding: gzip
last-modified: Thu, 02 Nov 2023 13:48:29 GMT
server: nginx
etag: W/"6543a8ad-85c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

avatar.svg
api.dicebear.com/
Redirect Chain

https://avatars.dicebear.com/api/micah/Daniel%20Gibson.svg?mouth=smile
https://api.dicebear.com/avatar.svg

459 B
796 B

92ms
21ms

Image
image/svg+xml

2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.dicebear.com/avatar.svg
Requested by: Host: 3hy.online
URL: https://3hy.online/officialHolmes21
Protocol: H2
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: ddffe4236d68cb7f70d3d3482c9446c496b5f0bccecc4992c32032c921f75e33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3hy.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-662
cdn-cachedat: 10/31/2023 18:59:48
cdn-pullzone: 147563
last-modified: Fri, 29 Sep 2023 05:25:41 GMT
server: BunnyCDN-DE1-1081
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65165fd5-1cb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: cd8b9392-b9a4-4962-9235-a51defc82e95
cache-control: public, max-age=31919000
cdn-requestid: 531bcde351ba03c150d10594333d2e41
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Tue, 07 Nov 2023 20:44:43 GMT
strict-transport-security: max-age=15768000; includeSubDomains
cdn-edgestorageid: 1081
cdn-cachedat: 11/07/2023 20:06:22
cdn-pullzone: 147563
content-length: 113
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 301
content-type: application/json; charset=utf-8
location: https://api.dicebear.com/avatar.svg
access-control-allow-origin: *
cdn-uid: cd8b9392-b9a4-4962-9235-a51defc82e95
cache-control: public, max-age=31919000
cdn-cache: STALE
cdn-requestid: 87913609bad681bb50e22f16d82da371
cdn-requestcountrycode: DE
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 93ms
43ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: 3hy.online
URL: https://3hy.online/officialHolmes21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3hy.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20270
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"03396a6543cd35a0e73d2b4de150841b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljoS6TqDrW%2FHE9eCZwIWKGIsTKHOJeDQSSiHrb5xg%2BbklA12LzakQWqvSOEQ%2BxqmxMxWEzZJR%2BBfNvSv23Bmw8KSmotLV9Q3BMi5tjwaZrNZCXMYhUpjceb0%2BfnQdwRfRScyc3YK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 82286a726cde9a24-FRA

GET
H2 200 *
3hy.online/image/ 12 KB
12 KB 134ms
132ms Image
text/html 194.147.78.42
HUIZE-TELECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3hy.online/image/*
Requested by: Host: 3hy.online
URL: https://3hy.online/officialHolmes21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.78.42 Moscow, Russian Federation, ASN50738 (HUIZE-TELECOM, GB),
Reverse DNS: free.ds
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3hy.online/officialHolmes21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
content-encoding: gzip
server: nginx
content-length: 3906
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 all.css
use.fontawesome.com/releases/v5.4.1/css/ 49 KB
11 KB 95ms
44ms Stylesheet
text/css 2606:4700:3037::ac43:8ef5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.4.1/css/all.css
Requested by: Host: 3hy.online
URL: https://3hy.online/officialHolmes21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1

Request headers

Referer: https://3hy.online/
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52065
etag: W/"beb60a9475685e87a9738a7306591e69"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FjkQcJHFbcSTMNuixaf3NiF2H1Ka7kTajmA4CUVRU4VRIfD3U6LLzbRUyyMsa3HyWPX67cM%2BR8qLgrJdYCndasmyGbXkWe9pKTU1l8KUS5L02gY3%2BLkrecQxLbU9iGjxSAIJxxHa%2Fv622s7zORIgbqo0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82286a724d92994b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 82ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: 3hy.online
URL: https://3hy.online/officialHolmes21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3hy.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 20:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 19:59:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 20:44:43 GMT

GET
H2 200 5qap5aO4i9A Show response
www.youtube.com/embed/ Frame 9976 91 KB
40 KB 136ms
77ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/5qap5aO4i9A

