old.ciuhannorpruckmole.cf Open in urlscan Pro
2606:4700:3034::ac43:c01f Public Scan

Go To Rescan
Add Verdict Report

URL:
http://old.ciuhannorpruckmole.cf/
Submission: On January 10 via api (January 10th 2023, 1:12:41 pm UTC) from US — Scanned from US

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 14 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3034::ac43:c01f, located in United States and belongs to CLOUDFLARENET, US. The main domain is old.ciuhannorpruckmole.cf.

This is the only time old.ciuhannorpruckmole.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::ac43:c01f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:213d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.67.64.21 54.67.64.21	16509 (AMAZON-02) (AMAZON-02)
1	2600:1400:d::... 2600:1400:d::1721:ee08	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
2	82.165.135.156 82.165.135.156	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2006	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2016	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
31	17

1 2606:4700:3034::ac43:c01f (United States)

ASN13335 (CLOUDFLARENET, US)

old.ciuhannorpruckmole.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:213d (United States)

ASN13335 (CLOUDFLARENET, US)

www.roadonmap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.67.64.21 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-64-21.us-west-1.compute.amazonaws.com

c8.alamy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d::1721:ee08 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:820::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

image.isu.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.165.135.156 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: s21209103.onlinehome-server.info

www.singlesover60.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.singlesover50.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80a::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2016 (Nutley, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 98	830 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	92 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127 jnn-pa.googleapis.com — Cisco Umbrella Rank: 323	32 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 static.doubleclick.net — Cisco Umbrella Rank: 393	1 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	19 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 204	4 KB
1	google.com www.google.com — Cisco Umbrella Rank: 16	15 KB
1	singlesover50.co.za www.singlesover50.co.za	13 KB
1	singlesover60.co.za www.singlesover60.co.za	44 KB
1	isu.pub image.isu.pub — Cisco Umbrella Rank: 68571	166 KB
1	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 1780	20 KB
1	alamy.com c8.alamy.com — Cisco Umbrella Rank: 33202	161 KB
1	roadonmap.com www.roadonmap.com	13 KB
1	ciuhannorpruckmole.cf old.ciuhannorpruckmole.cf	27 KB
31	14

	Domain	Requested by
9	www.youtube.com	old.ciuhannorpruckmole.cf www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	www.gstatic.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.singlesover50.co.za	old.ciuhannorpruckmole.cf
1	www.singlesover60.co.za	old.ciuhannorpruckmole.cf
1	image.isu.pub	old.ciuhannorpruckmole.cf
1	i.pinimg.com	old.ciuhannorpruckmole.cf
1	c8.alamy.com	old.ciuhannorpruckmole.cf
1	www.roadonmap.com	old.ciuhannorpruckmole.cf
1	fonts.googleapis.com	old.ciuhannorpruckmole.cf
1	old.ciuhannorpruckmole.cf
31	17

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.alamy.com GeoTrust RSA CA 2018	`2022-06-16` - `2023-06-16`	a year	crt.sh
i2.pinimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-05-14`	10 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.isu.pub GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-30` - `2023-11-01`	a year	crt.sh
singlesover60.co.za R3	`2022-11-28` - `2023-02-26`	3 months	crt.sh
singlesover50.co.za R3	`2022-12-08` - `2023-03-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://old.ciuhannorpruckmole.cf/
Frame ID: 9E0796D57535314CFD94DEE7D21394F9
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/e9PslDILww0
Frame ID: CBED3F57C73A3F1565E6604BF364A75C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vryheid, KwaZulu-Natal, South Africa Weather

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

31
Requests

84 %
HTTPS

88 %
IPv6

14
Domains

17
Subdomains

17
IPs

2
Countries

1435 kB
Transfer

3788 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

31 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
old.ciuhannorpruckmole.cf/ 80 KB
27 KB 622ms
316ms Document
text/html 2606:4700:3034::ac43:c01f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://old.ciuhannorpruckmole.cf/
Protocol: HTTP/1.1
Server: 2606:4700:3034::ac43:c01f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a798c9ebf12ec2f20617207c28ae590d51d2e5a4793d7354abda8e3f6f11acd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7875aa1babb9dabd-MIA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 10 Jan 2023 13:12:29 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0g60cFJz99LU6mvU9ExZk3nFILfZoPhEZ5XczXZoOel1%2BNjsarC8bsSjZ05J1sMG5YKOLSFdiXrqsh%2BRN8GthBVEiVJuL6zEKWT8JKnrpXsMTBAaDRjByuSboC6Hfd4IxddGAet7kdGqwog4latenw6PHeQI56j"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
1 KB 195ms
80ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Requested by

