r41rwf.ub06septjo.online Open in urlscan Pro
2606:4700:3037::6815:25d1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/6932487
Effective URL:
https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
Submission: On December 13 via manual (December 13th 2021, 9:50:16 pm UTC) from AU — Scanned from DE

Summary HTTP 62 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3037::6815:25d1, located in United States and belongs to CLOUDFLARENET, US. The main domain is r41rwf.ub06septjo.online.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 12th 2021. Valid for: a year.

This is the only time r41rwf.ub06septjo.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	2606:4700:303... 2606:4700:3035::6815:31eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2606:4700:303... 2606:4700:3037::6815:25d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:11::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
62	14

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:31eb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r3zl3u.ze06oktlnk.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:3037::6815:25d1 (United States)

ASN13335 (CLOUDFLARENET, US)

r41rwf.ub06septjo.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:11::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5lznez.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ub06septjo.online r41rwf.ub06septjo.online	278 KB
14	youtube.com www.youtube.com	764 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	149 KB
6	googlevideo.com r2---sn-4g5lznez.googlevideo.com	620 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	ytimg.com i.ytimg.com	23 KB
1	ggpht.com yt3.ggpht.com	4 KB
1	google.com www.google.com	14 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	24 KB
1	ze06oktlnk.online 1 redirects r3zl3u.ze06oktlnk.online	915 B
1	bit.ly 1 redirects bit.ly	365 B
62	13

	Domain	Requested by
21	r41rwf.ub06septjo.online	r41rwf.ub06septjo.online
14	www.youtube.com	r41rwf.ub06septjo.online www.youtube.com
10	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
6	r2---sn-4g5lznez.googlevideo.com	www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.googleapis.com	r41rwf.ub06septjo.online
1	i.ytimg.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	cdnjs.cloudflare.com	r41rwf.ub06septjo.online
1	code.jquery.com	r41rwf.ub06septjo.online
1	r3zl3u.ze06oktlnk.online	1 redirects
1	bit.ly	1 redirects
62	15

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
connect.ok.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-12` - `2022-10-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-09` - `2022-01-18`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
Frame ID: 5110245B45B74C44024260D098DA9FB3
Requests: 33 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
Frame ID: 80AA703219B8695E016918D985EF6435
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bit.ly/6932487 HTTP 301
https://r3zl3u.ze06oktlnk.online/go/d1an:p_k28ce7l4 HTTP 301
https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211 Page URL

Page Statistics

62
Requests

98 %
HTTPS

93 %
IPv6

13
Domains

15
Subdomains

14
IPs

3
Countries

1885 kB
Transfer

4276 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/share.php?url=https%3A%2F%2Figor2017traffic-wixsite-com.filesusr.com%2Fhtml%2Fc378c6_aa991238aaafdc33be4fcf11d7e7efa1.html&utm_source=share2

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=https%3A%2F%2Figor2017traffic-wixsite-com.filesusr.com%2Fhtml%2Fc378c6_aa991238aaafdc33be4fcf11d7e7efa1.html&utm_source=share2

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/dk?st.cmd=OAuth2Login&st.layout=w&st.redirect=%252Fdk%253Fcmd%253DWidgetSharePreview%2526amp%253Bst.cmd%253DWidgetSharePreview%2526amp%253Bst.shareUrl%253Dhttps%25253A%25252F%25252Figor2017traffic-wixsite-com.filesusr.com%25252Fhtml%25252Fc378c6_aa991238aaafdc33be4fcf11d7e7efa1.html&st._wt=1&st.client_id=-1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/6932487 HTTP 301
https://r3zl3u.ze06oktlnk.online/go/d1an:p_k28ce7l4 HTTP 301
https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

62 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
r41rwf.ub06septjo.online/
Redirect Chain

http://bit.ly/6932487
https://r3zl3u.ze06oktlnk.online/go/d1an:p_k28ce7l4
https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

