urlscan.io logo urlscan.io
SecurityTrails logo

loilevi.tk Open in urlscan Pro
104.21.84.84  Public Scan

Go To Rescan Add Verdict Report
URL: https://loilevi.tk/
Submission Tags: krdprod
Submission: On September 21 via api from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 20 HTTP transactions. The main IP is 104.21.84.84, located in and belongs to CLOUDFLARENET, US. The main domain is loilevi.tk.
TLS certificate: Issued by R3 on September 21st 2021. Valid for: 3 months.
This is the only time loilevi.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.21.84.84 13335 (CLOUDFLAR...)
1 1 172.67.157.157 13335 (CLOUDFLAR...)
1 104.21.22.204 13335 (CLOUDFLAR...)
9 216.58.212.174 15169 (GOOGLE)
2 142.250.185.99 15169 (GOOGLE)
1 2 142.250.186.98 15169 (GOOGLE)
1 142.250.185.134 15169 (GOOGLE)
1 142.250.185.228 15169 (GOOGLE)
1 142.250.185.193 15169 (GOOGLE)
1 142.250.185.86 15169 (GOOGLE)
2 172.217.16.131 15169 (GOOGLE)
20 11
1    104.21.84.84 (None, )

ASN13335 (CLOUDFLARENET, US)
loilevi.tk
1    172.67.157.157 (United States)

ASN13335 (CLOUDFLARENET, US)
tutomoviles.com
1    104.21.22.204 (None, )

ASN13335 (CLOUDFLARENET, US)
apsachieveonline.org
9    216.58.212.174 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f174.1e100.net
www.youtube.com
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
static.doubleclick.net
1    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
1    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
yt3.ggpht.com
1    142.250.185.86 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f22.1e100.net
i.ytimg.com
2    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net
www.gstatic.com
Domain Requested by
9 www.youtube.com loilevi.tk
www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 apsachieveonline.org loilevi.tk
1 tutomoviles.com 1 redirects
1 loilevi.tk
20 11

This site contains no links.

Subject Issuer Validity Valid
*.loilevi.tk
R3		 2021-09-21 -
2021-12-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-12 -
2022-07-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://loilevi.tk/
Frame ID: 80674E6BC34F7FC7F65646514FD0B0A8
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/snOwfxWiOvs
Frame ID: AEB0B120429A6DD10B770753E8C986F5
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WhatsApp Spy aplikacija. Å ta je WhatsApp? Kako pratiti poruke na WhatsApp-u

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

832 kB
Transfer

2701 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://tutomoviles.com/wp-content/uploads/2020/01/1580216886_519_20-Aplikasi-Mata-Mata-Android-Terbaik-tahun-2020-yang-Akan-Membuat.jpg HTTP 302
  • https://apsachieveonline.org/in/wp-content/uploads/2020/01/1580216886_519_20-Aplikasi-Mata-Mata-Android-Terbaik-tahun-2020-yang-Akan-Membuat.jpg
Request Chain 7
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
loilevi.tk/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loilevi.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.84.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c289901f7a083f1d038fc1891ebe754f8dc30f5c0243fadd0d515ebcbc6cb23

Request headers

:method
GET
:authority
loilevi.tk
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 21 Sep 2021 20:28:16 GMT
content-type
text/html; charset=UTF-8
set-cookie
ch1c=b
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4ULksF9yxqDYOwS43VSSawBlDgJZ6Bt0mrvuePt3JVuNk008cjuZ6JPj6oZi0SaDLeuCZzjSfcQEzn4Joy6N%2Bl8yTu6BGqHrMNelUv%2FsYad32rf8npo1ZQklrTR"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
692609f9abc1f9d2-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1580216886_519_20-Aplikasi-Mata-Mata-Android-Terbaik-tahun-2020-yang-Akan-Membuat.jpg
apsachieveonline.org/in/wp-content/uploads/2020/01/
Redirect Chain
  • https://tutomoviles.com/wp-content/uploads/2020/01/1580216886_519_20-Aplikasi-Mata-Mata-Android-Terbaik-tahun-2020-yang-Akan-Membuat.jpg
  • https://apsachieveonline.org/in/wp-content/uploads/2020/01/1580216886_519_20-Aplikasi-Mata-Mata-Android-Terbaik-tahun-2020-yang-Akan-Membuat.jpg
52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apsachieveonline.org/in/wp-content/uploads/2020/01/1580216886_519_20-Aplikasi-Mata-Mata-Android-Terbaik-tahun-2020-yang-Akan-Membuat.jpg
Requested by
Host: loilevi.tk
URL: https://loilevi.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.22.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4392cf65bc1ac1b648401ce30499ba24ab297316b8d5a5e9156e4345c52fc4a9
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://loilevi.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 20:28:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1502
strict-transport-security
max-age=10886400; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
53705
x-xss-protection
1; mode=block
last-modified
Sun, 22 Nov 2020 14:36:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFiy0X7QBBH4FMwRn%2FysnIeTJs0d1e96t3HQ4o8WjbutlEUagevuBlm1Yx54Ep0zRp8Rmv9KwMnA7%2BuvoHiJ%2FcOgY5qKJSBCJ5%2BFiGUQcGMSOgjD4AR3Q9gHfTP1IeXI5yNGAwklhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
692609fd8c5e0610-FRA
expires
Thu, 21 Oct 2021 20:03:14 GMT

