urlscan.io logo urlscan.io
SecurityTrails logo

secured-login.net Open in urlscan Pro
3.231.232.165  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url.avanan.click/v2/___https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K...
Effective URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2c...
Submission: On February 16 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 29 HTTP transactions. The main IP is 3.231.232.165, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is secured-login.net. The Cisco Umbrella rank of the primary domain is 103832.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 27th 2023. Valid for: a year.
This is the only time secured-login.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Phishing Simulation (Internet)

Domain & IP information

1    2600:9000:2127:3000:1e:9997:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)
url.avanan.click
6    3.231.232.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-232-165.compute-1.amazonaws.com
chase.com-onlinebanking.com
secured-login.net
1    52.216.61.49 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
helpimg.s3.amazonaws.com
1    2606:4700::6810:6fd1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
8    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
1009 KB
5 secured-login.net
secured-login.net — Cisco Umbrella Rank: 103832
777 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 230
41 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
static.doubleclick.net — Cisco Umbrella Rank: 271
1 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 218
4 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
11 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
20 KB
1 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 9835
5 KB
1 amazonaws.com
helpimg.s3.amazonaws.com — Cisco Umbrella Rank: 139135
60 KB
1 com-onlinebanking.com
chase.com-onlinebanking.com — Cisco Umbrella Rank: 189291
851 B
1 avanan.click
url.avanan.click — Cisco Umbrella Rank: 75797
607 B
29 12
Domain Requested by
8 www.youtube.com secured-login.net
www.youtube.com
5 secured-login.net chase.com-onlinebanking.com
4 jnn-pa.googleapis.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 cdn2.hubspot.net secured-login.net
1 helpimg.s3.amazonaws.com secured-login.net
1 chase.com-onlinebanking.com
1 url.avanan.click 1 redirects
29 14

This site contains links to these domains. Also see Links.

Domain
www.knowbe4.com
Subject Issuer Validity Valid
secured-login.net
Amazon RSA 2048 M02		 2023-07-27 -
2024-08-24		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2023-04-06 -
2024-04-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Frame ID: E33F4A306B3DB0770E03067601CC5C0E
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Frame ID: 4DC61A6699121FF20D97BC6D4A7EE1AB
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://url.avanan.click/v2/___https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqS... HTTP 302
    https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc... Page URL
  2. https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

29
Requests

97 %
HTTPS

85 %
IPv6

12
Domains

14
Subdomains

13
IPs

2
Countries

1976 kB
Transfer

6898 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url.avanan.click/v2/___https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803___.YXAzOmlub2FjdXNhOmE6bzo1NzZjNDc2YjlhZDA5NWQwMjRkNWE4ZjNmNWNmYTU4NTo2OjU2Y2U6NjgyOGIxNDU2YmMxYWQ0NDc1YjY3ZTQxMGQ4YmE2ZGFjOWNkMWE2MThkNmU3ZjY0MWI1ODQ3MjZkNWQ3NjA5NDpoOlQ HTTP 302
    https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803 Page URL
  2. https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://url.avanan.click/v2/___https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803___.YXAzOmlub2FjdXNhOmE6bzo1NzZjNDc2YjlhZDA5NWQwMjRkNWE4ZjNmNWNmYTU4NTo2OjU2Y2U6NjgyOGIxNDU2YmMxYWQ0NDc1YjY3ZTQxMGQ4YmE2ZGFjOWNkMWE2MThkNmU3ZjY0MWI1ODQ3MjZkNWQ3NjA5NDpoOlQ HTTP 302
  • https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803
Request Chain 14
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndx...
chase.com-onlinebanking.com/
Redirect Chain
  • https://url.avanan.click/v2/___https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBM...
  • https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15...
452 B
851 B 		Document
General
Check archive.org
Download Go to
Full URL
https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.232.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-232-165.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-length
452
content-security-policy
content-type
text/html; charset=utf-8
date
Fri, 16 Feb 2024 15:49:34 GMT
etag
W/"8cac9a9c7bd288363d35c3d24081ac10"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63113904; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
25a3f7db-e77a-4b12-bc6e-8d6e25856fe7
x-runtime
0.066841
x-xss-protection
0

