bloxscripts.co Open in urlscan Pro
2606:4700:3030::ac43:d647 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Submission: On October 28 via api (October 28th 2023, 5:50:37 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 16 domains to perform 45 HTTP transactions. The main IP is 2606:4700:3030::ac43:d647, located in United States and belongs to CLOUDFLARENET, US. The main domain is bloxscripts.co.
TLS certificate: Issued by GTS CA 1P5 on September 12th 2023. Valid for: 3 months.

This is the only time bloxscripts.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3030::ac43:d647	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:891e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:202... 2600:9000:2022:9c00:1d:7a2b:ec0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:89ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.132.28 172.64.132.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.174.25 52.222.174.25	16509 (AMAZON-02) (AMAZON-02)
2	104.21.11.156 104.21.11.156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:813::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
45	21

8 2606:4700:3030::ac43:d647 (United States)

ASN13335 (CLOUDFLARENET, US)

bloxscripts.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:891e (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2022:9c00:1d:7a2b:ec0:21 (United States)

ASN16509 (AMAZON-02, US)

d1ytalcrl612d7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.132.28 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.174.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-25.cdg50.r.cloudfront.net

townrusisedprivat.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.11.156 (None, )

ASN13335 (CLOUDFLARENET, US)

ivedmanyyea.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com 1 redirects youtube.com — Cisco Umbrella Rank: 46 www.youtube.com — Cisco Umbrella Rank: 68	991 KB
8	bloxscripts.co bloxscripts.co	156 KB
7	google.com 4 redirects accounts.google.com — Cisco Umbrella Rank: 24 www.google.com — Cisco Umbrella Rank: 2	18 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 jnn-pa.googleapis.com — Cisco Umbrella Rank: 207	34 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	95 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
2	ivedmanyyea.org ivedmanyyea.org	786 B
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 31227	101 KB
2	cloudfront.net d1ytalcrl612d7.cloudfront.net	55 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	22 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110
1	townrusisedprivat.info townrusisedprivat.info	538 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6454	178 KB
1	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 8545	665 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
45	16

	Domain	Requested by
8	www.youtube.com	bloxscripts.co www.youtube.com
8	bloxscripts.co	bloxscripts.co
6	accounts.google.com	4 redirects bloxscripts.co
4	jnn-pa.googleapis.com	www.youtube.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	ivedmanyyea.org	bloxscripts.co
2	pogothere.xyz	d1ytalcrl612d7.cloudfront.net
2	d1ytalcrl612d7.cloudfront.net	bloxscripts.co d1ytalcrl612d7.cloudfront.net
2	fonts.googleapis.com	bloxscripts.co
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	youtube.com	1 redirects
1	www.facebook.com	bloxscripts.co
1	townrusisedprivat.info	d1ytalcrl612d7.cloudfront.net
1	js.hsforms.net	bloxscripts.co
1	fonts.cdnfonts.com	bloxscripts.co
1	cdnjs.cloudflare.com	bloxscripts.co
45	21

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
bstlar.com
bloxflip.com
youtu.be

Subject Issuer	Validity	Valid
bloxscripts.co GTS CA 1P5	`2023-09-12` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
cdnfonts.com GTS CA 1P5	`2023-10-02` - `2023-12-31`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
townrusisedprivat.info Amazon RSA 2048 M03	`2023-10-12` - `2024-11-09`	a year	crt.sh
ivedmanyyea.org E1	`2023-10-22` - `2024-01-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Frame ID: B84D5E0DBD53063A2A19AF43A78CC882
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BjVgAfsvRUM
Frame ID: 27A50E18F3BA1AF3FFC65FD22420E4D3
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bloxscripts

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

45
Requests

93 %
HTTPS

86 %
IPv6

16
Domains

21
Subdomains

21
IPs

3
Countries

1656 kB
Transfer

5388 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/@bloxscripts2121
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://bstlar.com/1t/jailbroken
Title: Click Here

Search URL Search Domain Scan URL

URL: https://bloxflip.com/a/bloxscripts
Title: Click Here

Search URL Search Domain Scan URL

URL: https://youtu.be/KovXxP_neWI
Title: Click Here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyyFK3zGZJRRQqiVNRNxLkSU_R7JB8PvlsoHTsqMXjFBm3QqYwHsF3a_x83qrV2vmueXpBXk HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyySMXCJCetQGoRWbJw14ua1HcBZzo9zo5v7MV5WwLfNktpVvrfl0GUCIruwWjH87dU3uZEx&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1475890219%3A1698515432129488&theme=glif

