windowexeallkiller.com Open in urlscan Pro
115.71.236.95 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://windowexeallkiller.com/
Submission Tags: falconsandbox
Submission: On March 14 via api (March 14th 2021, 9:26:12 am UTC) from US

Summary HTTP 69 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 11 domains to perform 69 HTTP transactions. The main IP is 115.71.236.95, located in Korea, Republic Of and belongs to GNJ-AS-KR DAOU TECHNOLOGY, KR. The main domain is windowexeallkiller.com.

This is the only time windowexeallkiller.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	115.71.236.95 115.71.236.95	45996 (GNJ-AS-KR...) (GNJ-AS-KR DAOU TECHNOLOGY)
6	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
69	18

4 115.71.236.95 (Korea, Republic Of)

ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR)

windowexeallkiller.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	youtube.com www.youtube.com	1 MB
13	blogspot.com 1.bp.blogspot.com 2.bp.blogspot.com 3.bp.blogspot.com 4.bp.blogspot.com	713 KB
10	google.com apis.google.com www.google.com accounts.google.com	152 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net static.doubleclick.net	2 KB
6	twitter.com platform.twitter.com syndication.twitter.com	149 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	39 KB
4	windowexeallkiller.com windowexeallkiller.com	57 KB
3	facebook.com www.facebook.com	137 KB
2	ytimg.com i.ytimg.com	342 KB
2	ggpht.com yt3.ggpht.com	5 KB
2	facebook.net connect.facebook.net	59 KB
69	11

	Domain	Requested by
18	www.youtube.com	windowexeallkiller.com www.youtube.com
6	apis.google.com	windowexeallkiller.com apis.google.com accounts.google.com
5	2.bp.blogspot.com	windowexeallkiller.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
4	platform.twitter.com	windowexeallkiller.com platform.twitter.com
4	windowexeallkiller.com	windowexeallkiller.com
3	www.facebook.com	connect.facebook.net www.facebook.com
3	www.google.com	www.youtube.com apis.google.com
3	4.bp.blogspot.com	windowexeallkiller.com
3	3.bp.blogspot.com	windowexeallkiller.com
2	syndication.twitter.com	platform.twitter.com
2	www.gstatic.com	www.youtube.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	connect.facebook.net	windowexeallkiller.com connect.facebook.net
2	1.bp.blogspot.com	windowexeallkiller.com
1	ssl.gstatic.com	accounts.google.com
1	accounts.google.com	apis.google.com
69	20

This site contains links to these domains. Also see Links.

Domain
www.superdownloads.com.br
windowexe.tistory.com
www.youtube.com
www.paypal.me
www.virustotal.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh

This page contains 8 frames:

Primary Page: http://windowexeallkiller.com/
Frame ID: 0E4F2E3AB53D35837DD5951528308A84
Requests: 25 HTTP requests in this frame

Frame: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
Frame ID: CF5B8761E03601EE231B5D25A7E9F57B
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
Frame ID: 9A7B18A18FDC0D41D3533EF68D986343
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c240e67506398%26domain%3Dwindowexeallkiller.com%26origin%3Dhttp%253A%252F%252Fwindowexeallkiller.com%252Ff1d968d0d3dbad4%26relation%3Dparent.parent&container_width=1560&href=http%3A%2F%2Fwindowexeallkiller.com%2F&locale=en_US&sdk=joey&type=button_count
Frame ID: C349C818958587993313FC560D850EA5
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=http%3A%2F%2Fwindowexeallkiller.com
Frame ID: E790FCEBD64C8A94EA8C7BE104FC7158
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&hl=en-US&origin=http%3A%2F%2Fwindowexeallkiller.com&url=http%3A%2F%2Fwindowexeallkiller.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: 9954EAE85E359559189B480D38363AC7
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowexeallkiller.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: 22B2F490F3D29D4EBBA96E9C8B7A19D9
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html
Frame ID: 616DEFA75984CCD7D14671D259488966
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

69
Requests

75 %
HTTPS

88 %
IPv6

11
Domains

20
Subdomains

18
IPs

3
Countries

3013 kB
Transfer

7254 kB
Size

6
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.superdownloads.com.br/download/85/windowexeallkiller/
Title: Português

Search URL Search Domain Scan URL

URL: http://windowexe.tistory.com/503
Title: 한국어

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=NjB21XQMztE&feature=youtu.be
Title: How to remove Pokki TaskBar Toolbar(Desk Band Class) introdution video

Search URL Search Domain Scan URL

URL: https://www.paypal.me/1357924
Title: Donate via Paypal

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/1e7dee7674f42eeb314d0cd626a6b7595a6dd4f7bbb2af6abaa8aeaf9dd5a748/analysis/1383313623/
Title: Result of virustotal.com

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/356955f237d6cebcb9724bce244337ee187879045aa01cae22286d58c3b82408/analysis/
Title: Result of virustotal.com

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/1adb097e4acded1d36ce54424c6f5a3a8f13c10543e63d8f5a4adfe6ea4648ff/analysis/1479976104/
Title: Result of virustotal.com

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/en/file/e2921c260cddae44b66b037f4dd62a6e107705312ecc83fc28836b2d3682e66b/analysis/1508501460/
Title: Result of virustotal.com

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/60d07658864c1dfe15bad0abad2659d462593b68a73f9d6b7aff2ac6cf1e9369/detection
Title: Result of virustotal.com

Search URL Search Domain Scan URL

URL: http://windowexe.tistory.com/
Title: [Blog]

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

http://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage HTTP 307
https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Request Chain 19

http://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage HTTP 307
https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Request Chain 21

http://connect.facebook.net/en-US/all.js HTTP 307
https://connect.facebook.net/en-US/all.js

Request Chain 33

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 35

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

69 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
windowexeallkiller.com/ 34 KB
35 KB 807ms
514ms Document
text/html 115.71.236.95
GNJ-AS-KR DAOU TE...