Host: old.ciuhannorpruckmole.cf
URL: http://old.ciuhannorpruckmole.cf/

Protocol

HTTP/1.1

Server

2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

629b012c851f4242e4e12f5f51c9e02609423e89cafee41bc838631114ac9455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://old.ciuhannorpruckmole.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 10 Jan 2023 13:12:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Tue, 10 Jan 2023 12:08:09 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 10 Jan 2023 13:12:29 GMT

GET
H2 200 za%E2%80%94where-is%E2%80%94431%E2%80%94kwazulu_natal.jpg
www.roadonmap.com/images/ 13 KB
13 KB 438ms
295ms Image
image/jpeg 2606:4700:3033::6815:213d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.roadonmap.com/images/za%E2%80%94where-is%E2%80%94431%E2%80%94kwazulu_natal.jpg
Requested by: Host: old.ciuhannorpruckmole.cf
URL: http://old.ciuhannorpruckmole.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:213d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 755e719f72fbebeed8ec0c62ca22b364fa4c0d1e5df7e0afe9190af160d58c8a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://old.ciuhannorpruckmole.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 13:12:29 GMT
cf-cache-status: MISS
last-modified: Tue, 10 Jan 2023 13:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEInkFn8Ms%2FA2xDIFVK50%2BUTVTKBmhm4Fj9Rxbk4NKLS%2FMtaQwAo%2FhmBDMJ6YW9pMdvthiXDb2VMvl6M4R%2BsxR1cxyqx5U1yr9WkXj%2BNxf5jtGT7ePhY5SFCKqAok06jsnTKaTpbJcvY1yS6PzlKvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7875aa1ed81402e0-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 willowmore-south-africa-march-23-2017-road-signs-on-the-n9-road-at-J0M073.jpg
c8.alamy.com/comp/J0M073/ 161 KB
161 KB 548ms
209ms Image
image/jpeg 54.67.64.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c8.alamy.com/comp/J0M073/willowmore-south-africa-march-23-2017-road-signs-on-the-n9-road-at-J0M073.jpg
Requested by: Host: old.ciuhannorpruckmole.cf
URL: http://old.ciuhannorpruckmole.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.64.21 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-64-21.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1212386a81b042ff985d1db8907e6ce59a047b773be52f6eac88cc9226ba9407

Request headers

accept-language: en-US,en;q=0.9
Referer: http://old.ciuhannorpruckmole.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 10 Jan 2023 13:12:29 GMT
cache-control: max-age=604800
last-modified: Tue Oct 19 2021 00:00:00 GMT+0000 (Coordinated Universal Time)
content-type: image/jpeg

GET
H2 200 d3d84d97006275aad9b01fbc902fd1af.jpg
i.pinimg.com/474x/d3/d8/4d/ 20 KB
20 KB 542ms
208ms Image
image/jpeg 2600:1400:d::1721:ee08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/474x/d3/d8/4d/d3d84d97006275aad9b01fbc902fd1af.jpg
Requested by: Host: old.ciuhannorpruckmole.cf
URL: http://old.ciuhannorpruckmole.cf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::1721:ee08 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 961101317696fb5723b601f4d100262fc1a675e1633b5e90261ed5d2b9c929e5

Request headers

accept-language: en-US,en;q=0.9
Referer: http://old.ciuhannorpruckmole.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.04ee2117.1673356349.18292e1b
etag: "2944db0b8d2881d4aca1f79f99d5e341"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 20073

GET
H2 200 e9PslDILww0 Show response
www.youtube.com/embed/ Frame CBED 70 KB
29 KB 493ms
202ms Document
text/html 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/e9PslDILww0