34 KB
10 KB

188ms
131ms

Document
text/html

2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bd10e2952e1f6b115f0457835a9063ea0ef1c90ac331d181bb0fcf3dee74cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMhfERZqBnVjDJDT8XrIZK93Ujdk0CHqsevC%2B0gPTkI91Vp4UnYxXgq5v5MZe49Jj2cVrDuFoUVHMc2KTOxpJhuKbWYur8FAE6EyDiZmU0BF8VDETHftk864j3%2B0teX7KQC4Qd%2B7sUI0t3ABuSyND8IIbHuskAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bd2681c8d020f5a-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 13 Dec 2021 21:50:11 GMT
content-type: text/html; charset=UTF-8
location: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
x-powered-by: CSP
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 +0000
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIk6KqAWlhJCwVINVJISTFio7BGjwbLo2M2MVmfaYL8M1tRUywpEI3mSNR2u0JmkLuFxJXtGN%2FDCXiXnNELIkCdujpnSEYzY%2FfmwCrtlk5uhIska9wEPARmjnqq8ONBLdZ3C7KLjovIy7w9DZHVaiy8UmG8JAak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bd2681b3fdf3753-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 13 KB
848 B 45ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900&subset=cyrillic

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c53d815362e2fa9f8a1a03a3fbb920e4c275c4b2b6a8a4f8108d927b169824a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 21:50:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 21:50:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 21:50:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 43ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 21:18:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 21:50:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 21:50:12 GMT

GET
H2 200 1.min.css
r41rwf.ub06septjo.online/css/ 152 KB
24 KB 129ms
127ms Stylesheet
text/css 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r41rwf.ub06septjo.online/css/1.min.css

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Jan 2021 20:51:26 GMT
server: cloudflare
etag: W/"6000aece-2606e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlceLpGO0jCq%2F%2Bm4E%2BVw1SnLXk20SVzypP06ultTg8DZOX%2Bb40sW0ezGmGJOxR4cea9T3Yk%2BB8cdpHmL3TKlmjwPUqiLlhhKnqlV9KEND4F%2B3WfOCWq6gxxslT%2FNfyK7En6pT1AH7uxVr0251FwrY4c3S8IIDMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000;
cf-ray: 6bd2681d7f1c0f5a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 3.css
r41rwf.ub06septjo.online/css/ 9 KB
2 KB 109ms
107ms Stylesheet
text/css 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r41rwf.ub06septjo.online/css/3.css

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

754e65bf08e78aeb9a0dd4ebf21d177f45eb618506472a05f9bc159c2d071893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 22 May 2021 22:51:52 GMT
server: cloudflare
etag: W/"60a98b08-2474"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RJsTwyQo4Vac4HvnjkgpgzAcQomCH7WTFfKZOlHvfgImgW81xaBcwVwFgnHBNEpAxKsO5SO8ohIwE2okR8zSaB2kAgAJB%2FGzMEsyCiqlDCW24ry3i0I6zbD3X6QGswpzF%2B2OsCI34lM5rRY0yxQee%2BPt6UOYj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000;
cf-ray: 6bd2681d7f200f5a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 4.css
r41rwf.ub06septjo.online/css/ 5 KB
1 KB 51ms
49ms Stylesheet
text/css 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r41rwf.ub06septjo.online/css/4.css

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bca156258dfccbcc54e22c3296933d59fbacb52309ec728d0061169113ca6d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Jan 2021 20:51:28 GMT
server: cloudflare
etag: W/"6000aed0-124c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3LL%2FZcWt83OnfXz8MIZHXyjG7XNjxtOFhrGcrLDlKNp8Sjhj3hasBJ7fncEoiFfn5I1%2BKNaeUM8BXCzMhjqgdJSGaR%2Fa1hHn01W%2FHJx59iiS93WWmQERCMxpVLXJFROvEcmfChK%2B34aUcz2t2DhQJz7w88jQ4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000;
cf-ray: 6bd2681d7f230f5a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 5.css
r41rwf.ub06septjo.online/css/ 7 KB
2 KB 119ms
118ms Stylesheet
text/css 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r41rwf.ub06septjo.online/css/5.css