General

Check archive.org

Show headers Download Go to

Full URL: http://windowexeallkiller.com/
Protocol: HTTP/1.1
Server: 115.71.236.95 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software: Apache / PHP/5.3.3
Resource Hash: 236590063c6527f47942daa05c7040826949e491b26ec841474e6df4ae0985f4

Request headers

Host: windowexeallkiller.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:51 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Set-Cookie: PHPSESSID=5as9qu634qb3o86d2pjdsufoq2; path=/ f33d2ed86bd82d4c22123c9da444d8ab=MTYxNTcxMzk1MQ%3D%3D; expires=Mon, 14-Mar-2022 09:25:51 GMT; path=/ 96b28b766b7e0699aa91c9ff3d890663=deleted; expires=Sat, 14-Mar-2020 09:25:50 GMT; path=/ 2a0d2363701f23f8a75028924a3af643=ODkuMjQ5LjY0LjE3MQ%3D%3D; expires=Mon, 15-Mar-2021 09:25:51 GMT; path=/
Expires: 0
Last-Modified: Sun, 14 Mar 2021 09:25:51 GMT
Cache-Control: pre-check=0, post-check=0, max-age=0
Pragma: no-cache
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK style.css
windowexeallkiller.com/ 1 KB
2 KB 504ms
497ms Stylesheet
text/css 115.71.236.95
GNJ-AS-KR DAOU TE...

General

Check archive.org

Show headers Download Go to

Full URL: http://windowexeallkiller.com/style.css
Requested by: Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/
Protocol: HTTP/1.1
Server: 115.71.236.95 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software: Apache /
Resource Hash: af8e6b9dfc8804585365ba105e3c940e9412c2c3e88c89d9b0f9666558512340

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:51 GMT
Last-Modified: Tue, 17 Sep 2013 22:15:25 GMT
Server: Apache
ETag: "c2c1a-518-4e69ba8505940"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 1304

GET
H/1.1 200
OK common.js Show response
windowexeallkiller.com/js/ 5 KB
5 KB 502ms
496ms Script
text/javascript 115.71.236.95
GNJ-AS-KR DAOU TE...

General

Check archive.org

Show headers Download Go to

Full URL: http://windowexeallkiller.com/js/common.js
Requested by: Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/
Protocol: HTTP/1.1
Server: 115.71.236.95 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software: Apache /
Resource Hash: 51955abe453072a1fe4f841f27c6a2ddc83c7928ebe46e54630398cc69615d63

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:51 GMT
Last-Modified: Fri, 22 Nov 2013 03:29:01 GMT
Server: Apache
ETag: "c2657-12ae-4ebbb9d851940"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 4782

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sE6pJ9/HLq8KTvl+8cBDzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "cc618a2d744b3658f2d5361ea6240f80"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-sE6pJ9/HLq8KTvl+8cBDzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 14 Mar 2021 09:25:51 GMT

GET
H/1.1 200
OK 11_2014_07_09_11_47_24.png.png
1.bp.blogspot.com/-lZSXWRiJu_A/U7ytmKXU2lI/AAAAAAAAASE/fZdiNr4CdUc/s1600/ 52 KB
53 KB 27ms
19ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-lZSXWRiJu_A/U7ytmKXU2lI/AAAAAAAAASE/fZdiNr4CdUc/s1600/11_2014_07_09_11_47_24.png.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6ed124718ff6f7ffa6e1412ab22b0f85907d44f8dbcec3f375f2238adc934b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v132"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="11_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 53444
X-XSS-Protection: 0
Expires: Thu, 11 Mar 2021 13:41:39 GMT

GET
H/1.1 200
OK 2014-08-14_034908.png
2.bp.blogspot.com/-b1gWa0LKdAM/U-w0X98-z2I/AAAAAAAAAUk/7Lxehvx-c50/s1600/ 55 KB
55 KB 29ms
20ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-b1gWa0LKdAM/U-w0X98-z2I/AAAAAAAAAUk/7Lxehvx-c50/s1600/2014-08-14_034908.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f3abfc6f43035f1bb8c13e5a37265193212625404a111e2f2108dc532299caec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v14a"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-08-14_034908.png"
Timing-Allow-Origin: *
Content-Length: 55979
X-XSS-Protection: 0
Expires: Sun, 14 Mar 2021 16:49:50 GMT

GET
H/1.1 200
OK 2014-08-16_010036.png
2.bp.blogspot.com/-1B-bC89LgmA/U_ESj9c8iyI/AAAAAAAAAWI/uNibwLJM3p4/s1600/ 56 KB
57 KB 32ms
23ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-1B-bC89LgmA/U_ESj9c8iyI/AAAAAAAAAWI/uNibwLJM3p4/s1600/2014-08-16_010036.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

daf2452ecc085566e719ec0bb9a2f79de444c0d7ba3d143c206df255dcfcec5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v163"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-08-16_010036.png"
Timing-Allow-Origin: *
Content-Length: 57663
X-XSS-Protection: 0
Expires: Sun, 14 Mar 2021 16:49:50 GMT

GET
H/1.1 200
OK 33_2014_07_09_11_47_24.png
3.bp.blogspot.com/-A8zOI2MoPx4/U8FNQ7oHQkI/AAAAAAAAATg/DQFfDVcJ2bY/s1600/ 53 KB
54 KB 29ms
20ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-A8zOI2MoPx4/U8FNQ7oHQkI/AAAAAAAAATg/DQFfDVcJ2bY/s1600/33_2014_07_09_11_47_24.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8aa40b79aaff55e661f4023bf92c35c4a971ec3a5f718b57ba2b409f97fa7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v139"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="33_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 54557
X-XSS-Protection: 0
Expires: Sun, 14 Mar 2021 16:49:50 GMT