Requested by

Host: 3hy.online
URL: https://3hy.online/officialHolmes21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36965e9e8bf89adbd3d05f86d399af5b1358b7c9d0fda6a8ffa3258090fd44cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3hy.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 20:44:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 2F0F 677 B
727 B 47ms
45ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://3hy.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 19388
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 82286a72bd339a24-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 20:44:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubLD14xF5rQOLVhQkRBDS7%2Fr1AAqtyFZKj4jB%2B1yNbHCjrQiZitnG3wHIAV%2BsNk0Eyy9CSnwp3QX%2FrDgxU3J9miN6MLThV5dpymPxKkfbYRNPdm1xi4VFX5DIBR5rKPIGT1yHcw71PhOIs9orG7EH3TA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.11bfb520.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 118ms
69ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.11bfb520.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://3hy.online/
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a34c5f06f67d42236ec124345ba1b81c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GT9XTO0XDzlpB%2FaSU0YEwGQ69Z0gPDeZWi2NfANXWaE0G0lfwDxQNl4HE7u%2BOvmR5iEl5Rhwxd8FF%2BMiurvG5Q1q%2FknhuCryQ3ESG1UKVD32eziZl1r2YTDufgUdatmXN5ajLKXv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 82286a730db3048b-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 106ms
55ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: 3hy.online
URL: https://3hy.online/assets/css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3hy.online/
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 23:25:29 GMT
x-content-type-options: nosniff
age: 335954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 23:25:29 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 117ms
66ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: 3hy.online
URL: https://3hy.online/assets/css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3hy.online/
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 16:17:55 GMT
x-content-type-options: nosniff
age: 448008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 16:17:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 96ms
45ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: 3hy.online
URL: https://3hy.online/assets/css.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3hy.online/
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 20:34:29 GMT
x-content-type-options: nosniff
age: 432614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 20:34:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 74ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 405471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 04:06:52 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/2be84af7/ Frame 9976 377 KB
48 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

715c21bf8bc47b4d741023e7f494fe64f2db015cecbf1750795c15e9c6141e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48807
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 11:23:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9976 15 KB
15 KB 42ms
28ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 03:12:15 GMT
x-content-type-options: nosniff
age: 408748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 03:12:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9976 15 KB
15 KB 84ms
70ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 429488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 21:26:35 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/ Frame 9976 55 KB
17 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08a9702606f636772127c9501fe702614bcbb9da50badab5f8d3035d07ef31ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17564
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 05:04:11 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/2be84af7/www-embed-player.vflset/ Frame 9976 320 KB
96 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

636cdf4819edbb8ff3a3df6833131c8125db1f461820daa3d4ec5fdca0c28f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32332
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98279
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 11:45:51 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/ Frame 9976 2 MB
759 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2a2226302a9266d8b9eb349dac1657fb704376c1904362b85f090585a1f314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 776504
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 05:04:11 GMT

GET
H3 200 a2a.js
static.addtoany.com/menu/svg/icons/ 182 B
674 B 133ms
133ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgjutylS7Lw8XMpGcTgk39hreXxfvLk%2Br6d5e7D5ryGMLq8FjTjt5d1wsKOnvKQ664I1tDOPN79sMuSc0ctcEA6DBjhQ5J%2BPsssD5wrZ89qH7f44ngwNTv3Ysp%2BgvKLCogSSobBHymz04lJmyshfaEtg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 82286a73ae8a048b-FRA

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 430 B
824 B 71ms
70ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3c6ccaafe275b5b477d0400b5847bbce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEOa5K12xQDUBavcCrZcm6UYtvUZEZCAHJRND22OLtTRcv1LHaPwa7kJDoWuyyX8ls2mhB7J0M9UBHsNrQiPGI1N0UpQfnJ3cglWvgeenbxigWbe5WAGDH%2FKjV%2Fu7i187njrNH68Had3Ots7w5%2FJrT%2Bp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 82286a73be8c048b-FRA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
937 B 80ms
79ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"31edccd311957616d32bbcad27fcf679"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUcFArCnp03TxYXti5MnD08IbkW5gH88mU2SeCS%2FF%2BBSPzC35Yqi4vT3cAhiLfdQDMfCjwT0j8UW59OrSGRk1O4x0Tyoe2j%2Fsw%2BZwamBeZ7EbT3G4g%2FyWNwvqS0mUP1skh7HOgMusFU9KxdxexQqEnfE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 82286a73be8d048b-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 427 B
826 B 81ms
80ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"48a669f03d3a3ea93ea22be8f12d6cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQhEtLdrW7SoijHszewdfelYxLRhRlCq42WWJLA7B785dek76DrfLu3jvSI%2FDbdvuJWImvGfW2yN98y5LBsOJ2%2F%2FPhKqzDeFbI5IkXK4RzdpL6PfH839BPZZDg6lkyh8JkBsEL4X1YBYsHcPHXb%2FZWgY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 82286a73be8e048b-FRA