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d592f1c585062f14b5c94145f916377badda3351026d67a5c96f95f8a6885472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Jan 2021 20:51:28 GMT
server: cloudflare
etag: W/"6000aed0-1a9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CUU32aRW4iGGSuA2AFarT4FN%2FLfwrQcKAI%2FceylPYG2d8VIxncnn97VCeuK8lWkohGkxFSJogqUqCLkr66kqUprqRgVO661%2B%2BKTaRBMx%2BK6roDwT8E29BWPl7E9oZBczWkRyaoyQgqDKOW1U%2FToe5MZ8Bapj4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000;
cf-ray: 6bd2681d7f240f5a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 2.fancybox.min.css
r41rwf.ub06septjo.online/css/ 12 KB
3 KB 113ms
112ms Stylesheet
text/css 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r41rwf.ub06septjo.online/css/2.fancybox.min.css

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Jan 2021 20:51:28 GMT
server: cloudflare
etag: W/"6000aed0-31fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZii8gDDk5LxApLb1Rv5utRN%2BON0bmJDlLGHiRnd%2FBOWt7lwYZp2aEtNHOJFxm6BbVDf0L6MWodhJ3lKn2RuwvUCHQ%2BquUyxBYREn%2Bj0Uhn%2BKmd0yJiMw03hH8m860y3eUi0UXzxkaH1jUtzBUgReLyzHOmpyXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000;
cf-ray: 6bd2681d7f270f5a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 banner.jpg
r41rwf.ub06septjo.online/img/ 67 KB
68 KB 159ms
156ms Image
image/jpeg 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/banner.jpg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c34f5e9aaad998328f956aa77088744d8a23d7f9737734e910fabca0e39c8af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 68757
last-modified: Thu, 14 Jan 2021 20:51:40 GMT
server: cloudflare
etag: "6000aedc-10c95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eroXLIb4yunrEDI0PbjE%2B%2F%2BdErHSidMiwOSTUvKojMazaxCwjtNj5eeQSQCFkK%2F0f3SbZV7a3zx0tHaGZefcIBjQ91%2Fh%2FBJcJoZAdZmdq6MFYL7CBTd6ozJmNh7sNT2BZQWafrb5grtgbiXRYh1%2BFrBmgedw6DE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bd2681d7f3b0f5a-MXP

GET
H2 200 review1.jpg
r41rwf.ub06septjo.online/img/ 16 KB
17 KB 139ms
136ms Image
image/jpeg 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/review1.jpg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f924ab142038299989753ac3d71404cfe063943d66042286ef75b690aea090af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16781
last-modified: Thu, 14 Jan 2021 20:51:46 GMT
server: cloudflare
etag: "6000aee2-418d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nh196p5G7%2B5rQlx95fXO0zCwQUIUVcEoquXPu%2FgnJLzNCYjYEUkHAePzWXtxfjhj8GVPIDuHJ0oOPNGZUXqF02c1B3JexS4980rJ%2F5fSr9CHlV3VLV%2BbMvmolwl810Ba%2F6fti8d5taHOVlHZFIobpxIEHyC19iA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bd2681d7f420f5a-MXP

GET
H2 200 review2.jpg
r41rwf.ub06septjo.online/img/ 18 KB
19 KB 130ms
127ms Image
image/jpeg 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/review2.jpg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a83df4a7309a8f8ad024b0d6fee08b8e79cc7011f5b088ded469746b6f0c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18638
last-modified: Thu, 14 Jan 2021 20:51:46 GMT
server: cloudflare
etag: "6000aee2-48ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBmqJqod%2B78NGhdbVHo0voc2P199YsjR8wvb1EE1%2FyaCQ265dMUbrPkIuSaSh0zqmdfS%2FjzAJ8mJYTwHD28Rne3u7WFBPrhXfiIEQnAb2BQN%2FCVWJse2roC4qKD8UOGADJFNiWjzrlH%2BTYBb514rMMMN2SM3Fgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bd2681d8f480f5a-MXP