GET
H/1.1 200
OK 2014-08-29_031303.png
4.bp.blogspot.com/-G0Gf-vfMl9Q/U_9yhZXkaWI/AAAAAAAAAWo/MhxD4167_VY/s1600/ 71 KB
71 KB 30ms
21ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-G0Gf-vfMl9Q/U_9yhZXkaWI/AAAAAAAAAWo/MhxD4167_VY/s1600/2014-08-29_031303.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f8b4fc0f12b8f21f11ba86f377223540ef8684a907b680caa1cf90a5e5269a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v16b"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-08-29_031303.png"
Timing-Allow-Origin: *
Content-Length: 72608
X-XSS-Protection: 0
Expires: Wed, 10 Mar 2021 10:50:48 GMT

GET
H/1.1 200
OK 2014-08-08_060053.png
4.bp.blogspot.com/-5BOBB21IMWw/U-RbXggXadI/AAAAAAAAAUQ/7aO3ydj-rSY/s1600/ 57 KB
58 KB 29ms
21ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-5BOBB21IMWw/U-RbXggXadI/AAAAAAAAAUQ/7aO3ydj-rSY/s1600/2014-08-08_060053.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e2106095d181bd24bd54ebd41dc1890af1e0490ad12166c4bc26fb01729db80c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v146"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-08-08_060053.png"
Timing-Allow-Origin: *
Content-Length: 58450
X-XSS-Protection: 0
Expires: Wed, 10 Mar 2021 10:50:48 GMT

GET
H/1.1 200
OK 2014-08-08_061418.png
3.bp.blogspot.com/-_gxjl4bhyIE/U-RbXl2drFI/AAAAAAAAAUM/bcyGFKov6Bc/s1600/ 62 KB
62 KB 28ms
19ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-_gxjl4bhyIE/U-RbXl2drFI/AAAAAAAAAUM/bcyGFKov6Bc/s1600/2014-08-08_061418.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

28f314a7885095bf4e64dae07b4fc797dd0b071c7d78ade945b89089307f6390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v145"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-08-08_061418.png"
Timing-Allow-Origin: *
Content-Length: 63430
X-XSS-Protection: 0
Expires: Sun, 14 Mar 2021 16:49:50 GMT

GET
H/1.1 200
OK 55_2014_07_09_11_47_24.png
1.bp.blogspot.com/-MowMDXwnAAM/U7ytm6Vko2I/AAAAAAAAASU/3bzW1S5fD3I/s1600/ 50 KB
51 KB 28ms
21ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-MowMDXwnAAM/U7ytm6Vko2I/AAAAAAAAASU/3bzW1S5fD3I/s1600/55_2014_07_09_11_47_24.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f6f32124df8f78b2486c7e050a8577e952d46a5a30271db844f08d029dc3cb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v12f"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="55_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 51703
X-XSS-Protection: 0
Expires: Sun, 14 Mar 2021 16:49:50 GMT

GET
H/1.1 200
OK 2014-07-09_120009.png
2.bp.blogspot.com/-vYLA9NZtlt0/U7ywa1605BI/AAAAAAAAATQ/3WhNzj0ustk/s1600/ 60 KB
60 KB 29ms
22ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-vYLA9NZtlt0/U7ywa1605BI/AAAAAAAAATQ/3WhNzj0ustk/s1600/2014-07-09_120009.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2112af6cf9cff1b7c86febf3c3a18bc343e4acb64bfbc697333cbe6234339bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v135"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-07-09_120009.png"
Timing-Allow-Origin: *
Content-Length: 61185
X-XSS-Protection: 0
Expires: Sun, 14 Mar 2021 16:49:50 GMT

GET
H/1.1 200
OK 2014-07-27_155257.png
2.bp.blogspot.com/-sUwSBqXi49o/U9SiYwrOnaI/AAAAAAAAAT8/Bs9Wg98RWzQ/s1600/ 51 KB
51 KB 25ms
19ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-sUwSBqXi49o/U9SiYwrOnaI/AAAAAAAAAT8/Bs9Wg98RWzQ/s1600/2014-07-27_155257.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

49075f942f185144553f5a07b52853c24ae006880b15e1d793a2629c2b0346d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v140"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="2014-07-27_155257.png"
Timing-Allow-Origin: *
Content-Length: 51934
X-XSS-Protection: 0
Expires: Sun, 14 Mar 2021 16:49:50 GMT

GET
H/1.1 200
OK 77_2014_07_09_11_47_24.png
2.bp.blogspot.com/-nDWIX7UeKOE/U7ytnXdxOeI/AAAAAAAAASg/HCK1M3m45pw/s1600/ 57 KB
57 KB 24ms
20ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://2.bp.blogspot.com/-nDWIX7UeKOE/U7ytnXdxOeI/AAAAAAAAASg/HCK1M3m45pw/s1600/77_2014_07_09_11_47_24.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

11e479851f1b6d158670bd8f1be2fddcc67b591f4d1fdf8260063627d66fa323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v12c"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="77_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 58100
X-XSS-Protection: 0
Expires: Sun, 14 Mar 2021 16:49:51 GMT

GET
H/1.1 200
OK 88_2014_07_09_11_47_24.png
3.bp.blogspot.com/-Rm38cCmg6Ek/U7ytnlvJ3RI/AAAAAAAAASk/QBvoV7IjcKk/s1600/ 45 KB
46 KB 24ms
21ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-Rm38cCmg6Ek/U7ytnlvJ3RI/AAAAAAAAASk/QBvoV7IjcKk/s1600/88_2014_07_09_11_47_24.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6f73766ac9162bf52ec4d41684bd6c65d1e6e937e8a713c1103e70346ccbedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v12e"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="88_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 46263
X-XSS-Protection: 0
Expires: Sun, 14 Mar 2021 16:49:51 GMT