Request Chain 15

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyy3RaKeKnrOGAlv6tijVE7Cit8dOcfB3G-sm2dC2fnBa0yVL4mFVNbF2mIPy2NNfb09do7r HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyy_nSCGNu-sK1G3odbSY0cW874A7FBL1fG3XRSZcOz3zACD1tqyCS3_gOgGdipkcnIXh1BH&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-351961027%3A1698515432089281&theme=glif

Request Chain 24

https://youtube.com/embed/BjVgAfsvRUM HTTP 301
https://www.youtube.com/embed/BjVgAfsvRUM

Request Chain 31

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

45 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request BjVgAfsvRUM Show response
bloxscripts.co/v/ 1 KB
1 KB 294ms
229ms Document
text/html 2606:4700:3030::ac43:d647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 237e507a7cbd07c295a907ee2bcf8da9fc1a3fdf69d96173059763b2ccadeb08

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, content-type
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81d5058608686acb-FRA
content-encoding: br
content-type: text/html
date: Sat, 28 Oct 2023 17:50:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsYqlZV0OSthGdVeQPVvh73hrWobUddCipEp1GOQcjnY42Kntw043pCOdC69mqgG84%2Bg6gF2BfdpweWlS9qaiqd4gRRJvMz5FsNOopwICDfZflx%2FbKUShBLwpsKJe7ANqPYI5UXFgzgznv0aDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 99ms
49ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6314065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4220
last-modified: Thu, 22 Jun 2023 10:45:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494263c-107c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDotJZGW0NSZTI7g3Hu9ykBx499pQoleps5Ej%2BF3z9QuHBnAG0e0pgpsKK9rxxhXZAB6nPfPylwurXhK%2FfI4QZFuzCUeTeDIdbOXF3Bb09X5m3WJyv5Eo5elGdW2tVyfSULeCBbZyIj0f3ieMcFG6uno"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81d50587dacd1cbb-FRA
expires: Thu, 17 Oct 2024 17:50:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 88ms
33ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;600;700;800&display=swap

Requested by

Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9f090e1862122c66bdda163938585e5196eb8dde771332843ec3133bbfd81fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 17:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 17:50:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 17:50:31 GMT

GET
H2 200 minecraft-4
fonts.cdnfonts.com/css/ 169 B
665 B 92ms
32ms Stylesheet
text/css 2606:4700:e2::ac40:891e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/minecraft-4
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:891e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1af0f0a4830eea6783c00aa425504cc694842ec9406c57748c28480ff4afc645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9548039
cf-polished: origSize=204
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 Jul 2023 05:36:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YXC%2BS3U3ZqC7DPWFYqeLJXU1RLrxtvygwbJPi3bcziUJt3zN6%2Bwvxony2sdbG%2BOt8SYJhL3O3npLnvVerQ80%2BA3mQFLQ5JtEZ685oYcpsUgFffqn7idn%2B2apU6bKdQN9czf2vgz2eaIOr%2BNOsSgt3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 81d50587ed624dba-FRA

GET
H2 200 / Show response
d1ytalcrl612d7.cloudfront.net/ 164 KB
54 KB 286ms
196ms Script
text/plain 2600:9000:2022:9c00:1d:7a2b:ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ytalcrl612d7.cloudfront.net/?latyd=975567
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2022:9c00:1d:7a2b:ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 82289fd849573c7839ecb7f5a67ff134c9f66119690b71f916fb1a587f7c1bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:31 GMT
content-encoding: gzip
via: 1.1 cd89ff2afb5d679fe3dbf35f3872a5b2.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 54753
x-amz-cf-id: NOdJrKkiderm3qugF-_ats3JXTLCfHA_uV9w4NFFqIEK0-DEGpP7eA==