Redirect headers

date
Tue, 21 Sep 2021 20:28:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1M5wMtr0lLT%2BEB6Q0pkFfeyvkBWjgMqs7jwRqOPpkpTB6gpGD8HBeWmL%2FhyKrSZyXfbQMaTR0l3zzg3KN2IhIlHSJDm%2FapwDde7ZWUKu%2Ba6LXe2%2FsGtpPgvxJq9JUvzgUJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://apsachieveonline.org/in/wp-content/uploads/2020/01/1580216886_519_20-Aplikasi-Mata-Mata-Android-Terbaik-tahun-2020-yang-Akan-Membuat.jpg
cache-control
max-age=14400
cf-ray
692609faa91d2780-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 21 Sep 2021 20:28:16 GMT
snOwfxWiOvs
www.youtube.com/embed/ Frame AEB0 		57 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/snOwfxWiOvs
Requested by
Host: loilevi.tk
URL: https://loilevi.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
ESF /
Resource Hash
7f0120f7063580468ae4c2593b4b5795938c24b9ef8ad1b33b95f8755bb31eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/snOwfxWiOvs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://loilevi.tk/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://loilevi.tk/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 21 Sep 2021 20:28:16 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=wc0ewg5M4EU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=yWVwvDeoEYo; Domain=.youtube.com; Expires=Sun, 20-Mar-2022 20:28:16 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/202721c6/ Frame AEB0 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/snOwfxWiOvs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
sffe /
Resource Hash
5c548c151337a815c681c21526d74a2a18d333af03de18c3416b7ecbec5efa49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/snOwfxWiOvs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:45:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
103340
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46356
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:45:56 GMT
www-embed-player.js
www.youtube.com/s/player/202721c6/www-embed-player.vflset/ Frame AEB0 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/snOwfxWiOvs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
sffe /
Resource Hash
d246d268ccbb30f7aadd23581fb30e4e790b9570fe1906c8ecbaa451427dc283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/snOwfxWiOvs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
103418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67318
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:38 GMT
base.js
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame AEB0 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/snOwfxWiOvs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
sffe /
Resource Hash
0fc4119bc1cbfb84c3decc599049a609d37530c85c6272d2babb5e6f8aea51d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/snOwfxWiOvs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
103405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
517198
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:51 GMT
fetch-polyfill.js
www.youtube.com/s/player/202721c6/fetch-polyfill.vflset/ Frame AEB0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/snOwfxWiOvs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/snOwfxWiOvs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
103418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AEB0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/snOwfxWiOvs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 09:07:47 GMT
x-content-type-options
nosniff
age
40829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Sep 2022 09:07:47 GMT
id
googleads.g.doubleclick.net/pagead/ Frame AEB0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/snOwfxWiOvs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3706b742905f45c93e7881dc8f578a28d59a8262ad11fdb959038489fb0e51a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 20:28:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 21 Sep 2021 20:28:16 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame AEB0 		29 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 20:24:16 GMT
x-content-type-options
nosniff
age
240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Sep 2021 20:39:16 GMT
remote.js
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame AEB0 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
sffe /
Resource Hash
375ed48cd9e95d6226f860a4e264e95d284f7f2e1afd3e273a487b523a4667b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/snOwfxWiOvs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:44:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
103405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29973
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:44:51 GMT
EhtG_94iehnKzbpb0ZP_cXwu_teREljuRPBK4VQXoHY.js
www.google.com/js/th/ Frame AEB0 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/EhtG_94iehnKzbpb0ZP_cXwu_teREljuRPBK4VQXoHY.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
sffe /
Resource Hash
121b46ffde227a19cacdba5bd193ff717c2efed7911258ee44f04ae15417a076
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 05:10:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
573489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13037
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 15 Sep 2022 05:10:07 GMT
embed.js
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame AEB0 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
sffe /
Resource Hash
6fc0154a9a3bb9f72d51c7dc2438412bf3e5b7fd637af7947d78ba3260e20d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/snOwfxWiOvs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:45:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
103346
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7353
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 00:16:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Sep 2022 15:45:50 GMT
truncated
/ Frame AEB0 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
AKedOLSDjT8V5qSn2BtC_atLdOMkQ7i1iLq1v9mnUqn94Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame AEB0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLSDjT8V5qSn2BtC_atLdOMkQ7i1iLq1v9mnUqn94Q=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/snOwfxWiOvs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
fife /
Resource Hash
85fa9db19ba57f0d29a359d5302ebf0a8bb530b7ef053b4ff7904e159369fc5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 16:39:46 GMT
x-content-type-options
nosniff
age
13710
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2047
x-xss-protection
0
server
fife
etag
"v1008"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 29 Aug 2021 15:42:32 GMT
sddefault.webp
i.ytimg.com/vi_webp/snOwfxWiOvs/ Frame AEB0 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/snOwfxWiOvs/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/snOwfxWiOvs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.86 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f22.1e100.net
Software
sffe /
Resource Hash
c1f6919d937cd5ba1e8203c15b6951bed4e8fb944ad711c13725165abc176935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 20:28:16 GMT
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30066
x-xss-protection
0
server
sffe
etag
"1516226850"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 21 Sep 2021 22:28:16 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AEB0 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/snOwfxWiOvs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 07:03:13 GMT
x-content-type-options
nosniff
age
221103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 07:03:13 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame AEB0 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 20:28:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview"
expires
Tue, 21 Sep 2021 20:28:16 GMT
generate_204
www.youtube.com/ Frame AEB0 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?Nelgxg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/snOwfxWiOvs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/snOwfxWiOvs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 20:28:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame AEB0 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 07:46:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15359
x-xss-protection
0
last-modified
Mon, 12 Jul 2021 15:09:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Wed, 22 Sep 2021 07:46:18 GMT
log_event
www.youtube.com/youtubei/v1/ Frame AEB0 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f174.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/snOwfxWiOvs
X-YouTube-Client-Version
1.20210919.0.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt5V1Z3dkRlb0VZbyjggKmKBg%3D%3D
X-YouTube-Ad-Signals
dt=1632256096481&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKrnuMqY31CgxX5_cBZYkSSFMHmk4NrPsq1Ioqmw58wYR6oikG4xm0dgVVpmjixEQeA7OD97YiNS0Htv1BMOJCV26GQloQ