GET
H/1.1 200
OK 99_2014_07_09_11_47_24.png
4.bp.blogspot.com/-vlCVobPaiX4/U7ytn5m0oMI/AAAAAAAAASo/Cj4Og65ShWQ/s1600/ 38 KB
39 KB 23ms
21ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://4.bp.blogspot.com/-vlCVobPaiX4/U7ytn5m0oMI/AAAAAAAAASo/Cj4Og65ShWQ/s1600/99_2014_07_09_11_47_24.png

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2caf7fbd1fb272777a83b8386d9360e2454c3563a7a6ce6b41eca0bdcbd72c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "v12d"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="99_2014_07_09_11_47_24.png"
Timing-Allow-Origin: *
Content-Length: 39055
X-XSS-Protection: 0
Expires: Wed, 10 Mar 2021 10:50:48 GMT

GET
H/1.1 200
OK wrest.js Show response
windowexeallkiller.com/js/ 15 KB
15 KB 253ms
252ms Script
text/javascript 115.71.236.95
GNJ-AS-KR DAOU TE...

General

Check archive.org

Show headers Download Go to

Full URL: http://windowexeallkiller.com/js/wrest.js
Requested by: Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/
Protocol: HTTP/1.1
Server: 115.71.236.95 , Korea, Republic Of, ASN45996 (GNJ-AS-KR DAOU TECHNOLOGY, KR),
Reverse DNS
Software: Apache /
Resource Hash: 4250de59fb6fcf91557da76a53487364e2bde3c936d981ae8eff2cea3a944e34

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:51 GMT
Last-Modified: Mon, 09 Apr 2012 10:51:57 GMT
Server: Apache
ETag: "e2a15-3cb3-4bd3ccb84ad40"
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 15539

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 144 KB
51 KB 38ms
22ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 14:20:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 414338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51497
x-xss-protection: 0
expires: Wed, 09 Mar 2022 14:20:14 GMT

GET
H2

200

g8Wwgk2N0tc Show response
www.youtube.com/embed/ Frame CF5B
Redirect Chain

http://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

50 KB
21 KB

64ms
44ms

Document
text/html

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d95cc6a63bc0d92ce52654384772dd633bf240b2727c9340c553ee35ff8fc9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/g8Wwgk2N0tc?feature=player_detailpage
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://windowexeallkiller.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 14 Mar 2021 09:25:52 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=w1VOnrNQP-E; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=l5ZSWAXCRL4; Domain=.youtube.com; Expires=Fri, 10-Sep-2021 09:25:52 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+574; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
Non-Authoritative-Reason: HSTS

GET
H2

200

4Z2CTpjyYX0 Show response
www.youtube.com/embed/ Frame 9A7B
Redirect Chain

http://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

50 KB
21 KB

69ms
50ms

Document
text/html

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7bdfdc24b65491b51368bece65041beba733028580b4ac2823c242641e77486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/4Z2CTpjyYX0?feature=player_detailpage
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://windowexeallkiller.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 14 Mar 2021 09:25:52 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=iDb577TFjv4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=eSanLOE51vY; Domain=.youtube.com; Expires=Fri, 10-Sep-2021 09:25:52 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+728; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 64ms
13ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: 0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:22:22 GMT
Server: ECS (amb/6B9D)
Age: 382
Etag: "965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29026

GET
H2

200

all.js Show response
connect.facebook.net/en-US/
Redirect Chain

http://connect.facebook.net/en-US/all.js
https://connect.facebook.net/en-US/all.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en-US/all.js

Requested by

Host: windowexeallkiller.com
URL: http://windowexeallkiller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b5e30eb9fb4e0b842c327daf836d9bd2dce28c65f785948919ed686b83aa65fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: EpEAgY0DWfYvcgpR9AYyZw==
cross-origin-resource-policy: cross-origin
expires: Sun, 14 Mar 2021 09:32:33 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: uSrUenaZrREULXmVwewxVzxkDF7xi1PIrfguG2sdR5K9TENoaFwikL2uHK3D7VpiRf+U0nuPsO+jqGd1fX2xEg==
x-fb-trip-id: 917726464
x-fb-content-md5: 5235aa85f13e3ee24e628b89af27a4aa
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 14 Mar 2021 09:25:52 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "18bf9f10a6b6db9db193b6469e8c4829"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en-US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 190 KB
57 KB 20ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=feba219ce76ca5e0b44465c1e8022489&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en-US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd6a18901a7c9ac6e359525000dabe5b15d74b6d27272a21dbd04db6bfe4fccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://windowexeallkiller.com
Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VuLXXvZvWAaFVwx/bN4a8Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58083
x-fb-rlafr: 0
x-fb-debug: hfzsvqgCGoYfFVPnGlULjTqNseQ/cvI+nml5F6Y9FIPyGRsa3Kxys42fO6QmYYWNP3H7YuPGaqGWF+TKF1EX7A==
x-fb-trip-id: 917726464
x-fb-content-md5: 6dcd3aa152fa180f5bae6bfb07c032bf
x-frame-options: DENY
date: Sun, 14 Mar 2021 09:25:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "49048d251d3696c92eb149ea0e2f4b20"
timing-allow-origin: *
expires: Mon, 14 Mar 2022 08:54:23 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/d29f3109/ Frame CF5B 341 KB
51 KB 27ms
13ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 15:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 236409
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52229
x-xss-protection: 0
expires: Fri, 11 Mar 2022 15:45:43 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/d29f3109/www-embed-player.vflset/ Frame CF5B 160 KB
58 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03aef28a1ff1337c859cab5bdf6f0557e940c6f7c82c8d00502bd46b2fde91fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 00:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 33257
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59121
x-xss-protection: 0
expires: Mon, 14 Mar 2022 00:11:35 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/ Frame CF5B 2 MB
504 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19151ee5527abc4a3250857bd09c35b181c2edc42979771d29fee1eaf3b012bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 81619
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516037
x-xss-protection: 0
expires: Sun, 13 Mar 2022 10:45:33 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d29f3109/fetch-polyfill.vflset/ Frame CF5B 8 KB
3 KB 39ms
25ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 78418
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Sun, 13 Mar 2022 11:38:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CF5B 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 222267
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/d29f3109/ Frame 9A7B 341 KB
51 KB 26ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 15:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 236409
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52229
x-xss-protection: 0
expires: Fri, 11 Mar 2022 15:45:43 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/d29f3109/www-embed-player.vflset/ Frame 9A7B 160 KB
58 KB 26ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03aef28a1ff1337c859cab5bdf6f0557e940c6f7c82c8d00502bd46b2fde91fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 00:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 33257
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59121
x-xss-protection: 0
expires: Mon, 14 Mar 2022 00:11:35 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/ Frame 9A7B 2 MB
504 KB 38ms
27ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19151ee5527abc4a3250857bd09c35b181c2edc42979771d29fee1eaf3b012bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 81619
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516037
x-xss-protection: 0
expires: Sun, 13 Mar 2022 10:45:33 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d29f3109/fetch-polyfill.vflset/ Frame 9A7B 8 KB
3 KB 36ms
26ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 11:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 78418
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Sun, 13 Mar 2022 11:38:54 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9A7B 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 222267
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:25 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CF5B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
920 B