GET
H2 404 ksdjgfks.js
bloxscripts.co/v/ 0
0 229ms
228ms Script
text/html 2606:4700:3030::ac43:d647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxscripts.co/v/ksdjgfks.js
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:31 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Tcw%2B7f0bo26in9ZpZR6%2FLVOgjB2A3eLIuIBB5zmIF%2FYvTuAORxIPoXwywih9PIcOBwpO%2B6UeNufRxhkKT3EzUXTV0n%2BTXOth7kk02XnIL3tO6Sxh9JGJUk8SxTM61oyY%2BWVJuX%2Byf%2BjhdRDpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 81d505878aec6acb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 558 KB
178 KB 97ms
38ms Script
application/javascript 2606:4700::6810:89ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65a9f49faa9d19684f4e5a4d625b8fa846e7b0c42d00708d54d8cd01522c82bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-encoding: br
age: 475
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4060/bundles/project-v2.js&cfRay=81d4f9ec89381c40-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"a2c86253a5123256bbe0d435091efaec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4060/bundles/project-v2.js
date: Sat, 28 Oct 2023 17:50:31 GMT
x-amz-version-id: EY48f1SSIu_moF6LRQ1fnE.VdXzMn5bK
via: 1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: c56d9106-6e73-443e-a526-f0f9da896bab
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: c56d9106-6e73-443e-a526-f0f9da896bab
last-modified: Thu, 26 Oct 2023 13:53:14 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rt3qtoc%2FmjlmI7t81qhKnzxc%2FA%2Ft2CROcK%2BvWvu1imuDyVkMJd17MzCOoJXQaAD2OMhnmupTk9q7pEayH5BU1DEBqgno6vxAUIMZmApt6WWICPY6j5DTvd4jJKZZnMmbdk0TCSV9Nc3dVOIG"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-hjsqm
cf-ray: 81d50587ef8d929b-FRA
x-amz-cf-id: KMsYj_ZKRj1GFJLzIER1A36cBM-NgqHfFFRYnxJauYmqImVGxdEpPA==

GET
H2 200 regsw.js Show response
bloxscripts.co/ 282 B
507 B 224ms
223ms Script
application/javascript 2606:4700:3030::ac43:d647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxscripts.co/regsw.js
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f52b25daed630fb6129a1356b9ff7a9c4ccb70441209fca3ab8dfb0930fcf8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:31 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 28 Oct 2023 12:13:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRKYmpv7M%2Bl52s%2BDKkl2uiFoIoUmNB7vvtgDZ0DFbVhPGJYVMYr1%2F%2BUHYs7uhzJ3438cRWhQih5Rrl6XWEiLK42FgRMxmHGXYXB3XIOn4LBd5QfXKhvatcFCtTSjMuVEWzqAnr8RoFGgrzbx4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 81d505878aed6acb-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.d1f47465.js Show response
bloxscripts.co/static/js/ 177 KB
58 KB 521ms
520ms Script
application/javascript 2606:4700:3030::ac43:d647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxscripts.co/static/js/main.d1f47465.js
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 444ee3fc0304ce401d74bf72e5d4004e77031c70c40e18862514ed016a222e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 28 Oct 2023 13:11:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXqxrWgHEnAuuwbFmxenBlo69yfztbGG95O2d%2FbkkFVeP04YW9jgBX%2BHawpxidoUoflUkZjFDEzQm4HTumVq8VjsdAYcElsiyW2ItouyWnIXkxYzBBnR%2FpleyhuKb1dfLZqlib%2BanRW4xmI0GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 81d5058989709268-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.2cb8328a.css
bloxscripts.co/static/css/ 95 KB
64 KB 399ms
398ms Stylesheet
text/css 2606:4700:3030::ac43:d647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxscripts.co/static/css/main.2cb8328a.css
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bec52d8a4fbf33d2f02b717db9e63dfaebf7e18811540d9b05a9a46df1407800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:31 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 28 Oct 2023 12:13:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORxyH8HonPN56fV2o%2FRGF0VvIOHdB7OFGkIFiSw8WNupYeo33RKb25S6rCzpswBwLu1T0M%2FJnWhphtoVAkTrJEvYhk63qo4CTMG7NBJduM9R60%2FEvkzH%2FMYjcquIHsoUSkLvNE0WKp0nlnDp%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 81d505878aea6acb-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 269ms
215ms Fetch
binary/octet-stream 172.64.132.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d1ytalcrl612d7.cloudfront.net
URL: https://d1ytalcrl612d7.cloudfront.net/?latyd=975567
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:32 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 28 Oct 2023 13:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://bloxscripts.co
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFxakLVgNu5MgZNp7ideAkDDToFr63bK8AErz7iKqNDjz0jA%2FNN9uyo%2FzjQSAp2qplKSepcmSGOLFcm%2FSrgikV5KztvDqqeXWysaLpdGGtnjflAyDKQ%2Ft1BT1H4lgWa9"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 81d50589e93035df-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
pogothere.xyz/ 27 B
614 B 170ms
116ms Fetch
text/plain 172.64.132.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d1ytalcrl612d7.cloudfront.net
URL: https://d1ytalcrl612d7.cloudfront.net/?latyd=975567
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1868b7e1759b12bb09cf2c87d5dc39172c2a883828936319360b7b9538abe65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9E8Gu9ApoNOs6gZaPIZJvAAJkRyMPrMe2ouYY96Qr8rFBV1fXXWV51aBnPXCLvNwh4aZ7XAiPcQSe76xrqzp6qjFu%2FYihpthHhhRB3XCkLfDv4J3MR%2FY4v%2B1u4B848IN"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://bloxscripts.co
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 81d50589e92d35df-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
townrusisedprivat.info/ 0
538 B 181ms
112ms XHR
text/plain 52.222.174.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://townrusisedprivat.info/utx?cb=qomcc7jw2DCI&top=bloxscripts.co&tid=975567
Requested by: Host: d1ytalcrl612d7.cloudfront.net
URL: https://d1ytalcrl612d7.cloudfront.net/?latyd=975567
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.174.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-25.cdg50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Oct 2023 17:50:32 GMT
via: 1.1 8e20810f1edd66323991c4412691bb48.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: CDG50-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://bloxscripts.co
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: agLVyfuweATp6Or4jdIWe0CUqfG9wKgUqFGI8JibpxveT7wZY4rVtQ==

