urlscan.io logo urlscan.io
SecurityTrails logo

nrolucky.top Open in urlscan Pro
103.200.23.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nrolucky.top/
Effective URL: http://nrolucky.top/
Submission: On August 10 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 56 HTTP transactions. The main IP is 103.200.23.120, located in Viet Nam and belongs to VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN. The main domain is nrolucky.top.
This is the only time nrolucky.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    103.200.23.120 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: host120.vietnix.vn
nrolucky.top
8    2607:f8b0:4006:822::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    103.82.32.49 (Viet Nam)

ASN38733 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)
gamehub.pro
8    2607:f8b0:4006:81f::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2607:f8b0:4006:81c::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2607:f8b0:4006:80b::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:80f::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2607:f8b0:4006:81d::2006 (Stony Point, United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2607:f8b0:4006:808::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2607:f8b0:4006:80e::2004 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:806::2016 (Stony Point, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2607:f8b0:4006:817::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2607:f8b0:4006:809::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2607:f8b0:4006:81d::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
tpc.googlesyndication.com — Cisco Umbrella Rank: 151
263 KB
9 nrolucky.top
nrolucky.top
22 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
976 KB
7 gamehub.pro
gamehub.pro Failed
6 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
50 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
static.doubleclick.net — Cisco Umbrella Rank: 313
6 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 271
31 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
16 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 246
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 120
62 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1216
603 B
56 11
Domain Requested by
9 nrolucky.top nrolucky.top
8 www.youtube.com nrolucky.top
www.youtube.com
8 pagead2.googlesyndication.com nrolucky.top
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 gamehub.pro nrolucky.top
gamehub.pro
4 jnn-pa.googleapis.com www.youtube.com
4 fonts.gstatic.com www.youtube.com
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com www.youtube.com
tpc.googlesyndication.com
1 www.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 partner.googleadservices.com pagead2.googlesyndication.com
56 14

This site contains links to these domains. Also see Links.

Domain
vutindz.000.pe
www.youtube.com
zalo.me
Subject Issuer Validity Valid
nrolucky.top
ZeroSSL RSA Domain Secure Site CA		 2023-07-06 -
2023-10-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://nrolucky.top/
Frame ID: 3315185A4D98BDA5DF4E16A6518399C1
Requests: 27 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DKKZCrJ-pK8
Frame ID: 38DC1696C35BABA110F16B3A1F90CA80
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230808/r20190131/zrt_lookup.html
Frame ID: 118AF7C5B3E22F4FB0E6911786404F83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5612394638477254&output=html&adk=1812271804&adf=3025194257&lmt=1690761646&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=http%3A%2F%2Fnrolucky.top%2F&ea=0&pra=5&wgl=1&dt=1691632910375&bpp=7&bdt=577&idt=323&shv=r20230808&mjsv=m202308070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6455220683730&frm=20&pv=2&ga_vid=909842877.1691632911&ga_sid=1691632911&ga_hid=1498750332&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31076924%2C44785292&oid=2&pvsid=2176597161087313&tmod=247579834&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=360
Frame ID: 885B1FB5FD56B562A556422F5D7ADC3D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A396B11249AD2B18959EE68DB3F5FED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 092BB0658B73B4BE68270B084D7F4605
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tai Game Java, Wap Tai Game Hay Miễn PhíBình luận

Page URL History Show full URLs

  1. https://nrolucky.top/ Page URL
  2. http://nrolucky.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