GET
H2 200 review3.jpg
r41rwf.ub06septjo.online/img/ 19 KB
19 KB 139ms
136ms Image
image/jpeg 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/review3.jpg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90dc040e27d8efc25e5a351917c6693382ac776b32500fbb14496acd877478cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19218
last-modified: Thu, 14 Jan 2021 20:51:46 GMT
server: cloudflare
etag: "6000aee2-4b12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ah6AEqMSQZkklOjvPr%2B8pNh5egQjn80FAhqJsgUcklcDyuVnrFQyu9XUOkf1dcrQpJkS2u8t3mWHRAX99iDdo0Q7uKqVwbzlygXgpt4JTYK%2F47ujNVKLVvXy%2F1ID2llmGI%2BDEBXP5%2FiLZ1fWPL6I4x0UzveSbeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bd2681d8f4d0f5a-MXP

GET
H2 200 review4.jpg
r41rwf.ub06septjo.online/img/ 18 KB
18 KB 87ms
84ms Image
image/jpeg 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/review4.jpg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

351327e5d21915e5fa7618afe7c7c1b2ab9d858540f65fd46d004d4dbd17b7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17965
last-modified: Thu, 14 Jan 2021 20:51:46 GMT
server: cloudflare
etag: "6000aee2-462d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPzbDEtB5nALeMxxDPVX5qu8QjOMHyuJe3ujGCjID6vo6nCBkHYDHw5Sce3hATbZPk%2BnpId3zLmttPng%2FhhQCnRgoXDOpIg5xxsebVVSX4U177QyqEob1g%2B3qOWDa%2FO0xu2RSTJaOBTe2JrhehO1qs%2BHAPZ5Uj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bd2681d8f520f5a-MXP

GET
H2 200 review5.jpg
r41rwf.ub06septjo.online/img/ 17 KB
18 KB 139ms
137ms Image
image/jpeg 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/review5.jpg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b8831cce99974b177dee9dcf96f06c9f1d8b2e7cf67108d8b64f18526649b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17831
last-modified: Thu, 14 Jan 2021 20:51:48 GMT
server: cloudflare
etag: "6000aee4-45a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmFmwN9w9CUcemvKJfvmY6FJzAuvqOdD8%2FV1UMbXNZE3wCK22kuP7m5kz4xPkxGuWoDII112%2BdfI4BlKY3Z6veGAuuKifJSz9dw1tz0oLggwDL635FFpIg1N3BPf3MMgt6m1fwxtwDYDzQm03DTgUtd2di0WJ%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bd2681d8f550f5a-MXP

GET
H2 200 review6.jpg
r41rwf.ub06septjo.online/img/ 15 KB
15 KB 138ms
137ms Image
image/jpeg 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/review6.jpg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c808f3988b301376617c0edaafc9cb7f91aed64d416aae5aa3276b173e34c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15387
last-modified: Thu, 14 Jan 2021 20:51:48 GMT
server: cloudflare
etag: "6000aee4-3c1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJwERQ6F4KZ35vzKGkbTV9ZAs%2FbFmx1IAajPhrWq9P0xGC8cFGSZN0TI58%2F8mxO6y0EL43o4nFANG8U0Uu7zbhkjcOQDcG%2FDnpkxvoZQNhBwYUpCoc0xHAVcOeA84eswEsGnPEFKp2YRApl%2F2m7Tar%2BdG5ME3D0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bd2681d8f5a0f5a-MXP

GET
H2 200 review7.jpg
r41rwf.ub06septjo.online/img/ 14 KB
15 KB 136ms
134ms Image
image/jpeg 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/review7.jpg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d10d412fdd410262de255c6027dfa1d93c639f071c4f62ab9bb52443d9e751b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14835
last-modified: Thu, 14 Jan 2021 20:51:48 GMT
server: cloudflare
etag: "6000aee4-39f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2au1FrhYn%2Br1cqpCzgjB6zJMpX3UsDkKk3Sxuux69156kGWMgKZ34F0lx5mUZODJbzGppsiyNiLJJ82WrneQ9%2Bjk76pJI94kIHAnHXg8LtH7R8jrp%2FCMSHWPEdFACs3DjQ3w2CDT5BKhblh0pwr0ShY7ubbChY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bd2681d8f5c0f5a-MXP