GET
H2 204 CQV6
ivedmanyyea.org/SzZOMDZkCS1DCypxPgZlDAcfaGMBQRZcQhFiIAVgE3A+e1UNRWhEXy8LdwcDfgB5FkYiUnMBEDhCL0RDOAt/Fl8lUCENED0Lfx4Ffxh9BBh7EDsNB21CPlFRdgdoQEI/WnMBAHIOewEDfwV/ 0
257 B 184ms
128ms Image
text/plain 104.21.11.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivedmanyyea.org/SzZOMDZkCS1DCypxPgZlDAcfaGMBQRZcQhFiIAVgE3A+e1UNRWhEXy8LdwcDfgB5FkYiUnMBEDhCL0RDOAt/Fl8lUCENED0Lfx4Ffxh9BBh7EDsNB21CPlFRdgdoQEI/WnMBAHIOewEDfwV/CQV6
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.11.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrdTVFDQnGS%2BZzYPsFkG1njVxKpkopN3i8QLaNluOFWq2Uv8bD%2FJ9kvZnqAuj4XCe7%2B91N83SiMo13FDK%2B3pyBBWsii1hKkbj3MA%2BLkkiUi77k2fJc8E2CAyBvHBH3rUjIQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 81d5058a1b53913a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 408ms
363ms Image
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyyFK3zGZJRRQqiVNRNxLkSU_R7JB8PvlsoHTsqMXjFBm3QqYwHsF3a_x83...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyySMXCJCetQGoRWbJw14ua1HcBZzo9zo5v7MV5WwLfNktpVvrfl0GUCIruwWjH87dU3uZEx&passive=...

0
0

45ms
45ms

Image
text/html

2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyySMXCJCetQGoRWbJw14ua1HcBZzo9zo5v7MV5WwLfNktpVvrfl0GUCIruwWjH87dU3uZEx&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1475890219%3A1698515432129488&theme=glif
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H3
Server: 2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Redirect headers

date: Sat, 28 Oct 2023 17:50:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-Kw9maEqwqmmP9ogLerYXmw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 403
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyySMXCJCetQGoRWbJw14ua1HcBZzo9zo5v7MV5WwLfNktpVvrfl0GUCIruwWjH87dU3uZEx&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1475890219%3A1698515432129488&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyy3RaKeKnrOGAlv6tijVE7Cit8dOcfB3G-sm2dC2fnBa0yVL4mFVNb...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyy_nSCGNu-sK1G3odbSY0cW874A7FBL1fG3XRSZcOz3zACD1tqyCS3_gOgGdipkcnIXh1BH&passive...