56
Requests

71 %
HTTPS

86 %
IPv6

11
Domains

14
Subdomains

15
IPs

2
Countries

1435 kB
Transfer

4322 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nrolucky.top/ Page URL
  2. http://nrolucky.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nrolucky.top/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nrolucky.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.120 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host120.vietnix.vn
Software
LiteSpeed /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
2253
content-type
text/html
date
Thu, 10 Aug 2023 02:01:47 GMT
last-modified
Sun, 30 Jul 2023 14:00:46 GMT
server
LiteSpeed
vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5612394638477254
Requested by
Host: nrolucky.top
URL: https://nrolucky.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nrolucky.top/
Origin
https://nrolucky.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50644
x-xss-protection
0
server
cafe
etag
10333085670345691953
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 02:01:49 GMT
logo%20(1).png
nrolucky.top/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrolucky.top/logo%20(1).png
Requested by
Host: nrolucky.top
URL: https://nrolucky.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.120 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host120.vietnix.vn
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:47 GMT
last-modified
Tue, 04 Jul 2023 15:10:22 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6540
expires
Thu, 17 Aug 2023 02:01:47 GMT
nr.png
gamehub.pro/images/ 		0
0
reg.png
gamehub.pro/images/ 		0
0
icon-gb-1.png
gamehub.pro//images/ 		0
0
style.css
nrolucky.top/ 		365 B
230 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nrolucky.top/style.css
Requested by
Host: nrolucky.top
URL: https://nrolucky.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.120 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host120.vietnix.vn
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:47 GMT
content-encoding
br
last-modified
Mon, 24 Jul 2023 08:52:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
167
expires
Thu, 17 Aug 2023 02:01:47 GMT
main.js
nrolucky.top/ 		2 KB
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nrolucky.top/main.js
Requested by
Host: nrolucky.top
URL: https://nrolucky.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.200.23.120 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host120.vietnix.vn
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:47 GMT
content-encoding
br
last-modified
Mon, 24 Jul 2023 08:53:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
568
expires
Thu, 17 Aug 2023 02:01:47 GMT
Primary Request /
nrolucky.top/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://nrolucky.top/
Requested by
Host: nrolucky.top
URL: https://nrolucky.top/
Protocol
HTTP/1.1
Server
103.200.23.120 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host120.vietnix.vn
Software
LiteSpeed /
Resource Hash
d6cb2d99d63a108b324306c206dc31d58c1ad3b5172aeb3d7e091d15508fe89b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
accept-ranges
bytes
content-encoding
gzip
content-length
2604
content-type
text/html
date
Thu, 10 Aug 2023 02:01:48 GMT
last-modified
Sun, 30 Jul 2023 14:00:46 GMT
server
LiteSpeed
vary
Accept-Encoding
style.css
gamehub.pro/theme/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://gamehub.pro/theme/style.css
Requested by
Host: nrolucky.top
URL: http://nrolucky.top/
Protocol
HTTP/1.1
Server
103.82.32.49 , Viet Nam, ASN38733 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 /
Resource Hash
600b88cf7be9c0063fb690245a2519ac3c404a7d7d8f5d4db4165af5ee734c2e

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 02:01:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 14:13:39 GMT
Server
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
ETag
"803f6-f67-5b813b25be98c"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1151
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5612394638477254
Requested by
Host: nrolucky.top
URL: http://nrolucky.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b173110a1be462dff8b219e1e073dcf5ef30be8356349e5397cd6f10d1cdb420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nrolucky.top/
Origin
http://nrolucky.top
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50649
x-xss-protection
0
server
cafe
etag
4913683632056663252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 02:01:49 GMT
logo%20(1).png
nrolucky.top/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nrolucky.top/logo%20(1).png
Requested by
Host: nrolucky.top
URL: http://nrolucky.top/
Protocol
HTTP/1.1
Server
103.200.23.120 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host120.vietnix.vn
Software
LiteSpeed /
Resource Hash
c4e3c034eb6192e7682c35d3b352df25fe8efbf04c5dbfcd48d7b7ddb204d116

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:48 GMT
last-modified
Tue, 04 Jul 2023 15:10:22 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
6540
expires
Thu, 17 Aug 2023 02:01:48 GMT
nr.png
gamehub.pro/images/ 		800 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gamehub.pro/images/nr.png
Requested by
Host: nrolucky.top
URL: http://nrolucky.top/
Protocol
HTTP/1.1
Server
103.82.32.49 , Viet Nam, ASN38733 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 /
Resource Hash
2c5ca7abf9bf00cad3ebf7ae95f10abd33d922e1818eb704c1b9b2a2af68d415