GET
H2 200 email-decode.min.js Show response
r41rwf.ub06septjo.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 28ms
24ms Script
application/javascript 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r41rwf.ub06septjo.online/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Dec 2021 16:45:16 GMT
server: cloudflare
etag: W/"61b0e11c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9O5ptYmGHqqr7jw2DCcT%2FnnMI9V7RPBdOBpvwQDQlFGKdw2zdM%2FaXrpBVgQ%2FlNMdrqxSNs1Lmq0BYIg9UWd77VF8Q5%2Br0PxxG9laCbdDB1e6AmDmunGtYJ1AS4ZSIyX14UHXJeIfkjnVhP05%2FB3e8qi1A97pezg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd2681d7f2b0f5a-MXP
vary: Accept-Encoding
expires: Wed, 15 Dec 2021 21:50:12 GMT

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 36ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://r41rwf.ub06septjo.online/
Origin: https://r41rwf.ub06septjo.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1111d"
vary: Accept-Encoding
x-hw: 1639432212.dop055.fr8.t,1639432212.cds274.fr8.hn,1639432212.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 65ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://r41rwf.ub06septjo.online/
Origin: https://r41rwf.ub06septjo.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2257635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bX9Lik5DGxuynhwqihbDgw1%2FUdMoncb0mjCUsUW6PvB%2FvIwqAkzW3pL43RU4FmZlgx0NqZNCv7W2t6BzNoL2EbERJgQM1FBFQPpYg9yvra1WnGYyjy4%2B2t8lRdWuZYS2rwznuR2kYUWxYnykJ6MZ9M3q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bd2681dbbc30e22-MXP
expires: Sat, 03 Dec 2022 21:50:12 GMT

GET
H2 200 1.min.js Show response
r41rwf.ub06septjo.online/js/ 57 KB
16 KB 139ms
136ms Script
application/javascript 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r41rwf.ub06septjo.online/js/1.min.js

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Jan 2021 20:49:52 GMT
server: cloudflare
etag: W/"6000ae70-e2d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8aX8O4vz6NsKo9P%2B3Lylc2DkjBUoyR3F7YgTVeSPt3LiqF5tHu2MVgCOGVFb2Ly7pb3og2%2FzlMEr1WhUA0OYJ40xEe4GB5Fh80vqM3VBwwMkUSxOpyzGMJL6jJKDJxRumVW7RYOBkE%2F%2F2u3Pz5xCBFxeEezbaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000;
cf-ray: 6bd2681d7f310f5a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 2.fancybox.min.js Show response
r41rwf.ub06septjo.online/js/ 67 KB
22 KB 139ms
136ms Script
application/javascript 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r41rwf.ub06septjo.online/js/2.fancybox.min.js

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Jan 2021 20:49:52 GMT
server: cloudflare
etag: W/"6000ae70-10a9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hu1XmFALFGfR2hxYXGmycFIwuepMuvbchj7x%2FiVFMvdAMbeEfIaWvLfYvGKerWLviJT2llVMS%2BcoCIJQ2EVkO4KBatqLt2SxhzqTMnISg81pqets6mArsQ2xQvaJL3pMgWLQ5ZVl1zmwjw2getHliFEGILiqOJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000;
cf-ray: 6bd2681d7f360f5a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 _bu4VPNe8_U Show response
www.youtube.com/embed/ Frame 80AA 61 KB
26 KB 73ms
49ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/?hid=62ofu0mv_jj3a4q3bgse&e=1639432211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b76d712823bc0c98d4a9433cfd3e887835cd527d6b80ebd02f7a7c796fc83d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 13 Dec 2021 21:50:12 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/dc05ba20/ Frame 80AA 336 KB
46 KB 24ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc05ba20/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a60f87be1660d3c4bf03b11841588befcde06d1df82239f2c349a42d7639d232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 01:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47258
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 00:07:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Dec 2022 01:05:32 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/dc05ba20/www-embed-player.vflset/ Frame 80AA 219 KB
71 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc05ba20/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d64528c6fc3976f876b181c1ee71805228e861c874c884331fb23da005054292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 11:29:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73180
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 00:07:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Dec 2022 11:29:56 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/ Frame 80AA 2 MB
528 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4be89be4e302e91746d933d682ba89c4bb75975533583b1f2f2c45fecee48562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 21:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 540238
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 00:07:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 12 Dec 2022 21:15:49 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/dc05ba20/fetch-polyfill.vflset/ Frame 80AA 8 KB
3 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc05ba20/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 07:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 00:07:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Dec 2022 07:03:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 80AA 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 556327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 11:18:05 GMT