GET
H3 200 telegram.js Show response
static.addtoany.com/menu/svg/icons/ 360 B
786 B 77ms
76ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/telegram.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fb47b4f6548b6499923a1beed7472419"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpjWwLui5gJNPIrhwqEhDUrUdqnk4coKrMNM%2FMrtLU81Q05eoovjnkd00hgum60uUI%2FpEOk5J35otxIdyg0J3r12rQ8diA8SaAldXeu3HQDpSIg%2FF%2BV6HQnInDrbSB90%2B0aCGa1n4BRCT9PNKa6LaaBw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 82286a73be8f048b-FRA

GET
H3 200 whatsapp.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 79ms
78ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/whatsapp.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390bb80c8ec894a3669df1522e5f88b9f1c2a7dc7b2a6aa39ea8a6401b1aea80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://3hy.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6a035bb94747645017c1cfe9f5801857"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaHamK0ZEnX%2Bjg5rQ27KwqkJDmiRzxP%2F4hym9wykj29DPSmgvCQLI6yqA1AzAId%2FGPgRzEB3L7160Rv2comEurGtQCfOmAW%2F1Zalt4lWZFWayOxWwrH8cMmRmuvrUcX6sD1XYLrDqvu3bm2LH%2BzNiqMP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 82286a73be91048b-FRA

GET
H2

200

id
googleads.g.doubleclick.net/pagead/ Frame 9976
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

30ms
29ms

XHR
application/json

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 07 Nov 2023 20:44:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js
static.doubleclick.net/instream/ Frame 9976 29 B
495 B 147ms
22ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2be84af7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:35:08 GMT
x-content-type-options: nosniff
age: 575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Nov 2023 20:50:08 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 132ms
29ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Nov 2023 20:44:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9976 69 KB
32 KB 37ms
36ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32156
x-xss-protection: 0

GET
H3 200 remote.js
www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/ Frame 9976 116 KB
33 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:04:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33694
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 05:04:13 GMT

GET
H2 200 FHpo6pEqcSRgVdNkQyOrWf56osNa_SwdaUPxzrL5JrM.js
www.google.com/js/th/ Frame 9976 38 KB
15 KB 107ms
22ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/FHpo6pEqcSRgVdNkQyOrWf56osNa_SwdaUPxzrL5JrM.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 03:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14825
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 03:11:07 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/5qap5aO4i9A/ Frame 9976 46 KB
46 KB 91ms
23ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/5qap5aO4i9A/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:29:00 GMT
x-content-type-options: nosniff
age: 943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46836
x-xss-protection: 0
server: sffe
etag: "1657470070"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 22:29:00 GMT

GET
DATA 200
OK truncated
/ Frame 9976 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 x-kJ0glXWZPeLKAOVXHDFJa48t35XgYYTPDLcCuXkGSk8_b_wuCB_aTuDymj_6RXiCFpBGh5=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 9976 4 KB
4 KB 80ms
28ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/x-kJ0glXWZPeLKAOVXHDFJa48t35XgYYTPDLcCuXkGSk8_b_wuCB_aTuDymj_6RXiCFpBGh5=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 19:37:02 GMT
x-content-type-options: nosniff
age: 4061
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3978
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:37:02 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 9976 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?78tMIg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9976 4 KB
2 KB 87ms
31ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 20:44:43 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 31ms
30ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Nov 2023 20:44:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9976 0
0

GET
H2 200 cast_sender.js
www.gstatic.com/eureka/clank/119/ Frame 9976 50 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/119/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 14:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 08 Nov 2023 14:24:18 GMT

POST atr
www.youtube.com/api/stats/ Frame 9976 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 9976 0
0

GET
H3 200 5qap5aO4i9A
www.youtube.com/embed/ Frame 53E2 91 KB
39 KB 80ms
79ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/5qap5aO4i9A

Requested by

Host: 3hy.online
URL: https://3hy.online/officialHolmes21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3hy.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 20:44:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sm.24.html
static.addtoany.com/menu/ Frame 3EB6 677 B
920 B 41ms
41ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: 3hy.online
URL: https://3hy.online/officialHolmes21