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 02:01:50 GMT
Last-Modified
Sat, 27 Jan 2018 17:31:05 GMT
Server
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
ETag
"890a6-320-563c560b693dd"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
800
reg.png
gamehub.pro/images/ 		559 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gamehub.pro/images/reg.png
Requested by
Host: nrolucky.top
URL: http://nrolucky.top/
Protocol
HTTP/1.1
Server
103.82.32.49 , Viet Nam, ASN38733 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 /
Resource Hash
4e29711aa693e8da47dc38c63c029eb8860fec240c5483b36f8b2c47f40b5afe

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 02:01:50 GMT
Last-Modified
Tue, 04 Apr 2017 15:26:26 GMT
Server
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
ETag
"7fc35-22f-54c58e62b8c80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
559
icon-gb-1.png
gamehub.pro//images/ 		780 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gamehub.pro//images/icon-gb-1.png
Requested by
Host: nrolucky.top
URL: http://nrolucky.top/
Protocol
HTTP/1.1
Server
103.82.32.49 , Viet Nam, ASN38733 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 /
Resource Hash
1285a4d094ea2e3c99d880039f729e21e89533fe051dc30daec7e308bc07fb59

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 02:01:50 GMT
Last-Modified
Sun, 11 Sep 2016 12:49:02 GMT
Server
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
ETag
"7fc20-30c-53c3acdcbab80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
780
style.css
nrolucky.top/ 		365 B
592 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://nrolucky.top/style.css
Requested by
Host: nrolucky.top
URL: http://nrolucky.top/
Protocol
HTTP/1.1
Server
103.200.23.120 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host120.vietnix.vn
Software
LiteSpeed /
Resource Hash
33b8bd6b965b7feddbf6689ebe5cb9abfcdf625350035a982f4b1e011478219c

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:48 GMT
content-encoding
gzip
last-modified
Mon, 24 Jul 2023 08:52:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
222
expires
Thu, 17 Aug 2023 02:01:48 GMT
main.js
nrolucky.top/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nrolucky.top/main.js
Requested by
Host: nrolucky.top
URL: http://nrolucky.top/
Protocol
HTTP/1.1
Server
103.200.23.120 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host120.vietnix.vn
Software
LiteSpeed /
Resource Hash
13aca33d3b41d6ecf481b7c815af76f6c2dc45a2f8285ab41dd94820d9bf148e

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:48 GMT
content-encoding
gzip
last-modified
Mon, 24 Jul 2023 08:53:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
662
expires
Thu, 17 Aug 2023 02:01:48 GMT
DKKZCrJ-pK8
www.youtube.com/embed/ Frame 38DC 		85 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/DKKZCrJ-pK8
Requested by
Host: nrolucky.top
URL: http://nrolucky.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c632a6b771febf9ad7e51cde7d94c3f5735ebc575e3b285a206945be07759e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nrolucky.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Aug 2023 02:01:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
bg.jpg
nrolucky.top/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nrolucky.top/bg.jpg
Requested by
Host: nrolucky.top
URL: http://nrolucky.top/
Protocol
HTTP/1.1
Server
103.200.23.120 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
host120.vietnix.vn
Software
LiteSpeed /
Resource Hash
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Aug 2023 02:01:48 GMT
server
LiteSpeed
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
1238
topbanner.png
gamehub.pro/theme/images/ 		134 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gamehub.pro/theme/images/topbanner.png
Requested by
Host: gamehub.pro
URL: http://gamehub.pro/theme/style.css
Protocol
HTTP/1.1
Server
103.82.32.49 , Viet Nam, ASN38733 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 /
Resource Hash
754f28d32e1ce22a04da34ef9dbc1c8509adcf7f930e2d12ca2126d7c20703c9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gamehub.pro/theme/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 02:01:50 GMT
Last-Modified
Thu, 20 Aug 2015 15:19:47 GMT
Server
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
ETag
"80402-86-51dbfae7deac0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
134
k.png
gamehub.pro/theme/images/ 		250 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gamehub.pro/theme/images/k.png
Requested by
Host: gamehub.pro
URL: http://gamehub.pro/theme/style.css
Protocol
HTTP/1.1
Server
103.82.32.49 , Viet Nam, ASN38733 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 /
Resource Hash
02538fefd33a87ae5855b6bd748b5a9fdbfc9760352e70c290a4e9d23970a61c