GET
H3 200 vk.svg
r41rwf.ub06septjo.online/img/ 966 B
1 KB 49ms
48ms Image
image/svg+xml 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/vk.svg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/css/3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/css/3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Jan 2021 20:51:48 GMT
server: cloudflare
etag: W/"6000aee4-3c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=632W0ct%2B40Gv6yAQHUECzRk%2BQAhQguo6P6%2BKJzaU1e%2FrO6WbERMMoN5buLwIIFNAvTjkiS0HMJ7mSGL1nXj%2BpYT%2FiM7cNgG7LoyExcynMoFDbddW9hHfsBthwoA8XT4Z0%2FA0t%2BVqBZ0NXNSXNJcwkyOC7NBodas%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6bd2681e6b835a37-MXP

GET
H3 200 facebook.svg
r41rwf.ub06septjo.online/img/ 287 B
873 B 49ms
49ms Image
image/svg+xml 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/facebook.svg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/css/3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/css/3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Jan 2021 20:51:42 GMT
server: cloudflare
etag: W/"6000aede-11f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBMRC%2Fxml7j1j1diKqDJGhcrKAYE5zqEm2SO8PAXTBq18%2FRivjmxaPF7lWubg8TGp5nC04uNGNBKyJyEpq98HllFHV%2F%2FyQlkwKSCqCSSDSayMoVhRqeHBqcxl5qqdygHnoQs1bQTvhd9GZ172Bn%2BeD%2B%2BnX5tUak%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6bd2681e6b8a5a37-MXP

GET
H3 200 od.svg
r41rwf.ub06septjo.online/img/ 623 B
924 B 50ms
49ms Image
image/svg+xml 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/od.svg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/css/3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2462686d344ef1fd4018b47593f655e60e8f0e31c9c6d75e78d2197c3c1f08b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/css/3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Jan 2021 20:51:44 GMT
server: cloudflare
etag: W/"6000aee0-26f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NHwK3R4JdGWur3MKM1Z%2FKKtT4jkNrUKbs7tl5wZniRddSVqWJyjdlcpRvtGTbCITN2G1z8LiCzb6UWxe7sFn5f3dCl43sDW578rRIiTf4ux7HLB7xEv1umvIBKZrNY74C%2F9bSHzqB4ugeDETbY9Cr6OYP2%2FAvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6bd2681e6b8f5a37-MXP

GET
H3 200 message.jpg
r41rwf.ub06septjo.online/img/ 4 KB
5 KB 52ms
52ms Image
image/jpeg 2606:4700:3037::6815:25d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://r41rwf.ub06septjo.online/img/message.jpg

Requested by

Host: r41rwf.ub06septjo.online
URL: https://r41rwf.ub06septjo.online/css/3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:25d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd19f0e172e9bcaff7f4bec3444ef43d1e787b4a01550a44a537b206cf884a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://r41rwf.ub06septjo.online/css/3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4217
last-modified: Thu, 14 Jan 2021 20:51:42 GMT
server: cloudflare
etag: "6000aede-1079"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l30GlmnpNS4wRdzzbrc%2Bi7kDb98mTbiITb2PwoKjf9lwYbgQrG2KcaAFuccNfUUdSrgJ2NnfUt7q3va7HYBGXR9lIWE0TGd75wVD4n%2FtyqcPBtIm4DbHVLHdaadhsScBl8sI1Z%2FXu9xoSUY%2B6bVbIJSKCbQzGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bd2681e6b965a37-MXP