Redirect headers

apigw-requestid
TPGSTgHtoAMEYUA=
content-length
0
date
Fri, 16 Feb 2024 15:49:34 GMT
location
https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803
via
1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-cf-id
U-2wQgVJYYzWs_SLNugsw_1q2jAM8OrtYOeiPluAiHp1gBkVKLSvSQ==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
Primary Request XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndx...
secured-login.net/pages/ab41ecbd4fa/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Requested by
Host: chase.com-onlinebanking.com
URL: https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.232.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-232-165.compute-1.amazonaws.com
Software
/
Resource Hash
776d868e1a924338524d7edf48f7c4e7983068c360ee33cc97e574218141333b
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-length
4106
content-security-policy
content-type
text/html; charset=utf-8
date
Fri, 16 Feb 2024 15:49:38 GMT
etag
W/"776d868e1a924338524d7edf48f7c4e7"
link
</assets/landing-watermark-8487e36eef1bec74f06631f19fea0aa171c208e2976373cda5bd0a4b9e230903.css>; rel=preload; as=style; nopush,</assets/application-1fad17ce0880f978206c332819cfbcf1a9232d0ff44aace838815115cb62d62b.js>; rel=preload; as=script; nopush,</packs/js/vendor-954761ad0dceb106b971.js>; rel=preload; as=script; nopush,</assets/modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f.js>; rel=preload; as=script; nopush
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63113904; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
6d6a6ea1-e338-4111-9456-f23b6dcf5e2d
x-runtime
2.675493
x-xss-protection
0
landing-watermark-8487e36eef1bec74f06631f19fea0aa171c208e2976373cda5bd0a4b9e230903.css
secured-login.net/assets/ 		1 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secured-login.net/assets/landing-watermark-8487e36eef1bec74f06631f19fea0aa171c208e2976373cda5bd0a4b9e230903.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.232.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-232-165.compute-1.amazonaws.com
Software
/
Resource Hash
16f13e16a7ef02fb6f94250aa1931ded83dbee5d9fad278e33dd5792d085194f
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 15:49:38 GMT
content-encoding
gzip
strict-transport-security
max-age=63113904; includeSubDomains; preload
last-modified
Fri, 16 Feb 2024 14:35:15 GMT
content-length
415
vary
accept-encoding
content-type
text/css
application-1fad17ce0880f978206c332819cfbcf1a9232d0ff44aace838815115cb62d62b.js
secured-login.net/assets/ 		3 MB
750 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secured-login.net/assets/application-1fad17ce0880f978206c332819cfbcf1a9232d0ff44aace838815115cb62d62b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.232.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-232-165.compute-1.amazonaws.com
Software
/
Resource Hash
80df024ef21842ec1064fd7bacc3b5c01cb2499f18ed1f8cc65def2771bdcb48
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 15:49:38 GMT
content-encoding
gzip
strict-transport-security
max-age=63113904; includeSubDomains; preload
last-modified
Fri, 16 Feb 2024 14:35:14 GMT
content-length
767054
vary
accept-encoding
content-type
application/javascript
vendor-954761ad0dceb106b971.js
secured-login.net/packs/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secured-login.net/packs/js/vendor-954761ad0dceb106b971.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.232.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-232-165.compute-1.amazonaws.com
Software
/
Resource Hash
84a3d35500bed24eb5a54d480ceec5a1e3f096f2b62eb312b1931880f5d5a4ac
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 15:49:38 GMT
content-encoding
br
strict-transport-security
max-age=63113904; includeSubDomains; preload
last-modified
Fri, 16 Feb 2024 15:29:42 GMT
content-length
6049
vary
accept-encoding
content-type
application/javascript
modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f.js
secured-login.net/assets/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secured-login.net/assets/modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.232.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-232-165.compute-1.amazonaws.com
Software
/
Resource Hash
ee94dda0af1fc5c5045741b39e54136015365eedca34095f1d3c666998bb442d
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 15:49:38 GMT
content-encoding
gzip
strict-transport-security
max-age=63113904; includeSubDomains; preload
last-modified
Fri, 16 Feb 2024 15:28:47 GMT
content-length
15720
vary
accept-encoding
content-type
application/javascript
thin-orange-header.png
helpimg.s3.amazonaws.com/landing_pages/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://helpimg.s3.amazonaws.com/landing_pages/thin-orange-header.png
Requested by
Host: secured-login.net
URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.61.49 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5d30bc059081f6e9647e60fc1a3650222405a7e0b910a44c0645053a4139fa9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Fri, 16 Feb 2024 15:49:39 GMT
x-amz-version-id
EifVQrxRYe4WQirKDkCTcFSwCZ6MktNH
Last-Modified
Wed, 17 Mar 2021 21:13:19 GMT
Server
AmazonS3
x-amz-request-id
PWTVDSVF8TR81XEC
ETag
"2cc192249dd59954f8c661ee5acc067a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
61177
x-amz-id-2
N9MFgSfiVRRM+/TEjhlFJkaTNx3b+Gh2j1xH7ZHCTE4lFim/ofdL4CYqiikQWtRAjuResSKwCXA=
KB4-logo.png
cdn2.hubspot.net/hubfs/241394/html_file/files/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.hubspot.net/hubfs/241394/html_file/files/img/KB4-logo.png
Requested by
Host: secured-login.net
URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
271b8163a3ccda0ea83d4a13814a97d1fc2797c57fb363ca7d0e95e5e0df8a7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-3711502880,P-241394,FLS-ALL
age
679338
x-amz-request-id
Z4YF3V2N8TFKPV1T
edge-cache-tag
F-3711502880,P-241394,FLS-ALL
content-disposition
inline; filename="KB4-logo.webp"
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
cf-bgj
imgq:85,h2pri
etag
"20f88cb052864ef047cbf095e46a23b0"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Fri, 16 Feb 2024 15:49:38 GMT
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
g7nBhtlZ35jy1YqAk.ii5vduFHLTKp1W
x-amz-cf-pop
FRA56-P7
cf-polished
origFmt=png, origSize=5864
x-cache
Miss from cloudfront
cache-tag
F-3711502880,P-241394,FLS-ALL
alt-svc
h3=":443"; ma=86400
content-length
4156
x-amz-id-2
dtAUBvuim8VUd9wNDmOGB1epAUIh2NsnVC4dMcDgqfd7RX0nHPVjY+0kDHAlz7KNlGNyZZOWc8w=
last-modified
Fri, 06 Oct 2017 17:40:18 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaqLKa4uo9TeZtpjLvn79%2F3ygPhcfdeWsfyE5FADfL%2BxgudrFkZbPfkkWr1Buc3%2FCkMtxB%2BMfNEI2k78gxDEFifQwVCKwDPGgH5XmP32p7%2B3RGH08PoxfZlARYKX6yfcWdzeQZMJnYG6iv7eRM8%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
8566f112dc453719-FRA
x-amz-cf-id
jGILt_5LsycfMhqtt3N-fg-BXJS59ZJsBT_Y2m991VprC36t61qZRw==
oHg5SJYRHA0
www.youtube.com/embed/ Frame 4DC6 		91 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Requested by
Host: secured-login.net
URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
16679cd8ae43b90a0be9f2e813144359eefa57e79713abfe1a8f70b5b642ea2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Feb 2024 15:49:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/5683fc5e/ Frame 4DC6 		366 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 13:31:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