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gamehub.pro/theme/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 02:01:50 GMT
Last-Modified
Thu, 05 May 2016 17:43:28 GMT
Server
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
ETag
"803fd-fa-5321be13e1000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
250
tmn.gif
gamehub.pro/theme/images/ 		96 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gamehub.pro/theme/images/tmn.gif
Requested by
Host: gamehub.pro
URL: http://gamehub.pro/theme/style.css
Protocol
HTTP/1.1
Server
103.82.32.49 , Viet Nam, ASN38733 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS
Software
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 /
Resource Hash
90c6b088c819f961402b4eb9bb9a55cb3713616a38abd0c964814a6aff11cd57

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gamehub.pro/theme/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 02:01:50 GMT
Last-Modified
Tue, 19 Aug 2014 04:10:12 GMT
Server
Apache/2.2.32 (Unix) mod_ssl/2.2.32 OpenSSL/1.0.1e-fips mod_fcgid/2.3.9
ETag
"80401-60-500f3a9f4d100"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
96
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070101/ 		372 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5612394638477254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc40d697ed2b1585b3b4bf766f315941aad302ddf604ab520abc118a9031abcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128527
x-xss-protection
0
server
cafe
etag
4657819327654900587
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 10 Aug 2023 02:01:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230808/r20190131/ Frame 118A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230808/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5612394638477254
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nrolucky.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
31563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 17:15:47 GMT
etag
12368291122986407432
expires
Wed, 23 Aug 2023 17:15:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/4eae42b1/ Frame 38DC 		381 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4eae42b1/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fb7120979b79e0a6a533d36b67a46b217feef83f4ff49cd765abf42556047d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/DKKZCrJ-pK8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
206015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49057
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 01:46:56 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Aug 2024 16:48:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 38DC 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 07:41:31 GMT
x-content-type-options
nosniff
age
498019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:41:31 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 38DC 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 10:39:53 GMT
x-content-type-options
nosniff
age
55317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:39:53 GMT
cookie.js
partner.googleadservices.com/gampad/ 		391 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=nrolucky.top&callback=_gfp_s_&client=ca-pub-5612394638477254
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc031e6ca4d8aa95a88728112f07924827e6746a4c967f2f96da8a897bba0240
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 885B 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5612394638477254&output=html&adk=1812271804&adf=3025194257&lmt=1690761646&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=http%3A%2F%2Fnrolucky.top%2F&ea=0&pra=5&wgl=1&dt=1691632910375&bpp=7&bdt=577&idt=323&shv=r20230808&mjsv=m202308070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6455220683730&frm=20&pv=2&ga_vid=909842877.1691632911&ga_sid=1691632911&ga_hid=1498750332&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31076924%2C44785292&oid=2&pvsid=2176597161087313&tmod=247579834&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=360
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nrolucky.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 10 Aug 2023 02:01:50 GMT
expires
Thu, 10 Aug 2023 02:01:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
embed.js
www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/ Frame 38DC 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7447d81ce91d510e0b5f3c403c1f50487496d77742f43b5181e0cffdaf658d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/DKKZCrJ-pK8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
206014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12921
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 01:46:56 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Aug 2024 16:48:16 GMT
www-embed-player.js