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://3hy.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 26241
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 82286a7708941c85-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 20:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kQ2R02aGx712J5Nu82HHRcf0EZf5HdGmojNXhcNqP9cIeacrqBHGMLllZRsTZObahV3xuiWQyRhEFWtmSAyUIK4fzbsKd3KsdHCG8e8xcmvvIzRdqm4ToJ2w1UI9lx5EClSm9FW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 *
3hy.online/image/ 12 KB
12 KB 66ms
66ms Image
text/html 194.147.78.42
HUIZE-TELECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3hy.online/image/*
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.147.78.42 Moscow, Russian Federation, ASN50738 (HUIZE-TELECOM, GB),
Reverse DNS: free.ds
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3hy.online/officialHolmes21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:44 GMT
content-encoding: gzip
server: nginx
content-length: 3906
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 www-player.css
www.youtube.com/s/player/2be84af7/ Frame 53E2 377 KB
48 KB 25ms
25ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48807
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 11:23:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 53E2 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 03:12:15 GMT
x-content-type-options: nosniff
age: 408749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 03:12:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 53E2 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 429489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 21:26:35 GMT

GET
H3 200 embed.js
www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/ Frame 53E2 55 KB
17 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17564
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 05:04:11 GMT

GET
H3 200 www-embed-player.js
www.youtube.com/s/player/2be84af7/www-embed-player.vflset/ Frame 53E2 320 KB
96 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 11:45:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32333
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98279
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 11:45:51 GMT

GET
H3 200 base.js
www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/ Frame 53E2 2 MB
758 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56433
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 776504
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 05:04:11 GMT

GET
H/1.1

200
OK

Primary Request / Show response
delightdate.life/
Redirect Chain

https://h3yhome.online/WCjhv3kx
https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5

7 KB
7 KB

169ms
47ms

Document
text/html

185.155.186.12
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
Requested by: Host: 3hy.online
URL: https://3hy.online/officialHolmes21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.186.12 , Switzerland, ASN203639 (TEKNOLOGY, CH),
Reverse DNS: mail.tinderdevote.com
Software: nginx /
Resource Hash: 38fe50bca691ab88fecfb3a61b5299f01446d798e38d4cc507d1c45edc3e04ac

Request headers

Referer: https://3hy.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 7275
Content-Type: text/html
Date: Tue, 07 Nov 2023 20:44:44 GMT
Server: nginx
cache-control: private

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 07 Nov 2023 20:44:44 GMT
Expires: 0
Last-Modified: Tue, 07 Nov 2023 20:44:44 GMT
Location: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding

GET
H3

200

id
googleads.g.doubleclick.net/pagead/ Frame 53E2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

29ms
29ms

XHR
application/json

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 07 Nov 2023 20:44:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js
static.doubleclick.net/instream/ Frame 53E2 29 B
93 B 22ms
21ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2be84af7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:35:08 GMT
x-content-type-options: nosniff
age: 576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Nov 2023 20:50:08 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
28ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Nov 2023 20:44:44 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 53E2 69 KB
32 KB 37ms
36ms XHR
application/json+protobuf 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Nov 2023 20:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32253
x-xss-protection: 0

GET
H3 200 remote.js
www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/ Frame 53E2 116 KB
33 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5qap5aO4i9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:04:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33694
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 00:13:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 06 Nov 2024 05:04:13 GMT

GET
H2 200 FHpo6pEqcSRgVdNkQyOrWf56osNa_SwdaUPxzrL5JrM.js
www.google.com/js/th/ Frame 53E2 38 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/FHpo6pEqcSRgVdNkQyOrWf56osNa_SwdaUPxzrL5JrM.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 03:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14825
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Nov 2024 03:11:07 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/5qap5aO4i9A/ Frame 53E2 46 KB
46 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/5qap5aO4i9A/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2be84af7/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 20:29:00 GMT
x-content-type-options: nosniff
age: 944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46836
x-xss-protection: 0
server: sffe
etag: "1657470070"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 22:29:00 GMT

GET
DATA 200
OK truncated
/ Frame 53E2 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 x-kJ0glXWZPeLKAOVXHDFJa48t35XgYYTPDLcCuXkGSk8_b_wuCB_aTuDymj_6RXiCFpBGh5=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 53E2 4 KB
4 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/x-kJ0glXWZPeLKAOVXHDFJa48t35XgYYTPDLcCuXkGSk8_b_wuCB_aTuDymj_6RXiCFpBGh5=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5qap5aO4i9A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 19:37:02 GMT
x-content-type-options: nosniff
age: 4062
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3978
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 08 Nov 2023 19:37:02 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
28ms Preflight
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 07 Nov 2023 20:44:44 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 53E2 0
0