60ms
45ms

XHR
application/json

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63484f0574260daa8b594b5a475ff658bfec3891ad33e101142d88cc5f021008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 14 Mar 2021 09:25:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CF5B 29 B
407 B 27ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 888
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Sun, 14 Mar 2021 09:26:04 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 9A7B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
296 B

60ms
46ms

XHR
application/json

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

949a0d9186236d74a57f506937fdb5ddda953cb1f41e1409714027c7938a9f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 14 Mar 2021 09:25:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9A7B 29 B
87 B 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:11:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 888
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Sun, 14 Mar 2021 09:26:04 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/ Frame CF5B 97 KB
32 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14b646dae4cb103a505b93b65be169b52a57ba39d191ee02357e473e80dca62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 15:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 236396
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32708
x-xss-protection: 0
expires: Fri, 11 Mar 2022 15:45:56 GMT

GET
H2 200 EZf8jxdwqkL23uxFPDBdTiNZzxbWfe97GgGOcmp5ap4.js Show response
www.google.com/js/bg/ Frame CF5B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/EZf8jxdwqkL23uxFPDBdTiNZzxbWfe97GgGOcmp5ap4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1197fc8f1770aa42f6deec453c305d4e2359cf16d67def7b1a018e726a796a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 22:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 38216
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5658
x-xss-protection: 0
expires: Sun, 13 Mar 2022 22:48:56 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/ Frame CF5B 29 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24323a2bb3c6da5795183af10abe4738f2864183d6dc42af713aae3bc97c8433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 15:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 236396
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9674
x-xss-protection: 0
expires: Fri, 11 Mar 2022 15:45:56 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/ Frame 9A7B 97 KB
32 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14b646dae4cb103a505b93b65be169b52a57ba39d191ee02357e473e80dca62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 15:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 236396
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32708
x-xss-protection: 0
expires: Fri, 11 Mar 2022 15:45:56 GMT

GET
H3-Q050 200 3eYrsmSQBEQu88LBPmoKpV_BHftGk26qyGDx_h5vt1k.js Show response
www.google.com/js/th/ Frame 9A7B 33 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3eYrsmSQBEQu88LBPmoKpV_BHftGk26qyGDx_h5vt1k.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dde62bb2649004442ef3c2c13e6a0aa55fc11dfb46936eaac860f1fe1e6fb759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 14:26:13 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 241179
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12653
x-xss-protection: 0
expires: Fri, 11 Mar 2022 14:26:13 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/ Frame 9A7B 29 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24323a2bb3c6da5795183af10abe4738f2864183d6dc42af713aae3bc97c8433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 15:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 03:47:17 GMT
server: sffe
age: 236396
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9674
x-xss-protection: 0
expires: Fri, 11 Mar 2022 15:45:56 GMT

GET
DATA 200
OK truncated
/ Frame CF5B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwngbxKAX9CCQGUwguog9zcjRapgNsCA9fVxiqPihfQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CF5B 2 KB
3 KB 32ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwngbxKAX9CCQGUwguog9zcjRapgNsCA9fVxiqPihfQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c203c85e7b7a7106695d3b75330ea7fa3d88efcdd8dffe5f703ea17ff66004da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:18:48 GMT
x-content-type-options: nosniff
age: 424
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2313
x-xss-protection: 0
server: fife
etag: "v1b4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 12 Mar 2021 09:15:27 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/g8Wwgk2N0tc/ Frame CF5B 179 KB
180 KB 95ms
69ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/g8Wwgk2N0tc/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6479cddfca3fcca7a00764f53e284fb5fffa8edbf679d6ba240c87091d8d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:52 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 183762
x-xss-protection: 0
expires: Sun, 14 Mar 2021 11:25:52 GMT