0
0

42ms
41ms

Image
text/html

2a00:1450:4001:813::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyy_nSCGNu-sK1G3odbSY0cW874A7FBL1fG3XRSZcOz3zACD1tqyCS3_gOgGdipkcnIXh1BH&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-351961027%3A1698515432089281&theme=glif
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H3
Server: 2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Redirect headers

date: Sat, 28 Oct 2023 17:50:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-QcFBLOPiDO2dKwQUJo6QVw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyy_nSCGNu-sK1G3odbSY0cW874A7FBL1fG3XRSZcOz3zACD1tqyCS3_gOgGdipkcnIXh1BH&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-351961027%3A1698515432089281&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
ivedmanyyea.org/ 35 B
529 B 94ms
38ms Image
image/gif 104.21.11.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivedmanyyea.org/popunder.gif
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.11.156 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: public
date: Sat, 28 Oct 2023 17:50:32 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 13:32:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 101864
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUDSa%2B4UVyQsCgQZmsakK67W8pmHZvdR6FcNOBdcKdKgWS6d7sgQv7aPaP1sU3dH3yY%2BLSwm41KXsR2S31KhUkWqLjuqbXNF64jPZmezcSgUl6orShkKtrnA2CGMa30vKxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 81d5058a1b59913a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
988 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Requested by

Host: bloxscripts.co
URL: https://bloxscripts.co/static/css/main.2cb8328a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

170d329a585de03caa379e0e068e08b529ba2d693608db4166c3996328185c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 28 Oct 2023 17:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 28 Oct 2023 16:05:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Oct 2023 17:50:32 GMT

GET
H2 200 XQjJYUkMhXTY0fDZbPG96dQdtZHRkWCs9LTIPHD8OAUNtFS0vczpnAXQULCgnfwB+PiIsVWV0JixRZWNlI1Y6b3NkRig9KH9cLiE1OF82KDs0FC0zfi9dIjsvLlN9YAV3HGh3cXIaLzstJl0vIWZwAjYmZnACaWJtchdrEGZwAi87LXQGfWEBZwBoKnV2G3-1gcyN... Show response
d1ytalcrl612d7.cloudfront.net/ 806 B
839 B 199ms
198ms Script
text/plain 2600:9000:2022:9c00:1d:7a2b:ec0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ytalcrl612d7.cloudfront.net/XQjJYUkMhXTY0fDZbPG96dQdtZHRkWCs9LTIPHD8OAUNtFS0vczpnAXQULCgnfwB+PiIsVWV0JixRZWNlI1Y6b3NkRig9KH9cLiE1OF82KDs0FC0zfi9dIjsvLlN9YAV3HGh3cXIaLzstJl0vIWZwAjYmZnACaWJtchdrEGZwAi87LXQGfWEBZwBoKnV2G3-1gcyNCKD4mNVc6OSo2F2oUdnEFdmF1ZwBoeigqRjU+ZnBxfWBzLlszN2ZwAj83ICldcXdxclEwICwvV31gBXMDYHxzbAdha3BsA2llZnACKzMlI0Axd3EEB2tlbXEEfid+cwFha3J7BmhkcnoAYGV2cA
Requested by: Host: d1ytalcrl612d7.cloudfront.net
URL: https://d1ytalcrl612d7.cloudfront.net/?latyd=975567
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2022:9c00:1d:7a2b:ec0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dc5b4568ac4ffb204b712e7c6a87fe84a16bb8a4c40a1c1e3a95bbae31bfaa8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:32 GMT
content-encoding: gzip
via: 1.1 cd89ff2afb5d679fe3dbf35f3872a5b2.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 562
x-amz-cf-id: g-jT76d9greWJOBbT2dmgQdiX8wpIaT1Q_QD_dUaS7wKblPmspSzTA==