GET cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 53E2 0
0

GET generate_204
www.youtube.com/ Frame 53E2 0
0

POST atr
www.youtube.com/api/stats/ Frame 53E2 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 53E2 0
0

GET
H/1.1 200
OK animate.min.css
delightdate.life/media/dating/toon2/css/ 52 KB
52 KB 39ms
37ms Stylesheet
text/css 185.155.186.12
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://delightdate.life/media/dating/toon2/css/animate.min.css

Requested by

Host: delightdate.life
URL: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.186.12 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

mail.tinderdevote.com

Software

nginx /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 20:44:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17957218A5564A70
Connection: keep-alive
Content-Length: 52789
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:22:58 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:58.958597404Z
ETag: "178b651958ceff556cbc5f355e08bbf1"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134506#144014750/gid:0/gname:root/mode:33279/mtime:1655387458#958597404/uid:0/uname:root
Expires: Wed, 06 Nov 2024 20:44:44 GMT

GET
H/1.1 200
OK style.css
delightdate.life/media/dating/toon2/css/ 8 KB
9 KB 117ms
48ms Stylesheet
text/css 185.155.186.12
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://delightdate.life/media/dating/toon2/css/style.css

Requested by

Host: delightdate.life
URL: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.186.12 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

mail.tinderdevote.com

Software

nginx /

Resource Hash

b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 20:44:44 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17957218A9AB83FF
Connection: keep-alive
Content-Length: 8608
X-Amz-Id-2: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 03 Apr 2023 12:29:49 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:58.962597414Z
ETag: "549edaff59c582a6a3ca91f95c60ea71"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1679349393#759503244/gid:0/gname:root/mode:33279/mtime:1655387458#962597414/uid:0/uname:root
Expires: Wed, 06 Nov 2024 20:44:44 GMT

GET
H/1.1 200
OK js.cookie.js Show response
delightdate.life/cookie/ 4 KB
5 KB 105ms
36ms Script
application/javascript 185.155.186.12
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://delightdate.life/cookie/js.cookie.js

Requested by

Host: delightdate.life
URL: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.186.12 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

mail.tinderdevote.com

Software

nginx /

Resource Hash

985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 20:44:44 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 1795713AA2E32B8E
Connection: keep-alive
Content-Length: 4264
X-Amz-Id-2: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 03 Apr 2023 12:26:39 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-07-21T10:00:37.354375Z
ETag: "a7e9883924072f15259de6888d5ef515"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1679394897#900490365/gid:0/gname:root/mode:33188/mtime:1658397637#354375000/uid:0/uname:root
Expires: Wed, 06 Nov 2024 20:44:44 GMT

GET
H/1.1 200
OK utils.js Show response
delightdate.life/util/ 7 KB
8 KB 106ms
37ms Script
application/javascript 185.155.186.12
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://delightdate.life/util/utils.js

Requested by

Host: delightdate.life
URL: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.186.12 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

mail.tinderdevote.com

Software

nginx /

Resource Hash

8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 20:44:44 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 1795713AA4EED780
Connection: keep-alive
Content-Length: 7512
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:36:45 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z
ETag: "01816d15ca03032751161a746e2fb7c3"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676885559#334512232/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root
Expires: Wed, 06 Nov 2024 20:44:44 GMT

GET
H/1.1 200
OK 123.jpg
delightdate.life/media/dating/toon2/images/ 175 KB
176 KB 166ms
97ms Image
image/jpeg 185.155.186.12
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://delightdate.life/media/dating/toon2/images/123.jpg

Requested by

Host: delightdate.life
URL: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.186.12 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

mail.tinderdevote.com

Software

nginx /

Resource Hash

f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 20:44:44 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17957218ABF03F6A
Connection: keep-alive
Content-Length: 179176
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:32:28 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:58.958597404Z
ETag: "a2d245e1c43c61ca34bea001510dd6d9"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676843394#511755078/gid:0/gname:root/mode:33279/mtime:1655387458#958597404/uid:0/uname:root
Expires: Wed, 06 Nov 2024 20:44:44 GMT