GET
DATA 200
OK truncated
/ Frame 9A7B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwngbxKAX9CCQGUwguog9zcjRapgNsCA9fVxiqPihfQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9A7B 2 KB
2 KB 5ms
5ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwngbxKAX9CCQGUwguog9zcjRapgNsCA9fVxiqPihfQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c203c85e7b7a7106695d3b75330ea7fa3d88efcdd8dffe5f703ea17ff66004da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:18:48 GMT
x-content-type-options: nosniff
age: 424
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2313
x-xss-protection: 0
server: fife
etag: "v1b4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 12 Mar 2021 09:15:27 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/4Z2CTpjyYX0/ Frame 9A7B 162 KB
162 KB 139ms
138ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/4Z2CTpjyYX0/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c55292519d1031f456fdbcac822f6340747433e9dd6be287ead109f21cda5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:52 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165666
x-xss-protection: 0
expires: Sun, 14 Mar 2021 11:25:52 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CF5B 4 KB
2 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Sun, 14 Mar 2021 09:25:52 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9A7B 4 KB
2 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Sun, 14 Mar 2021 09:25:52 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame CF5B 0
38 B 6ms
6ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?f_E7_g
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:52 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 9A7B 0
13 B 6ms
5ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Od07EA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:52 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 share_button.php Show response
www.facebook.com/plugins/ Frame C349 41 KB
13 KB 84ms
84ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c240e67506398%26domain%3Dwindowexeallkiller.com%26origin%3Dhttp%253A%252F%252Fwindowexeallkiller.com%252Ff1d968d0d3dbad4%26relation%3Dparent.parent&container_width=1560&href=http%3A%2F%2Fwindowexeallkiller.com%2F&locale=en_US&sdk=joey&type=button_count

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=feba219ce76ca5e0b44465c1e8022489&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b7af812973156249f196bd9053d1396f8fac0bad7f90ca15ab3b68f6b5a04df

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c240e67506398%26domain%3Dwindowexeallkiller.com%26origin%3Dhttp%253A%252F%252Fwindowexeallkiller.com%252Ff1d968d0d3dbad4%26relation%3Dparent.parent&container_width=1560&href=http%3A%2F%2Fwindowexeallkiller.com%2F&locale=en_US&sdk=joey&type=button_count
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://windowexeallkiller.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: AqHOfnxhyL2moj2SkmuEP1YfEcnq27P4yrAoVh9O8oWlqguw5waOkrr2uyWpLBoYysdn0URgivcF+nPpJgB01w==
date: Sun, 14 Mar 2021 09:25:52 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html Show response
platform.twitter.com/widgets/ Frame E790 320 KB
104 KB 14ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=http%3A%2F%2Fwindowexeallkiller.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7D) /
Resource Hash: a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://windowexeallkiller.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 304529
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 14 Mar 2021 09:25:52 GMT
Etag: "e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B7D)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105690

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 97 KB
34 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559f31f31689c3362078aa438745222031527bf4a4d0711066350e8517a9d5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 16:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 407255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34488
x-xss-protection: 0
expires: Wed, 09 Mar 2022 16:18:17 GMT

GET
H3-Q050 404 fastbutton Show response
apis.google.com/se/0/_/+1/ Frame 9954 2 KB
1 KB 23ms
22ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&hl=en-US&origin=http%3A%2F%2Fwindowexeallkiller.com&url=http%3A%2F%2Fwindowexeallkiller.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6dd3fdf68dd8b150b2d179cc2f97d5c483185b1689900804b8b462343c224d4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Nzll+YOtC7cW/6VYyN0T6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&hl=en-US&origin=http%3A%2F%2Fwindowexeallkiller.com&url=http%3A%2F%2Fwindowexeallkiller.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://windowexeallkiller.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=hGC6Zw__izs-gDq0Ik24PvZSO3-DajKVkGX1SEPUZytrzAMk8nFSy6n9SE8QkSwxhSOsyPImiPrnyC1fFI_QXfQdaPgSHmsyNyPi76az0bKvcMRXAPbpXFruisgBTfqgQpovA3QcBCPDFfMxuaGCAMzkLyVANWXsLtwPl2nqZJA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 14 Mar 2021 09:25:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-Nzll+YOtC7cW/6VYyN0T6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 22B2 566 B
861 B 35ms
16ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowexeallkiller.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

931689d16c096d8641b9a8efaacb451ac0dcf594babddeea85de679039cc7688

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ywl08PkHX3R/myt0Wwsl6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowexeallkiller.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://windowexeallkiller.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=hGC6Zw__izs-gDq0Ik24PvZSO3-DajKVkGX1SEPUZytrzAMk8nFSy6n9SE8QkSwxhSOsyPImiPrnyC1fFI_QXfQdaPgSHmsyNyPi76az0bKvcMRXAPbpXFruisgBTfqgQpovA3QcBCPDFfMxuaGCAMzkLyVANWXsLtwPl2nqZJA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 14 Mar 2021 09:25:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ywl08PkHX3R/myt0Wwsl6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 9954 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&hl=en-US&origin=http%3A%2F%2Fwindowexeallkiller.com&url=http%3A%2F%2Fwindowexeallkiller.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Sun, 14 Mar 2021 09:25:52 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E790 183 B
411 B 153ms
121ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a0832c945c8fb36e8515c9eee6abc82f3955f129

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=http%3A%2F%2Fwindowexeallkiller.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time: 106
date: Sun, 14 Mar 2021 09:25:53 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 09:25:52 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: c3a9da235bd334fe73def92fad8ef3da
strict-transport-security: max-age=631138519
content-length: 152

GET
H/1.1 200
OK button.75a79c54dcfc115f36a5bc654a4d6c25.js Show response
platform.twitter.com/js/ 7 KB
3 KB 14ms
14ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.75a79c54dcfc115f36a5bc654a4d6c25.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: 97d03f0364ee71256d492e6abad11ff53f0bf177b6476ac4645ea1b045f1f743

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 09:25:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 19:20:13 GMT
Server: ECS (amb/6B9D)
Age: 304529
Etag: "ba8d4b9e84a41a5e804e7520c9979b13+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2297

GET
H2 200 2038943760-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 22B2 10 KB
5 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwindowexeallkiller.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 11:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 17:30:24 GMT
server: sffe
age: 78066
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
expires: Sun, 13 Mar 2022 11:44:46 GMT