www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/ Frame 38DC 		312 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce04d0926e3aa679682b9a0e90a44742c1efa4dc06b3105116118242db22de42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/DKKZCrJ-pK8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
206014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95742
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 01:46:56 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Aug 2024 16:48:16 GMT
base.js
www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/ Frame 38DC 		2 MB
751 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93ff2a5dccf8aabd6bfeb4802c3e1a83d3ea191df149c554f2de9c53a0516ecf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/DKKZCrJ-pK8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
768959
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 01:46:56 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Aug 2024 16:48:15 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 38DC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H3
Server
2607:f8b0:4006:81c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39c35baf4a50fe4bcb00d09fea4ae93c61633ac779076b481913f05133ebbf5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 10 Aug 2023 02:01:51 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 38DC 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2006 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 01:52:09 GMT
x-content-type-options
nosniff
age
582
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 02:07:09 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 10 Aug 2023 02:01:51 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 38DC 		68 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d87545f78429a1b1b9b2c0458625a1226d8d5d3e6ebd9d17756eda9bc76becb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 10 Aug 2023 02:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31750
x-xss-protection
0
remote.js
www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/ Frame 38DC 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60ae0ce0c1196898c9617fa165155dd7deb916a47b7e8802a05fc2ce507ae098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/DKKZCrJ-pK8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
206015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33503
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 01:46:56 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Aug 2024 16:48:16 GMT
Ofi-maixvOccNjdU-TqjMECG8HqNf8sOF2eVZdTtiDE.js
www.google.com/js/th/ Frame 38DC 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Ofi-maixvOccNjdU-TqjMECG8HqNf8sOF2eVZdTtiDE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39f8be99a8b1bce71c363754f93aa3304086f07a8d7fcb0e17679565d4ed8831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:30:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
113499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14711
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 18:30:12 GMT
sddefault.jpg
i.ytimg.com/vi/DKKZCrJ-pK8/ Frame 38DC 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/DKKZCrJ-pK8/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2016 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f549991e7ca1fc557af2d1a3961aa57f897f6cd4dcaa61bfb4cc4564457f6c4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:51 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63188
x-xss-protection
0
server
sffe
etag
"1689608429"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 10 Aug 2023 04:01:51 GMT
truncated
/ Frame 38DC 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
AI-pMLsD68igrmoz9cJ56XKC-Fgm_5Xp3br-aQHOiQbJndsCeoazKfMW1uU2FkP39mJO2OVM=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 38DC 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/AI-pMLsD68igrmoz9cJ56XKC-Fgm_5Xp3br-aQHOiQbJndsCeoazKfMW1uU2FkP39mJO2OVM=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a2a4bac4ca0d235d2ed5ceb1e1369bce1a95f4a1fe928db8f24e3cca5c7f0bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:51 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="channels4_profile.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2335
x-xss-protection
0
expires
Fri, 11 Aug 2023 02:01:51 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 38DC 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 15:54:37 GMT
x-content-type-options
nosniff
age
36434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 15:54:37 GMT
KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 38DC 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 10:35:24 GMT
x-content-type-options
nosniff
age
55587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5224
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 10:35:24 GMT