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
delightdate.life/media/dating/toon2/js/ 84 KB
84 KB 165ms
96ms Script
application/javascript 185.155.186.12
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://delightdate.life/media/dating/toon2/js/jquery-2.2.4.min.js

Requested by

Host: delightdate.life
URL: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.186.12 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

mail.tinderdevote.com

Software

nginx /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 20:44:44 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17957218ABA82395
Connection: keep-alive
Content-Length: 85578
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:32:28 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:58.954597395Z
ETag: "2f6b11a7e914718e0290410e85366fe9"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676843394#515755084/gid:0/gname:root/mode:33279/mtime:1655387458#954597395/uid:0/uname:root
Expires: Wed, 06 Nov 2024 20:44:44 GMT

GET
H/1.1 200
OK bb.js Show response
delightdate.life/media/ 639 B
1 KB 34ms
33ms Script
application/javascript 185.155.186.12
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://delightdate.life/media/bb.js

Requested by

Host: delightdate.life
URL: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.186.12 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

mail.tinderdevote.com

Software

nginx /

Resource Hash

1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 20:44:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17957123238EEDD2
Connection: keep-alive
Content-Length: 639
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:21:05 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134512#756035434/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
Expires: Wed, 06 Nov 2024 20:44:44 GMT

GET
H/1.1 200
OK exit1.js Show response
delightdate.life/media/exit-new/ 3 KB
4 KB 35ms
35ms Script
application/javascript 185.155.186.12
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://delightdate.life/media/exit-new/exit1.js

Requested by

Host: delightdate.life
URL: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.186.12 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

mail.tinderdevote.com

Software

nginx /

Resource Hash

618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delightdate.life/?u=e25kd0d&o=74ppu9k&t=ty&cid=3hku7u1geb5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 20:44:44 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 1795712325AF6FB1
Connection: keep-alive
Content-Length: 3473
X-Xss-Protection: 1; mode=block
Last-Modified: Mon, 20 Feb 2023 09:32:43 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
ETag: "625e5e2950612f771e246beb33c9ea61"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1676843279#623580037/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
Expires: Wed, 06 Nov 2024 20:44:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 32 KB
2 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: delightdate.life
URL: https://delightdate.life/media/dating/toon2/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d64259d39864129775a1a42bfebd44c3a02ae14bb8dbfc1b1f84cd720ecb82b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delightdate.life/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 20:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 20:40:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 20:44:44 GMT

GET
H/1.1 200
OK bg.jpg
delightdate.life/media/dating/toon2/images/ 117 KB
118 KB 38ms
37ms Image
image/jpeg 185.155.186.12
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://delightdate.life/media/dating/toon2/images/bg.jpg

Requested by

Host: delightdate.life
URL: https://delightdate.life/media/dating/toon2/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

185.155.186.12 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

mail.tinderdevote.com

Software

nginx /

Resource Hash

1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://delightdate.life/media/dating/toon2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Tue, 07 Nov 2023 20:44:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17957218AEBA622A
Connection: keep-alive
Content-Length: 119754
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:22:58 GMT
Server: nginx
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:58.958597404Z
ETag: "842a5629f17ec8342230aa12ea32291a"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134506#144014750/gid:0/gname:root/mode:33279/mtime:1655387458#958597404/uid:0/uname:root
Expires: Wed, 06 Nov 2024 20:44:44 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://delightdate.life
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 16:54:52 GMT
x-content-type-options: nosniff
age: 445792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 16:54:52 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://delightdate.life
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 493558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 03:38:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=AfIiuciQVg-5hHnq&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2F3hy.online%2F&lact=373&cl=579982819&mos=0&volume=100&cbr=Chrome&cbrver=119.0.6045.105&c=WEB_EMBEDDED_PLAYER&cver=1.20231031.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=HU&len=75037431&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C176962%2C53634%2C60173%2C24564%2C17228%2C8460%2C9541%2C1089%2C5877%2C394%2C3200%2C26436294%2C4054%2C1253%2C677%2C5181%2C1543%2C7826%2C820%2C736%2C2040%2C7229%2C859%2C1093%2C1432%2C885%2C1697%2C1101%2C3647%2C4496%2C268%2C2898&muted=0&docid=5qap5aO4i9A

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Domain: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Domain: www.youtube.com
URL: https://www.youtube.com/generate_204?0-vNkQ