Requested by

Host: old.ciuhannorpruckmole.cf
URL: http://old.ciuhannorpruckmole.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04c4b1e43f5f4191ac998082c76d527d2c42e4cf19b6b502f0ce3330c9fe1045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://old.ciuhannorpruckmole.cf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 13:12:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 page_1_thumb_large.jpg
image.isu.pub/180201072642-4224a85ac609ed349bae64bf5567a3b7/jpg/ 166 KB
166 KB 309ms
186ms Image
image/jpeg 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.isu.pub/180201072642-4224a85ac609ed349bae64bf5567a3b7/jpg/page_1_thumb_large.jpg
Requested by: Host: old.ciuhannorpruckmole.cf
URL: http://old.ciuhannorpruckmole.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 092fc35583e8ccfad17003f176314533cffb835ff781baad23ac6f4e44a07bc1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://old.ciuhannorpruckmole.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 13:12:29 GMT
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: Q4GGSKKMD1QB6M9M
age: 0
x-cache: MISS, MISS
content-length: 169842
x-amz-id-2: ebjtMtrV+UirBuziUYK8mBERccsCMzwm+sBW6/bW7mXOdTLyhrEk4x3+nLiu6DzZLmpBc+pEF/s=
x-served-by: cache-iad-kjyo7100173-IAD, cache-mia11366-MIA
last-modified: Thu, 01 Feb 2018 07:34:08 GMT
server: AmazonS3
x-timer: S1673356349.386865,VS0,VE117
etag: "1dd142b76da0b132437dc19e2bc1915d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK what-is-online-dating.jpg
www.singlesover60.co.za/images/ 43 KB
44 KB 1362ms
184ms Image
image/jpeg 82.165.135.156
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.singlesover60.co.za/images/what-is-online-dating.jpg
Requested by: Host: old.ciuhannorpruckmole.cf
URL: http://old.ciuhannorpruckmole.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.165.135.156 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: s21209103.onlinehome-server.info
Software: Apache / PleskLin
Resource Hash: 0e7e2d6622f1c9d6dd662f1fe5bd458b8dc59e78da9ccb31435c82bb518b19be

Request headers

accept-language: en-US,en;q=0.9
Referer: http://old.ciuhannorpruckmole.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 10 Jan 2023 13:12:30 GMT
Last-Modified: Wed, 27 Mar 2019 15:23:11 GMT
Server: Apache
ETag: "ad23-5851503fe37a5"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 44323

GET
H/1.1 200
OK singles-over-50-za-social.jpg
www.singlesover50.co.za/images/ 13 KB
13 KB 1381ms
158ms Image
image/jpeg 82.165.135.156
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.singlesover50.co.za/images/singles-over-50-za-social.jpg
Requested by: Host: old.ciuhannorpruckmole.cf
URL: http://old.ciuhannorpruckmole.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.165.135.156 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: s21209103.onlinehome-server.info
Software: Apache / PleskLin
Resource Hash: 805834fb6ff809a7aebceed15f4b035e38f2ac0f2d900d7b423f3c3be80f9cb7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://old.ciuhannorpruckmole.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 10 Jan 2023 13:12:30 GMT
Last-Modified: Wed, 27 Mar 2019 16:14:44 GMT
Server: Apache
ETag: "34af-58515bc5d5cf6"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Cache-Control: max-age=63072000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13487

GET
H/1.1 200
OK jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 27 KB
27 KB 178ms
105ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://old.ciuhannorpruckmole.cf
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 07 Jan 2023 08:17:35 GMT
X-Content-Type-Options: nosniff
Age: 276894
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 27268
X-XSS-Protection: 0
Last-Modified: Mon, 11 Jul 2022 18:56:23 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 07 Jan 2024 08:17:35 GMT