Response headers

date
Tue, 21 Sep 2021 20:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster

4 Cookies

Domain/Path Name / Value
loilevi.tk/ Name: ch1c
Value: b
.youtube.com/ Name: YSC
Value: wc0ewg5M4EU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: yWVwvDeoEYo
.doubleclick.net/ Name: IDE
Value: AHWqTUlU7jWxc4aV4tlWJYAWIX7tKn2Ongj3QbBVeU88n4xyFFGW9K8-56wl97Q5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apsachieveonline.org
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
loilevi.tk
static.doubleclick.net
tutomoviles.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.21.22.204
104.21.84.84
142.250.185.134
142.250.185.193
142.250.185.228
142.250.185.86
142.250.185.99
142.250.186.98
172.217.16.131
172.67.157.157
216.58.212.174
0fc4119bc1cbfb84c3decc599049a609d37530c85c6272d2babb5e6f8aea51d4
121b46ffde227a19cacdba5bd193ff717c2efed7911258ee44f04ae15417a076
375ed48cd9e95d6226f860a4e264e95d284f7f2e1afd3e273a487b523a4667b3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4392cf65bc1ac1b648401ce30499ba24ab297316b8d5a5e9156e4345c52fc4a9
5c548c151337a815c681c21526d74a2a18d333af03de18c3416b7ecbec5efa49
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6fc0154a9a3bb9f72d51c7dc2438412bf3e5b7fd637af7947d78ba3260e20d21
7c289901f7a083f1d038fc1891ebe754f8dc30f5c0243fadd0d515ebcbc6cb23
7f0120f7063580468ae4c2593b4b5795938c24b9ef8ad1b33b95f8755bb31eff
85fa9db19ba57f0d29a359d5302ebf0a8bb530b7ef053b4ff7904e159369fc5f
c1f6919d937cd5ba1e8203c15b6951bed4e8fb944ad711c13725165abc176935
d246d268ccbb30f7aadd23581fb30e4e790b9570fe1906c8ecbaa451427dc283
d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3706b742905f45c93e7881dc8f578a28d59a8262ad11fdb959038489fb0e51a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9