GET
H3-Q050 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 22B2 12 KB
5 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1978a4ee69da239598bb125337b800e269f623839719a7da45e7f7cf2ba1a9bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XvaYmK/ESYaBqSTvvm1dHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "c489adc86eb80e5d71f9e88a3dbbf731"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-XvaYmK/ESYaBqSTvvm1dHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sun, 14 Mar 2021 09:25:52 GMT

GET
H2 200 zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame C349 388 B
659 B 6ms
5ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c240e67506398%26domain%3Dwindowexeallkiller.com%26origin%3Dhttp%253A%252F%252Fwindowexeallkiller.com%252Ff1d968d0d3dbad4%26relation%3Dparent.parent&container_width=1560&href=http%3A%2F%2Fwindowexeallkiller.com%2F&locale=en_US&sdk=joey&type=button_count

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c240e67506398%26domain%3Dwindowexeallkiller.com%26origin%3Dhttp%253A%252F%252Fwindowexeallkiller.com%252Ff1d968d0d3dbad4%26relation%3Dparent.parent&container_width=1560&href=http%3A%2F%2Fwindowexeallkiller.com%2F&locale=en_US&sdk=joey&type=button_count
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: bXJfYW7E8lQhASTNqwc5ft+wciFvs0aqKboAhn8EkC2jj9tDyIufjo0LkmAJg5qSPUDYX5EYtU0QOSWDjLN6Xw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
date: Fri, 12 Mar 2021 03:39:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 388
x-fb-rlafr: 0
expires: Sat, 12 Mar 2022 03:39:04 GMT

GET
H2 200 ZC424meY2W_.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yu/l/en_US/ Frame C349 479 KB
124 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yu/l/en_US/ZC424meY2W_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

415d55ffd15cc9556e0acaea482d74e5dbb5933d0bb334f22053a8f59f295bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c240e67506398%26domain%3Dwindowexeallkiller.com%26origin%3Dhttp%253A%252F%252Fwindowexeallkiller.com%252Ff1d968d0d3dbad4%26relation%3Dparent.parent&container_width=1560&href=http%3A%2F%2Fwindowexeallkiller.com%2F&locale=en_US&sdk=joey&type=button_count
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 1gpI9kdCZwOh+rx01cBi/sIlsC1PaOzCW2UGncYVr3mURiAFPwRg0oCFKqMgKQXPBKH99FtQ32AimzvmUnQKiQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 6c3hSpQvJseeiaXI1lmC6w==
date: Sat, 13 Mar 2021 03:20:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126280
x-fb-rlafr: 0
expires: Sun, 13 Mar 2022 03:20:37 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ Frame 22B2 51 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef954292f81e61ddd5040cda76768e482ebd9d3540b6710cae559f520db49905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 18:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 398919
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18054
x-xss-protection: 0
expires: Wed, 09 Mar 2022 18:37:14 GMT

GET
H/1.1 200
OK tweet_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html Show response
platform.twitter.com/widgets/ Frame 616D 32 KB
13 KB 14ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.0edc1ef9f8b82d9b79c6115bda79f63f.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: f85348f16f773be0593f6964a88ae226c85683d2fd9802c859ce1bf0fda027c1

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://windowexeallkiller.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://windowexeallkiller.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 304530
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 14 Mar 2021 09:25:53 GMT
Etag: "261ad3b11e174efa13458f601d8c2ebb+gzip"
Last-Modified: Wed, 03 Mar 2021 19:20:19 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B9D)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12296

GET
DATA 200
OK truncated
/ Frame 616D 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
360 B 132ms
132ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwindowexeallkiller.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1615713953170%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22e1ffbdb%3A1614796141937%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://windowexeallkiller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Sun, 14 Mar 2021 09:25:53 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c3a9da235bd334fe73def92fad8ef3da
x-transaction: 0097c842003915a2
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9A7B 28 B
315 B 20ms
20ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/4Z2CTpjyYX0?feature=player_detailpage
X-YouTube-Client-Version: 1.20210310.3.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtlU2FuTE9FNTF2WSigrbeCBg%3D%3D
X-YouTube-Ad-Signals: dt=1615713952413&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1024%2C768&vis=1&wgl=true&ca_type=image&bid=ANyPxKovygOVNz1vr5iAjOXrC_avPTOIG_JL84SOb7H4KcDvNGMWFSuneQNU8gP3oQ-KQL1qZUV6O47_qhoXhwQhku0iO9lIFg

Response headers

date: Sun, 14 Mar 2021 09:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 14 Mar 2021 09:26:02 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CF5B 28 B
168 B 17ms
17ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d29f3109/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/g8Wwgk2N0tc?feature=player_detailpage
X-YouTube-Client-Version: 1.20210310.3.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtsNVpTV0FYQ1JMNCigrbeCBg%3D%3D
X-YouTube-Ad-Signals: dt=1615713952401&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1024%2C768&vis=1&wgl=true&ca_type=image&bid=ANyPxKqvLVzXct7042uxSebJqFC18FkDQG0XgHSgIX19OggvtYlKohEsFmu4j6eJXXMERZhKPMjakIdSMvwlHtnye3EakPZVyQ