GET
H/1.1 200
OK jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
fonts.gstatic.com/s/librefranklin/v13/ 30 KB
31 KB 179ms
104ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/librefranklin/v13/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efe16fd64edb961d670fd35ee4a211ec22cb9e2fa6850cbbf13464dace1b39e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://old.ciuhannorpruckmole.cf
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 09:04:52 GMT
X-Content-Type-Options: nosniff
Age: 446857
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 30628
X-XSS-Protection: 0
Last-Modified: Mon, 11 Jul 2022 18:55:36 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 05 Jan 2024 09:04:52 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/d759e46a/ Frame CBED 360 KB
49 KB 78ms
74ms Stylesheet
text/css 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d759e46a/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/e9PslDILww0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/e9PslDILww0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49911
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 01:16:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jan 2024 18:40:40 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/d759e46a/www-embed-player.vflset/ Frame CBED 341 KB
107 KB 152ms
149ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d759e46a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/e9PslDILww0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c5f44b8a3a7eeca67537acc0adf028a587c3a5ab68e6d0c836156a75f83b28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/e9PslDILww0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109234
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 01:16:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jan 2024 18:40:50 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/ Frame CBED 2 MB
597 KB 213ms
212ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/e9PslDILww0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55c388f3486b54a74fafd7ba5f40d60e89eb66269f2ee4cf00235207c2105793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/e9PslDILww0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611140
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 01:16:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jan 2024 18:40:40 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d759e46a/fetch-polyfill.vflset/ Frame CBED 9 KB
3 KB 242ms
240ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d759e46a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/e9PslDILww0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/e9PslDILww0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 01:16:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jan 2024 18:40:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CBED 15 KB
16 KB 680ms
67ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/e9PslDILww0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:59:51 GMT
x-content-type-options: nosniff
age: 594759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 Jan 2024 15:59:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CBED 15 KB
15 KB 711ms
99ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/e9PslDILww0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 16:47:01 GMT
x-content-type-options: nosniff
age: 591929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 16:47:01 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CBED
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

286ms
101ms

XHR
application/json

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/e9PslDILww0

Protocol

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f500410c0b5d9a35f2087e4ad553ecc546748317e4cffe5185b5cc4e40f49345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 13:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 10 Jan 2023 13:12:30 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CBED 29 B
588 B 258ms
70ms Script
text/javascript 2607:f8b0:4006:820::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 13:05:08 GMT
x-content-type-options: nosniff
age: 442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Jan 2023 13:20:08 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 276ms
72ms Preflight
text/html 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 10 Jan 2023 13:12:31 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CBED 66 KB
30 KB 247ms
101ms XHR
application/json+protobuf 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e6f09cbf95068280f9455921f2ae6ea71df6ce192215949dd9bbd89dece0857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 10 Jan 2023 13:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30979
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/ Frame CBED 119 KB
36 KB 75ms
73ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0320f36b1a5e364f4fe4815392755d3f6213756ca73488b67d6a02a514bda358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/e9PslDILww0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37182
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 01:16:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jan 2024 18:40:40 GMT

GET
H2 200 YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js Show response
www.google.com/js/th/ Frame CBED 36 KB
15 KB 261ms
76ms Script
text/javascript 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/YkfklCtf3s5-_1quWHAnTHHVaBZ-i7ToAeXFpu3i2Ro.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6247e4942b5fdece7eff5aae5870274c71d568167e8bb4e801e5c5a6ede2d91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 03:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14349
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 03:31:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/ Frame CBED 26 KB
8 KB 88ms
82ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef1566b2eb2bfbc0d3fbaa9fb06903cb330fec0965665a70009f93c2187518a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/e9PslDILww0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 18:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8332
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 01:16:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jan 2024 18:40:51 GMT

GET
DATA 200
OK truncated
/ Frame CBED 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu_FP4j49jiJaATLas63voBfV0RpPJccqtwTVb-0kw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CBED 3 KB
4 KB 293ms
89ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu_FP4j49jiJaATLas63voBfV0RpPJccqtwTVb-0kw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/e9PslDILww0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f041514ed3a3cfe1828dcf98829a8a87247d0e5032287a00c3603e9976396abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 10:15:03 GMT
x-content-type-options: nosniff
age: 10648
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3503
x-xss-protection: 0
server: fife
etag: "v392"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 18 Dec 2022 01:49:48 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/e9PslDILww0/ Frame CBED 19 KB
19 KB 310ms
119ms Image
image/webp 2607:f8b0:4006:80d::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/e9PslDILww0/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/e9PslDILww0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2016 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ad80d24c852e4d648db3343908c9537de9fcc2a6ff3362d90cd5c543fa0ffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 13:12:31 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19346
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 10 Jan 2023 15:12:31 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CBED 90 B
134 B 76ms
76ms XHR
application/json+protobuf 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b1b879f35bf91827715456c4500323d89e39fd97b1fe09d511880e3590fe4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 10 Jan 2023 13:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 73ms
72ms Preflight
text/html 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 10 Jan 2023 13:12:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame CBED 0
10 B 86ms
85ms Image
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?RzGCyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/e9PslDILww0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 13:12:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CBED 4 KB
3 KB 546ms
81ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 13:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Jan 2023 13:12:33 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CBED 28 B
50 B 89ms
88ms XHR
application/json 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d759e46a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1673356354209
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/e9PslDILww0
X-YouTube-Client-Version: 1.20230108.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtiV1dJVDNGcmNkRSi9yPWdBg%3D%3D
X-YouTube-Ad-Signals: dt=1673356350194&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 10 Jan 2023 13:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
old.ciuhannorpruckmole.cf/	1969-12-31 23:59:59	Name: ch1c Value: b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: WLvhC72jgpY
.youtube.com/	1970-01-20 13:08:28	Name: VISITOR_INFO1_LIVE Value: bWWIT3FrcdE
.youtube.com/	1970-01-20 13:08:28	Name: DEVICE_INFO Value: ChxOekU0TnpBeE1EYzVOVE0wTVRNd056YzBOdz09EL3I9Z0GGL3I9Z0G