GET
H3 200 JTURjIg1_i6t8kCHKm45_dJE3g3D_u50.woff2
fonts.gstatic.com/s/montserrat/v18/ 12 KB
12 KB 56ms
31ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3g3D_u50.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce6685465805e98dfd2b3633e74711102167bc0ae656c536ba35587c20aeba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r41rwf.ub06septjo.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 18:08:49 GMT
x-content-type-options: nosniff
age: 531683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12228
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 18:08:49 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 47ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700,800,900&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r41rwf.ub06septjo.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 06:44:42 GMT
x-content-type-options: nosniff
age: 313530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 06:44:42 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
9 KB 43ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r41rwf.ub06septjo.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 12:42:17 GMT
x-content-type-options: nosniff
age: 205675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 11 Dec 2022 12:42:17 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 31ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r41rwf.ub06septjo.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 524537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:07:55 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 25ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r41rwf.ub06septjo.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 503766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 01:54:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
9 KB 35ms
31ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r41rwf.ub06septjo.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 20:14:30 GMT
x-content-type-options: nosniff
age: 437742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 20:14:30 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r41rwf.ub06septjo.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 11:22:37 GMT
x-content-type-options: nosniff
age: 469655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 11:22:37 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://r41rwf.ub06septjo.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 06:27:20 GMT
x-content-type-options: nosniff
age: 314572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9500
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 06:27:20 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 80AA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

65ms
50ms

XHR
application/json

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0a46884e594808c80391a35f262b46f549a859c8224582770b61f9951ac4a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 13 Dec 2021 21:50:12 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 80AA 29 B
588 B 57ms
24ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:35:15 GMT
x-content-type-options: nosniff
age: 897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 21:50:15 GMT

GET
H2 200 rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js Show response
www.google.com/js/th/ Frame 80AA 35 KB
14 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/rWCfdBK9hkr-GeLj9QRuCso3BFcjlApMhGl7nQ6MSRw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad609f7412bd864afe19e2e3f5046e0aca37045723940a4c84697b9d0e8c491c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 11:05:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 125062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13412
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 11:05:50 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/ Frame 80AA 24 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee395a6e77d3ac6c8a619991b8e599d593b6cda70305240b83fbfb9e0e444de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 03:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7359
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 00:07:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 10 Dec 2022 03:29:13 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 80AA 81 KB
21 KB 118ms
117ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08c77d80f2e4e7c4bc913c2ff67c5f6341e87cc4fe83bba932b9f429d5eb6454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211208.02.02
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Goog-Visitor-Id: Cgs5SE9JTDN0cDh3cyiUgN-NBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21245
x-xss-protection: 0
expires: Mon, 13 Dec 2021 21:50:12 GMT

GET
DATA 200
OK truncated
/ Frame 80AA 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQ0G-7gqoyOKXO13rE0dx8locDFZf2Jxc6ioJeq=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 80AA 3 KB
4 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQ0G-7gqoyOKXO13rE0dx8locDFZf2Jxc6ioJeq=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b21cf98827b3e844ecdccf169d47f2ff057b1d010ed2bf98f421ed39a91b0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:32:00 GMT
x-content-type-options: nosniff
age: 1092
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3564
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 07 Dec 2021 00:03:53 GMT

GET
DATA 200
OK truncated
/ Frame 80AA 339 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5454260cb57fed502b6c52bd5d11d70b142ff51260e62c6ed740738c908b783