generate_204
www.youtube.com/ Frame 38DC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?U7wXzg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/DKKZCrJ-pK8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/DKKZCrJ-pK8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 10 Aug 2023 02:01:51 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 38DC 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b8952ea1d66fdb3cdd472cca47fd69d02197d070807f78d522a66d5bfb80d12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 10 Aug 2023 02:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 38DC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 02:01:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230808&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5717ff89b9aa42dc22f0beadef28ef5a46a1c57e3c8a33b4bba81bcb0faf416c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11653
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 02:01:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A39 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://nrolucky.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
114517
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 18:13:15 GMT
expires
Wed, 07 Aug 2024 18:13:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 092B 		783 B
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9d8148fb6154cf67d5f6a1c166b91e2bb2882141b37fd91498e7cd8f56127260
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H6u1gP4RQfW_M8UbNHpDXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://nrolucky.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-H6u1gP4RQfW_M8UbNHpDXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 10 Aug 2023 02:01:52 GMT
expires
Thu, 10 Aug 2023 02:01:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
pagead2.googlesyndication.com/bg/ Frame 7A39 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 06:14:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
157639
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 12:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 06:14:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 092B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230808&jk=2176597161087313&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7A39 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KPPy5Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 02:01:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-5612394638477254&su=nrolucky.top&eid=44759842%2C44759927%2C44759876%2C31076924%2C44785292&doc=complete&pg_h=970&pg_w=1600&pg_hs=1200&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 Aug 2023 02:01:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230808&jk=2176597161087313&bg=!WVqlWg7NAAaiGN5Pghg7ADkAdvg8WntPHYqQScDQVGooxPtGCJlGbC78jM-N5EUVIewBHRHOqlP5Ks6nIvAr4mwuTtsm6jIIm9UCAAAAnlIAAAALaAEHCgANokM5U-6RK_tpMjPkPZkCzCssoWfDlgZKzDcZFI0mFyPoppzGC7P1uJ7WyNAD1sXFM7OcMgbFlbO_2INHMuFmovv3SFl2BSm0V48rk0AZU4cL3kJievCmx0bYw4kC8gD_6XeZYek-hz1JqPG8VPXYF3b9-xNV_gT5ELUI34Ug32PdwV3T9rEyaDDgFF2lYPiDWFpVo6mxj9Wn-uAa8sBka2LqhC6StFLRVy_sQMIV3ca3zx60Mgnk3QVlF-wZr7jj1CFsrxI3AsiKWUwRHagyuNIRisPZsF5c505e_ch8lOUnyz_P52anJFnhg7AEYdwh9XboCGVPcOusBpmyx89g-SGHi4AlIjLi4BPTTxJW0DLg4zbIJKlxcXaHy1hAHQD5lqPEwtER7BhtKOBgc-lUIToz34f5Po8N3vzLhY9YaPmCEnfTF5aW9vSQRy3BVmCA7SeI9M22mLIOwzwCjHqsxAyECc6goJcJbJ4ksP4X_eJRQNDJOdjRm5DFE7fN9iZ3qGPZ90I130fmnoJIDRXrCiJQ94iZ2lYkmFGkJ_6EW4ycp0y-rXr_s2gwN7UkfcYe1TKiNw4St55vuDAUfmT9_H8KQMWXRJvz-7Kf8nfFqYESsDn_yNB7xefWbHlc18kZuLiXikRDNPUdM7UqmKYrC6B_LeVQpzSZadJZN1Ql-0J9QQSgms3TX_bOfxX_xWQh5GyiOWDCi9u4x3O2AtyOqxXmzW-JOaGziS9C91GbRPmsBe-qN_2gUWf6sstG5Vh7MVt7oeey3U9LSnYe1c48GsLNf5t8Sd3dIf4Nvl-4kP76HDCCKONoCrjVGjurv12Eksf31mssYQUycHhj0LjbeXaQUJPaqTuGRiZ8qA4ztO7Gt-3QZ1V_STUcaxlHOh_V_V0j6Xxohxpx-M7KdC_ycQ9lEyYW1J1McpRlRQkPv3CjseDjKKAtBu8-igbmm3xwg5gk-oR1YB_dD7hi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://nrolucky.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
log_event
www.youtube.com/youtubei/v1/ Frame 38DC 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eae42b1/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
X-Goog-Request-Time
1691632913990
Content-Type
application/json
X-YouTube-Utc-Offset
-600
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/DKKZCrJ-pK8
X-YouTube-Client-Version
1.20230806.00.00
X-YouTube-Time-Zone
Pacific/Honolulu
X-Goog-Visitor-Id
Cgs4bTFtc05oSlZjNCiOitGmBjIICgJVUxICGgA%3D
X-YouTube-Ad-Signals
dt=1691632910868&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 10 Aug 2023 02:01:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gamehub.pro
URL
https://gamehub.pro/images/nr.png
Domain
gamehub.pro
URL
https://gamehub.pro/images/reg.png
Domain
gamehub.pro
URL
https://gamehub.pro//images/icon-gb-1.png