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c8.alamy.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.pinimg.com
i.ytimg.com
image.isu.pub
jnn-pa.googleapis.com
old.ciuhannorpruckmole.cf
static.doubleclick.net
www.google.com
www.gstatic.com
www.roadonmap.com
www.singlesover50.co.za
www.singlesover60.co.za
www.youtube.com
yt3.ggpht.com
2600:1400:d::1721:ee08
2606:4700:3033::6815:213d
2606:4700:3034::ac43:c01f
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2016
2607:f8b0:4006:80e::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2004
2607:f8b0:4006:820::2006
2607:f8b0:4006:820::200e
2a04:4e42:200::622
54.67.64.21
82.165.135.156
0320f36b1a5e364f4fe4815392755d3f6213756ca73488b67d6a02a514bda358
04c4b1e43f5f4191ac998082c76d527d2c42e4cf19b6b502f0ce3330c9fe1045
092fc35583e8ccfad17003f176314533cffb835ff781baad23ac6f4e44a07bc1
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0e7e2d6622f1c9d6dd662f1fe5bd458b8dc59e78da9ccb31435c82bb518b19be
1212386a81b042ff985d1db8907e6ce59a047b773be52f6eac88cc9226ba9407
1c5f44b8a3a7eeca67537acc0adf028a587c3a5ab68e6d0c836156a75f83b28d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
55c388f3486b54a74fafd7ba5f40d60e89eb66269f2ee4cf00235207c2105793
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ad80d24c852e4d648db3343908c9537de9fcc2a6ff3362d90cd5c543fa0ffcf
5b1b879f35bf91827715456c4500323d89e39fd97b1fe09d511880e3590fe4b4
5ef1566b2eb2bfbc0d3fbaa9fb06903cb330fec0965665a70009f93c2187518a
6247e4942b5fdece7eff5aae5870274c71d568167e8bb4e801e5c5a6ede2d91a
629b012c851f4242e4e12f5f51c9e02609423e89cafee41bc838631114ac9455
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
755e719f72fbebeed8ec0c62ca22b364fa4c0d1e5df7e0afe9190af160d58c8a
7e6f09cbf95068280f9455921f2ae6ea71df6ce192215949dd9bbd89dece0857
805834fb6ff809a7aebceed15f4b035e38f2ac0f2d900d7b423f3c3be80f9cb7
961101317696fb5723b601f4d100262fc1a675e1633b5e90261ed5d2b9c929e5
a798c9ebf12ec2f20617207c28ae590d51d2e5a4793d7354abda8e3f6f11acd1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efe16fd64edb961d670fd35ee4a211ec22cb9e2fa6850cbbf13464dace1b39e2
f041514ed3a3cfe1828dcf98829a8a87247d0e5032287a00c3603e9976396abf
f500410c0b5d9a35f2087e4ad553ecc546748317e4cffe5185b5cc4e40f49345
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

old.ciuhannorpruckmole.cf Open in urlscan Pro 2606:4700:3034::ac43:c01f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

31 Requests

84 %HTTPS

88 %IPv6

14 Domains

17 Subdomains

17 IPs

2 Countries

1435 kBTransfer

3788 kBSize

4 Cookies

0 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

old.ciuhannorpruckmole.cf Open in urlscan Pro
2606:4700:3034::ac43:c01f Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

84 %
HTTPS

88 %
IPv6

14
Domains

17
Subdomains

17
IPs

2
Countries

1435 kB
Transfer

3788 kB
Size

4
Cookies

31 HTTP transactions
1 data transactions