8266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48183
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 15 Feb 2025 13:31:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4DC6 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:50:21 GMT
x-content-type-options
nosniff
age
284358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:50:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4DC6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:09:14 GMT
x-content-type-options
nosniff
age
283225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:09:14 GMT
embed.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 4DC6 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adb0e74d3179802bb946d3487d460e61a98cdddfc16528a27fedb74e7f01de99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:32:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
199028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16886
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 13 Feb 2025 08:32:31 GMT
www-embed-player.js
www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/ Frame 4DC6 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 02:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
49223
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96927
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 15 Feb 2025 02:09:16 GMT
base.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 4DC6 		2 MB
778 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a625134502f8fae2ae5f7d003418199f4dce50c1c63b89178f95455e87b9b1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795740
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 13 Feb 2025 08:32:31 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 4DC6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Protocol
H2
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ab6e4eba28d29fd6895a376ba2678b11cdb127af54dd6ec03bad3cdbc854ad3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 15:49:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Feb 2024 15:49:39 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4DC6 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 15:42:15 GMT
x-content-type-options
nosniff
age
444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Feb 2024 15:57:15 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 16 Feb 2024 15:49:39 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4DC6 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8797ed355bd910a9d420abea1c000cf6aed12c4d5d866c77f64824aa2a9f4d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 16 Feb 2024 15:49:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41157
x-xss-protection
0
remote.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 4DC6 		118 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
995d911b164843c6c2eb0a86d028f14e5d08971da5b51681b60f478bd781d8f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:33:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
198987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34032
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 13 Feb 2025 08:33:12 GMT
jKwdeMg5eTlKLUq1BicdQ3joNHiQFKykZS_8AKWMVTU.js
www.google.com/js/th/ Frame 4DC6 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/jKwdeMg5eTlKLUq1BicdQ3joNHiQFKykZS_8AKWMVTU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cac1d78c83979394a2d4ab506271d4378e834789014aca4652ffc00a58c5535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 16:42:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
83226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19989
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 14 Feb 2025 16:42:33 GMT
hqdefault.jpg
i.ytimg.com/vi/oHg5SJYRHA0/ Frame 4DC6 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/oHg5SJYRHA0/hqdefault.jpg?sqp=-oaymwEmCOADEOgC8quKqQMa8AEB-AG-AoAC8AGKAgwIABABGFogVShlMA8=&rs=AOn4CLCJ9RIh-_gj3a0W8l6CngMsNnW1aQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2fc54d4d5c84c4955ccba737396d18c6e3e2adc5c9f788b56f270fb82cbf8f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 15:30:50 GMT
x-content-type-options
nosniff
age
1129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10611
x-xss-protection
0
server
sffe
etag
"1638202551"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 16 Feb 2024 17:30:50 GMT
truncated
/ Frame 4DC6 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
AIf8zZTsiujrJ4ksiu6w08OvGOwF9QHmJolUrtJJVqj-=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4DC6 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIf8zZTsiujrJ4ksiu6w08OvGOwF9QHmJolUrtJJVqj-=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
de243522428e66605f0a4ed987c61fd431cc98d27dfb2e39cd30365a54522298
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 14:43:52 GMT
x-content-type-options
nosniff
age
3947
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3386
x-xss-protection
0
server
fife
etag
"v26"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 17 Feb 2024 14:43:52 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4DC6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 15:49:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Feb 2024 15:49:39 GMT
generate_204
www.youtube.com/ Frame 4DC6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?zNpVTA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 15:49:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4DC6 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
22a2eb955dc453c4f3d5a7df1481fbcd89a70151d618496c3480756e1d613387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 16 Feb 2024 15:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 16 Feb 2024 15:49:40 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/121/ Frame 4DC6 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/121/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:34:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 16:05:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 16 Feb 2024 17:34:54 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 4DC6 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-Goog-Request-Time
1708098582102
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
X-YouTube-Client-Version
1.20240213.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtLbk4zTzdCZWdfayiTiL6uBjIKCgJERRIEEgAgDg%3D%3D
X-YouTube-Ad-Signals
dt=1708098579499&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C480%2C360&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 16 Feb 2024 15:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Phishing Simulation (Internet)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| _extends function| _typeof function| FlatpickrInstance function| _flatpickr function| flatpickr function| updateQueryStringParameter function| getParam function| colSort function| $ function| jQuery object| jQuery112408407226285613394 function| proj4 object| Routes function| moment object| FullCalendar function| _ object| ZeroClipboard_TableTools object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| html5 object| Modernizr object| gon object| kb4