GET
H3 200 data.json Show response
bloxscripts.co/ 305 KB
16 KB 229ms
229ms Fetch
application/json 2606:4700:3030::ac43:d647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxscripts.co/data.json?tid=934606
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/static/js/main.d1f47465.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb13dcb0f6c43606692a4bee3497b7371d99c941e2d51f239656ae6aa5e485d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhsY%2FAfilnYOaBcXx35CwuBJHzW3YUmvuHH6N84DsWr2Zj1WVyupVvpJMH82EM7iIxLig2aiXJHUeyAI%2Bp6mQQY%2F1GZaaZBdtBxvl%2BzWoLV8xhDShhEpjEzI4Nw8smE4ZT7JEe1XnPksDExHbg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-credentials: true
cf-ray: 81d5058d3d7c9268-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H3 200 data.json Show response
bloxscripts.co/ 305 KB
15 KB 220ms
219ms Fetch
application/json 2606:4700:3030::ac43:d647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxscripts.co/data.json?tid=934606
Requested by: Host: bloxscripts.co
URL: https://bloxscripts.co/static/js/main.d1f47465.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb13dcb0f6c43606692a4bee3497b7371d99c941e2d51f239656ae6aa5e485d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPK2OriYcLmI%2Fxx7XW40OSXqZdXL4ZA2e6%2Bes%2BRFe5Ny80I%2F%2FoV1ABu68HtYOQDkB4ZuJzTqsSE5jHvVzjLxh8fI0THWdTRIBAKCw80omWniUn%2F3JDF1EGR%2F8kmucIdXkXPGoW5Iu1wZeBQe1g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-credentials: true
cf-ray: 81d5058d3d819268-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bloxscripts.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 171159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:17:53 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cca92f26e5112e394cd022b7e60fec5f50f40c5b79e9a5bb3130684b8c95d9e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 undefined
bloxscripts.co/v/ 1 KB
1 KB 125ms
125ms Image
text/html 2606:4700:3030::ac43:d647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bloxscripts.co/v/undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bloxscripts.co/v/BjVgAfsvRUM?bs=1t/jailbroken
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuL1OtJcQpxr9qEGkzaAP2EEdh3qNETbpKcApt7dAL0fWmOPQmKB%2BKnOgeOYEvJmBUn850%2FeH4JznGjX7MXcJWw4ZcNETyeuNe9MHPKxmO3NS4IdM8sUZCej%2Fee4fzTTYes9Tzsbb9mcR9uVAg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-credentials: true
cf-ray: 81d50590e9db9268-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2

200

BjVgAfsvRUM Show response
www.youtube.com/embed/ Frame 27A5
Redirect Chain

https://youtube.com/embed/BjVgAfsvRUM
https://www.youtube.com/embed/BjVgAfsvRUM

92 KB
41 KB

204ms
149ms

Document
text/html

2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/BjVgAfsvRUM

Requested by

Host: bloxscripts.co
URL: https://bloxscripts.co/static/js/main.d1f47465.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9949ca5a20afa54221255bbccf7d355563f44d21ad4997c93f7921ec71e18773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxscripts.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 17:50:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=31536000
content-length: 0
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport
content-type: application/binary
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 28 Oct 2023 17:50:33 GMT
expires: Sat, 28 Oct 2023 17:50:33 GMT
location: https://www.youtube.com/embed/BjVgAfsvRUM
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/9e328581/ Frame 27A5 377 KB
48 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BjVgAfsvRUM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e145fd39385252b9692e8a022fd599d62542a548ace6423dd9bc9abb07e1dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BjVgAfsvRUM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:27:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48749
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 27 Oct 2024 13:27:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 27A5 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BjVgAfsvRUM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 03:12:15 GMT
x-content-type-options: nosniff
age: 139098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 03:12:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 27A5 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BjVgAfsvRUM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 159838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 21:26:35 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/ Frame 27A5 54 KB
17 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BjVgAfsvRUM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2127a9383edaf32da47ce05cb023888eb193ec9525badee604010e6d943f8bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BjVgAfsvRUM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 15:49:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17023
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 26 Oct 2024 15:49:18 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/9e328581/www-embed-player.vflset/ Frame 27A5 318 KB
95 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BjVgAfsvRUM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