Response headers

date: Sun, 14 Mar 2021 09:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 14 Mar 2021 09:26:02 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 21:12:05	Name: NID Value: 211=hGC6Zw__izs-gDq0Ik24PvZSO3-DajKVkGX1SEPUZytrzAMk8nFSy6n9SE8QkSwxhSOsyPImiPrnyC1fFI_QXfQdaPgSHmsyNyPi76az0bKvcMRXAPbpXFruisgBTfqgQpovA3QcBCPDFfMxuaGCAMzkLyVANWXsLtwPl2nqZJA
windowexeallkiller.com/	1970-01-19 16:50:00	Name: 2a0d2363701f23f8a75028924a3af643 Value: ODkuMjQ5LjY0LjE3MQ%3D%3D
.youtube.com/	1970-01-19 21:07:45	Name: VISITOR_INFO1_LIVE Value: eSanLOE51vY
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: iDb577TFjv4
windowexeallkiller.com/	1970-01-20 01:34:09	Name: f33d2ed86bd82d4c22123c9da444d8ab Value: MTYxNTcxMzk1MQ%3D%3D
windowexeallkiller.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5as9qu634qb3o86d2pjdsufoq2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
accounts.google.com
apis.google.com
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
platform.twitter.com
ssl.gstatic.com
static.doubleclick.net
syndication.twitter.com
windowexeallkiller.com
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.244.42.136
115.71.236.95
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200d
2a00:1450:4001:80e::200e
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2001
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:82b::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
03aef28a1ff1337c859cab5bdf6f0557e940c6f7c82c8d00502bd46b2fde91fc
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
1197fc8f1770aa42f6deec453c305d4e2359cf16d67def7b1a018e726a796a9e
11e479851f1b6d158670bd8f1be2fddcc67b591f4d1fdf8260063627d66fa323
19151ee5527abc4a3250857bd09c35b181c2edc42979771d29fee1eaf3b012bb
1978a4ee69da239598bb125337b800e269f623839719a7da45e7f7cf2ba1a9bd
2112af6cf9cff1b7c86febf3c3a18bc343e4acb64bfbc697333cbe6234339bd2
236590063c6527f47942daa05c7040826949e491b26ec841474e6df4ae0985f4
24323a2bb3c6da5795183af10abe4738f2864183d6dc42af713aae3bc97c8433
28f314a7885095bf4e64dae07b4fc797dd0b071c7d78ade945b89089307f6390
2caf7fbd1fb272777a83b8386d9360e2454c3563a7a6ce6b41eca0bdcbd72c72
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
415d55ffd15cc9556e0acaea482d74e5dbb5933d0bb334f22053a8f59f295bda
4250de59fb6fcf91557da76a53487364e2bde3c936d981ae8eff2cea3a944e34
49075f942f185144553f5a07b52853c24ae006880b15e1d793a2629c2b0346d3
4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2
51955abe453072a1fe4f841f27c6a2ddc83c7928ebe46e54630398cc69615d63
559f31f31689c3362078aa438745222031527bf4a4d0711066350e8517a9d5a6
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
63484f0574260daa8b594b5a475ff658bfec3891ad33e101142d88cc5f021008
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6dd3fdf68dd8b150b2d179cc2f97d5c483185b1689900804b8b462343c224d4a
6ed124718ff6f7ffa6e1412ab22b0f85907d44f8dbcec3f375f2238adc934b11
6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879
77c55292519d1031f456fdbcac822f6340747433e9dd6be287ead109f21cda5d
7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7
8aa40b79aaff55e661f4023bf92c35c4a971ec3a5f718b57ba2b409f97fa7767
8b7af812973156249f196bd9053d1396f8fac0bad7f90ca15ab3b68f6b5a04df
931689d16c096d8641b9a8efaacb451ac0dcf594babddeea85de679039cc7688
949a0d9186236d74a57f506937fdb5ddda953cb1f41e1409714027c7938a9f44
97d03f0364ee71256d492e6abad11ff53f0bf177b6476ac4645ea1b045f1f743
9d95cc6a63bc0d92ce52654384772dd633bf240b2727c9340c553ee35ff8fc9b
a14b646dae4cb103a505b93b65be169b52a57ba39d191ee02357e473e80dca62
a6f73766ac9162bf52ec4d41684bd6c65d1e6e937e8a713c1103e70346ccbedc
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af8e6b9dfc8804585365ba105e3c940e9412c2c3e88c89d9b0f9666558512340
b5e30eb9fb4e0b842c327daf836d9bd2dce28c65f785948919ed686b83aa65fb
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c203c85e7b7a7106695d3b75330ea7fa3d88efcdd8dffe5f703ea17ff66004da
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d7bdfdc24b65491b51368bece65041beba733028580b4ac2823c242641e77486
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
daf2452ecc085566e719ec0bb9a2f79de444c0d7ba3d143c206df255dcfcec5f
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
dde62bb2649004442ef3c2c13e6a0aa55fc11dfb46936eaac860f1fe1e6fb759
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e2106095d181bd24bd54ebd41dc1890af1e0490ad12166c4bc26fb01729db80c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef954292f81e61ddd5040cda76768e482ebd9d3540b6710cae559f520db49905
f3abfc6f43035f1bb8c13e5a37265193212625404a111e2f2108dc532299caec
f6479cddfca3fcca7a00764f53e284fb5fffa8edbf679d6ba240c87091d8d4cf
f6f32124df8f78b2486c7e050a8577e952d46a5a30271db844f08d029dc3cb7d
f85348f16f773be0593f6964a88ae226c85683d2fd9802c859ce1bf0fda027c1
f8b4fc0f12b8f21f11ba86f377223540ef8684a907b680caa1cf90a5e5269a67
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fd6a18901a7c9ac6e359525000dabe5b15d74b6d27272a21dbd04db6bfe4fccc

windowexeallkiller.com Open in urlscan Pro 115.71.236.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

69 Requests

75 %HTTPS

88 %IPv6

11 Domains

20 Subdomains

18 IPs

3 Countries

3013 kBTransfer

7254 kBSize

6 Cookies

10 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

windowexeallkiller.com Open in urlscan Pro
115.71.236.95 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

75 %
HTTPS

88 %
IPv6

11
Domains

20
Subdomains

18
IPs

3
Countries

3013 kB
Transfer

7254 kB
Size

6
Cookies

69 HTTP transactions
3 data transactions