3 Cookies

Domain/Path Name / Value
url.avanan.click/ Name: x-cloud-sec-ctp
Value: ad0eeb32-8e89-4d50-82af-8ae6332d3195
.youtube.com/ Name: YSC
Value: Z3pPgfaO7sI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: KnN3O7Beg_k

16 Console Messages

Source Level URL
Text
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy
Strict-Transport-Security max-age=63113904; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn2.hubspot.net
chase.com-onlinebanking.com
fonts.gstatic.com
googleads.g.doubleclick.net
helpimg.s3.amazonaws.com
i.ytimg.com
jnn-pa.googleapis.com
secured-login.net
static.doubleclick.net
url.avanan.click
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2600:9000:2127:3000:1e:9997:2240:93a1
2606:4700::6810:6fd1
2a00:1450:4001:806::2004
2a00:1450:4001:809::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2016
3.231.232.165
52.216.61.49
16679cd8ae43b90a0be9f2e813144359eefa57e79713abfe1a8f70b5b642ea2b
16f13e16a7ef02fb6f94250aa1931ded83dbee5d9fad278e33dd5792d085194f
22a2eb955dc453c4f3d5a7df1481fbcd89a70151d618496c3480756e1d613387
271b8163a3ccda0ea83d4a13814a97d1fc2797c57fb363ca7d0e95e5e0df8a7c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d30bc059081f6e9647e60fc1a3650222405a7e0b910a44c0645053a4139fa9a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ab6e4eba28d29fd6895a376ba2678b11cdb127af54dd6ec03bad3cdbc854ad3
776d868e1a924338524d7edf48f7c4e7983068c360ee33cc97e574218141333b
80df024ef21842ec1064fd7bacc3b5c01cb2499f18ed1f8cc65def2771bdcb48
84a3d35500bed24eb5a54d480ceec5a1e3f096f2b62eb312b1931880f5d5a4ac
8797ed355bd910a9d420abea1c000cf6aed12c4d5d866c77f64824aa2a9f4d0f
8cac1d78c83979394a2d4ab506271d4378e834789014aca4652ffc00a58c5535
995d911b164843c6c2eb0a86d028f14e5d08971da5b51681b60f478bd781d8f7
a2fc54d4d5c84c4955ccba737396d18c6e3e2adc5c9f788b56f270fb82cbf8f0
a625134502f8fae2ae5f7d003418199f4dce50c1c63b89178f95455e87b9b1e5
adb0e74d3179802bb946d3487d460e61a98cdddfc16528a27fedb74e7f01de99
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de243522428e66605f0a4ed987c61fd431cc98d27dfb2e39cd30365a54522298
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee94dda0af1fc5c5045741b39e54136015365eedca34095f1d3c666998bb442d
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660