837ff4d2018dbb14f63f899c3479035f7a986d5f36b9a5603c872b624afbbf19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BjVgAfsvRUM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:19:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97578
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 27 Oct 2024 17:19:20 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/ Frame 27A5 2 MB
756 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BjVgAfsvRUM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f374f06b734d213eb9b182016fe28796ded40f38dc7041dd91e4d0257a70aa1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BjVgAfsvRUM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 11:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 773308
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 26 Oct 2024 11:46:43 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 27A5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

28ms
27ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BjVgAfsvRUM

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9835010fe07b66d2ecb6199d4b6a41026b41ce3257225e9b3c991d65b8a67171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 28 Oct 2023 17:50:33 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 27A5 29 B
494 B 81ms
23ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:08 GMT
x-content-type-options: nosniff
age: 25
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 28 Oct 2023 18:05:08 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 86ms
28ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 28 Oct 2023 17:50:33 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 27A5 68 KB
31 KB 37ms
36ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9e8b08eb68a0bec3a54304db1f3042812d318878e3860f68a1b21167c1417c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 28 Oct 2023 17:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31971
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/ Frame 27A5 116 KB
33 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c53c1bb8cce043c88cfbffe438d5bf533138df4fe313c34c3cbae0bb59a0f06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BjVgAfsvRUM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33685
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Oct 2024 01:28:07 GMT

GET
H2 200 QcAALD0fIyejrwdw44bQZTSl0S_tfxpIwjw1mnUR6iI.js Show response
www.google.com/js/th/ Frame 27A5 38 KB
15 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/QcAALD0fIyejrwdw44bQZTSl0S_tfxpIwjw1mnUR6iI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c0002c3d1f2327a3af0770e386d06534a5d12fed7f1a48c23c359a7511ea22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14673
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Oct 2024 18:39:04 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/BjVgAfsvRUM/ Frame 27A5 22 KB
22 KB 78ms
22ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/BjVgAfsvRUM/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BjVgAfsvRUM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5dba61d3d50f6d85d0a49bf06f7e9e16b9a87fb729d9505ec426ed372fe6c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:12:02 GMT
x-content-type-options: nosniff
age: 5911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22016
x-xss-protection: 0
server: sffe
etag: "1693597970"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 28 Oct 2023 18:12:02 GMT

GET
DATA 200
OK truncated
/ Frame 27A5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 HoLxXUUm8XlCIOJr_rWv3tblCWo56Iw6gzzx0M1XPvzcA6G_2KIwmziSyaOJHg24gym8B4PL=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 27A5 2 KB
3 KB 88ms
23ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/HoLxXUUm8XlCIOJr_rWv3tblCWo56Iw6gzzx0M1XPvzcA6G_2KIwmziSyaOJHg24gym8B4PL=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BjVgAfsvRUM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

235e9321df68e968de6befe110b7f6f04977a9f21e003300841039854196d3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 13:58:53 GMT
x-content-type-options: nosniff
age: 13900
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2534
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:58:53 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 27A5 4 KB
2 KB 90ms
35ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 17:50:33 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 27A5 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?EidWLg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/BjVgAfsvRUM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BjVgAfsvRUM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 17:50:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
30ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 28 Oct 2023 17:50:33 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 27A5 90 B
134 B 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8749879c0316611f2cc3a938d75af69c56b4c4188c7f9414f95bcf764fec0ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 28 Oct 2023 17:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/118/ Frame 27A5 50 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/118/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14707
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 15:06:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sun, 29 Oct 2023 16:42:06 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 27A5 28 B
54 B 35ms
32ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Goog-Request-Time: 1698515435939
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/BjVgAfsvRUM
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtaSElGVnFBVzNsZyjpk_WpBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1698515433571&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C400&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 28 Oct 2023 17:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 28 Oct 2023 17:50:35 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pogothere.xyz/	1970-01-21 00:26:59	Name: csu Value: 1399194061828752@1@1698515432
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: R58EfNmcrUk
.youtube.com/	1970-01-20 20:07:47	Name: VISITOR_INFO1_LIVE Value: ZHIFVqAW3lg