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=sMWsVBAd0eUnaInj&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2F3hy.online%2F&lact=240&cl=579982819&mos=0&volume=100&cbr=Chrome&cbrver=119.0.6045.105&c=WEB_EMBEDDED_PLAYER&cver=1.20231031.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=HU&len=75037431&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C176962%2C53634%2C60173%2C24564%2C17228%2C8460%2C9541%2C1089%2C5877%2C394%2C3200%2C26436294%2C4054%2C1253%2C677%2C5181%2C1543%2C7826%2C820%2C736%2C2040%2C7229%2C859%2C1093%2C1432%2C885%2C1697%2C1101%2C3647%2C4496%2C268%2C2898&muted=0&docid=5qap5aO4i9A

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 4CuhHtF2RkI
.youtube.com/	1970-01-20 20:22:21	Name: VISITOR_INFO1_LIVE Value: HRLcCce8yDg
h3yhome.online/	1970-01-20 16:47:48	Name: _subid Value: 3hku7u1geb5
h3yhome.online/	1970-01-20 16:47:48	Name: _token Value: uuid_3hku7u1geb5_3hku7u1geb5654aa1bc494453.12704357
h3yhome.online/	1970-01-21 01:39:09	Name: 0c9c8 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQxXCI6MTY5OTM4OTg4NH0sXCJjYW1wYWlnbnNcIjp7XCIxNFwiOjE2OTkzODk4ODR9LFwidGltZVwiOjE2OTkzODk4ODR9In0.FWhOF2ViuRJbKLFqycG_ECnZtkgKoS7pL5v1GCEzUVY
delightdate.life/	1969-12-31 23:59:59	Name: sid Value: t9~wp0s2k0pegzmuvxil5icf1bk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3hy.online
api.dicebear.com
avatars.dicebear.com
delightdate.life
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h3yhome.online
i.ytimg.com
jnn-pa.googleapis.com
static.addtoany.com
static.doubleclick.net
use.fontawesome.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
jnn-pa.googleapis.com
www.gstatic.com
www.youtube.com
185.155.186.12
194.147.78.42
194.36.177.18
2400:52e0:1e00::1081:1
2606:4700:10::ac43:2794
2606:4700:3037::ac43:8ef5
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2006
2a00:1450:4001:812::2001
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2016
042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08a9702606f636772127c9501fe702614bcbb9da50badab5f8d3035d07ef31ae
0b9c23fee1f8416306943f07c293a232c2be3bbe55793ea45016457029fe56d4
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4
2bf12dd09417bd879194b11b5d2a4e81f78e12f3e0869f16e038003b4636a525
36965e9e8bf89adbd3d05f86d399af5b1358b7c9d0fda6a8ffa3258090fd44cc
38fe50bca691ab88fecfb3a61b5299f01446d798e38d4cc507d1c45edc3e04ac
390bb80c8ec894a3669df1522e5f88b9f1c2a7dc7b2a6aa39ea8a6401b1aea80
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4d3b4d5d99f92dcc1f1c169db00f76aa1dc65d5d82192afcff04cf8a018a7ba1
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
636cdf4819edbb8ff3a3df6833131c8125db1f461820daa3d4ec5fdca0c28f79
6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
715c21bf8bc47b4d741023e7f494fe64f2db015cecbf1750795c15e9c6141e17
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7e2a2226302a9266d8b9eb349dac1657fb704376c1904362b85f090585a1f314
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
b0a59cc28632affc6490c5248131315b0c0a2f76ad66951505e38a01276772cb
b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397
b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da
bb0bf2d733b2a149bef6b82de488a4c375abaccc3c9ab18e6b75fca98c509c42
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d64259d39864129775a1a42bfebd44c3a02ae14bb8dbfc1b1f84cd720ecb82b3
ddffe4236d68cb7f70d3d3482c9446c496b5f0bccecc4992c32032c921f75e33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

delightdate.life Open in urlscan Pro 185.155.186.12 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

86 %HTTPS

81 %IPv6

13 Domains

17 Subdomains

16 IPs

4 Countries

2941 kBTransfer

7986 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

delightdate.life Open in urlscan Pro
185.155.186.12 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

86 %
HTTPS

81 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

2941 kB
Transfer

7986 kB
Size

6
Cookies

79 HTTP transactions
2 data transactions