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| showComments function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: c8lAu7CWbPc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 8m1msNhJVc4
.nrolucky.top/ Name: __gads
Value: ID=93fb8dc55171e3ff-22b9794795e3002c:T=1691632910:RT=1691632910:S=ALNI_MZr71VS8Ev1xc_-jDAP_XQTaN8QZA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.nrolucky.top/ Name: __gpi
Value: UID=00000d89eade8011:T=1691632910:RT=1691632910:S=ALNI_MYm2EL3B_656Zq_q3tA6eZ9JZleCg

9 Console Messages

Source Level URL
Text
security warning URL: https://nrolucky.top/
Message:
Mixed Content: The page at 'https://nrolucky.top/' was loaded over HTTPS, but requested an insecure element 'http://gamehub.pro/images/nr.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nrolucky.top/
Message:
Mixed Content: The page at 'https://nrolucky.top/' was loaded over HTTPS, but requested an insecure element 'http://gamehub.pro/images/reg.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nrolucky.top/
Message:
Mixed Content: The page at 'https://nrolucky.top/' was loaded over HTTPS, but requested an insecure element 'http://gamehub.pro//images/icon-gb-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nrolucky.top/
Message:
Mixed Content: The page at 'https://nrolucky.top/' was loaded over HTTPS, but requested an insecure element 'http://gamehub.pro//images/icon-gb-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://nrolucky.top/
Message:
Mixed Content: The page at 'https://nrolucky.top/' was loaded over HTTPS, but requested an insecure element 'http://gamehub.pro//images/icon-gb-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering warning URL: http://nrolucky.top/(Line 15)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
other warning URL: http://nrolucky.top/(Line 83)
Message:
Unrecognized feature: 'web-share'.
network error URL: http://nrolucky.top/bg.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
gamehub.pro
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
nrolucky.top
pagead2.googlesyndication.com
partner.googleadservices.com
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
gamehub.pro
103.200.23.120
103.82.32.49
2607:f8b0:4006:806::2016
2607:f8b0:4006:808::200a
2607:f8b0:4006:809::2003
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::2006
2607:f8b0:4006:81f::200e
2607:f8b0:4006:822::2002
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02538fefd33a87ae5855b6bd748b5a9fdbfc9760352e70c290a4e9d23970a61c
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
1285a4d094ea2e3c99d880039f729e21e89533fe051dc30daec7e308bc07fb59
13aca33d3b41d6ecf481b7c815af76f6c2dc45a2f8285ab41dd94820d9bf148e
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
2c5ca7abf9bf00cad3ebf7ae95f10abd33d922e1818eb704c1b9b2a2af68d415
33b8bd6b965b7feddbf6689ebe5cb9abfcdf625350035a982f4b1e011478219c
39c35baf4a50fe4bcb00d09fea4ae93c61633ac779076b481913f05133ebbf5e
39f8be99a8b1bce71c363754f93aa3304086f07a8d7fcb0e17679565d4ed8831
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fb7120979b79e0a6a533d36b67a46b217feef83f4ff49cd765abf42556047d8
4b8952ea1d66fdb3cdd472cca47fd69d02197d070807f78d522a66d5bfb80d12
4e29711aa693e8da47dc38c63c029eb8860fec240c5483b36f8b2c47f40b5afe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5717ff89b9aa42dc22f0beadef28ef5a46a1c57e3c8a33b4bba81bcb0faf416c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
600b88cf7be9c0063fb690245a2519ac3c404a7d7d8f5d4db4165af5ee734c2e
60ae0ce0c1196898c9617fa165155dd7deb916a47b7e8802a05fc2ce507ae098
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7447d81ce91d510e0b5f3c403c1f50487496d77742f43b5181e0cffdaf658d6a
754f28d32e1ce22a04da34ef9dbc1c8509adcf7f930e2d12ca2126d7c20703c9
90c6b088c819f961402b4eb9bb9a55cb3713616a38abd0c964814a6aff11cd57
93ff2a5dccf8aabd6bfeb4802c3e1a83d3ea191df149c554f2de9c53a0516ecf
9d8148fb6154cf67d5f6a1c166b91e2bb2882141b37fd91498e7cd8f56127260
a2a4bac4ca0d235d2ed5ceb1e1369bce1a95f4a1fe928db8f24e3cca5c7f0bec
b173110a1be462dff8b219e1e073dcf5ef30be8356349e5397cd6f10d1cdb420
c4e3c034eb6192e7682c35d3b352df25fe8efbf04c5dbfcd48d7b7ddb204d116
c632a6b771febf9ad7e51cde7d94c3f5735ebc575e3b285a206945be07759e41
cc031e6ca4d8aa95a88728112f07924827e6746a4c967f2f96da8a897bba0240
ce04d0926e3aa679682b9a0e90a44742c1efa4dc06b3105116118242db22de42
d6cb2d99d63a108b324306c206dc31d58c1ad3b5172aeb3d7e091d15508fe89b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87545f78429a1b1b9b2c0458625a1226d8d5d3e6ebd9d17756eda9bc76becb1
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f549991e7ca1fc557af2d1a3961aa57f897f6cd4dcaa61bfb4cc4564457f6c4a
fc40d697ed2b1585b3b4bf766f315941aad302ddf604ab520abc118a9031abcf