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bloxscripts.co/v/ksdjgfks.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyy_nSCGNu-sK1G3odbSY0cW874A7FBL1fG3XRSZcOz3zACD1tqyCS3_gOgGdipkcnIXh1BH&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-351961027%3A1698515432089281&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyySMXCJCetQGoRWbJw14ua1HcBZzo9zo5v7MV5WwLfNktpVvrfl0GUCIruwWjH87dU3uZEx&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1475890219%3A1698515432129488&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
bloxscripts.co
cdnjs.cloudflare.com
d1ytalcrl612d7.cloudfront.net
fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ivedmanyyea.org
jnn-pa.googleapis.com
js.hsforms.net
pogothere.xyz
static.doubleclick.net
townrusisedprivat.info
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
youtube.com
yt3.ggpht.com
104.21.11.156
172.64.132.28
2600:9000:2022:9c00:1d:7a2b:ec0:21
2606:4700:3030::ac43:d647
2606:4700::6810:89ce
2606:4700::6811:180e
2606:4700:e2::ac40:891e
2a00:1450:4001:803::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200d
2a00:1450:4001:81c::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a03:2880:f176:84:face:b00c:0:25de
52.222.174.25
170d329a585de03caa379e0e068e08b529ba2d693608db4166c3996328185c06
1af0f0a4830eea6783c00aa425504cc694842ec9406c57748c28480ff4afc645
1f52b25daed630fb6129a1356b9ff7a9c4ccb70441209fca3ab8dfb0930fcf8a
2127a9383edaf32da47ce05cb023888eb193ec9525badee604010e6d943f8bfc
235e9321df68e968de6befe110b7f6f04977a9f21e003300841039854196d3aa
237e507a7cbd07c295a907ee2bcf8da9fc1a3fdf69d96173059763b2ccadeb08
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41c0002c3d1f2327a3af0770e386d06534a5d12fed7f1a48c23c359a7511ea22
444ee3fc0304ce401d74bf72e5d4004e77031c70c40e18862514ed016a222e30
4c53c1bb8cce043c88cfbffe438d5bf533138df4fe313c34c3cbae0bb59a0f06
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e145fd39385252b9692e8a022fd599d62542a548ace6423dd9bc9abb07e1dca
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
65a9f49faa9d19684f4e5a4d625b8fa846e7b0c42d00708d54d8cd01522c82bb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
82289fd849573c7839ecb7f5a67ff134c9f66119690b71f916fb1a587f7c1bf9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837ff4d2018dbb14f63f899c3479035f7a986d5f36b9a5603c872b624afbbf19
8749879c0316611f2cc3a938d75af69c56b4c4188c7f9414f95bcf764fec0ced
8e99e1ceb5d2b6483d5cf48bff61db9da00db6cb806b7aa2e0f22f87a787e0d3
9835010fe07b66d2ecb6199d4b6a41026b41ce3257225e9b3c991d65b8a67171
9949ca5a20afa54221255bbccf7d355563f44d21ad4997c93f7921ec71e18773
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a5dba61d3d50f6d85d0a49bf06f7e9e16b9a87fb729d9505ec426ed372fe6c45
a9f090e1862122c66bdda163938585e5196eb8dde771332843ec3133bbfd81fb
b9e8b08eb68a0bec3a54304db1f3042812d318878e3860f68a1b21167c1417c4
beb13dcb0f6c43606692a4bee3497b7371d99c941e2d51f239656ae6aa5e485d
bec52d8a4fbf33d2f02b717db9e63dfaebf7e18811540d9b05a9a46df1407800
cca92f26e5112e394cd022b7e60fec5f50f40c5b79e9a5bb3130684b8c95d9e5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc5b4568ac4ffb204b712e7c6a87fe84a16bb8a4c40a1c1e3a95bbae31bfaa8d
e1868b7e1759b12bb09cf2c87d5dc39172c2a883828936319360b7b9538abe65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f374f06b734d213eb9b182016fe28796ded40f38dc7041dd91e4d0257a70aa1d
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

bloxscripts.co Open in urlscan Pro 2606:4700:3030::ac43:d647 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

45 Requests

93 %HTTPS

86 %IPv6

16 Domains

21 Subdomains

21 IPs

3 Countries

1656 kBTransfer

5388 kBSize

3 Cookies

4 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

bloxscripts.co Open in urlscan Pro
2606:4700:3030::ac43:d647 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

93 %
HTTPS

86 %
IPv6

16
Domains

21
Subdomains

21
IPs

3
Countries

1656 kB
Transfer

5388 kB
Size

3
Cookies

45 HTTP transactions
2 data transactions