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 80AA 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 21:51:54 GMT
x-content-type-options: nosniff
age: 518298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 21:51:54 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 80AA 0
9 B 14ms
13ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?7UJ8pg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 80AA 0
19 B 15ms
15ms Ping
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&afmt=251&cpn=E0wFeH3kp_VHuTq_&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082661%2C24091243%2C24102120%2C24126456%2C24129402%2C24129451%2C24141079&cl=415375748&seq=1&event=streamingstats&docid=_bu4VPNe8_U&ei=FMC3YdfPH8jUgAe0wYpw&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211208.02.02&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.178:B,0.178:B&cmt=0.009:0.000,0.178:0.000&afs=0.177:251::i&vfs=0.178:243:243::r&view=0.178:600:460&bwe=0.178:130000&bat=0.178:1:1&vis=0.178:0&bh=0.178:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 21:50:12 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5lznez.googlevideo.com/ Frame 80AA 66 KB
67 KB 131ms
87ms XHR
video/webm 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1639453812&ei=FMC3YdfPH8jUgAe0wYpw&ip=2001%3Aac8%3A20%3A90%3A13a%3A%3A1&id=o-AJcDLibq2Z-sORo9BGuX3RAygz2dwuUXImihWKXDYnkR&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=bE&mm=31%2C29&mn=sn-4g5lznez%2Csn-4g5ednsz&ms=au%2Crdu&mv=m&mvi=2&pl=54&initcwndbps=663750&vprv=1&mime=video%2Fwebm&ns=pJmjLBDOOi5PjmXXURwXGRwG&gir=yes&clen=5658546&dur=695.333&lmt=1543939200329562&mt=1639431893&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5535432&n=sMEbWrGnIcvmQw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANhWpsXcFh8UB5IHQXSAFHDM45rBe0h1TtZuHhSIXY_PAiBdwqG_K2snEaAuhWfLtQnndnhXBRGdOaEbdTsXs-MoeQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAIxKTQn_wjQvfh0GBzglc90QJ3OAPoKplOt4DRwTGNUVAiEA792kxcZ0sCctgGu5cb3seF3FF0JnqXwT3C0fZIixt6Y%3D&alr=yes&cpn=E0wFeH3kp_VHuTq_&cver=1.20211208.02.02&range=0-67990&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d8bf363a49c03e36d50445132a89bafe27ad8f30c048ba0d149c3c79e4da6e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 21:50:12 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 67991
Last-Modified: Tue, 04 Dec 2018 16:00:00 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 13 Dec 2021 21:50:12 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5lznez.googlevideo.com/ Frame 80AA 65 KB
66 KB 112ms
69ms XHR
audio/webm 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1639453812&ei=FMC3YdfPH8jUgAe0wYpw&ip=2001%3Aac8%3A20%3A90%3A13a%3A%3A1&id=o-AJcDLibq2Z-sORo9BGuX3RAygz2dwuUXImihWKXDYnkR&itag=251&source=youtube&requiressl=yes&mh=bE&mm=31%2C29&mn=sn-4g5lznez%2Csn-4g5ednsz&ms=au%2Crdu&mv=m&mvi=2&pl=54&initcwndbps=663750&vprv=1&mime=audio%2Fwebm&ns=pJmjLBDOOi5PjmXXURwXGRwG&gir=yes&clen=11686344&dur=695.381&lmt=1543939900709121&mt=1639431893&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=sMEbWrGnIcvmQw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDREv_N30Ry-4A6PyhZu_OkgPWhtdiaUu70ZMpKjTehMCIQC_8D05c7Y4qaPIKj44oQFpnasZNBmjky_ie5gKYGbERQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAIxKTQn_wjQvfh0GBzglc90QJ3OAPoKplOt4DRwTGNUVAiEA792kxcZ0sCctgGu5cb3seF3FF0JnqXwT3C0fZIixt6Y%3D&alr=yes&cpn=E0wFeH3kp_VHuTq_&cver=1.20211208.02.02&range=0-66981&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0b9b7d4309b46e1b1c18d48fd1ceb2fc5d18245a7f655af759281aad1b97dbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 21:50:12 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66982
Last-Modified: Tue, 04 Dec 2018 16:11:40 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 13 Dec 2021 21:50:12 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/ Frame 80AA 94 KB
29 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a0c1c1dc7463f88eda873b74aa205732438c909c005b110f505bf8436fe3472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 03:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29837
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 00:07:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 10 Dec 2022 03:24:56 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/ Frame 80AA 64 KB
24 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db84df7efc08d18fee51dec5b88cb91bb640172437b6f29184407485ef87d16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 03:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24502
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 00:07:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 10 Dec 2022 03:24:56 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/ Frame 80AA 26 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a96e868dc4629816767c6deac1ac15e1b4481d2c9082f1fefaff837eb658947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 03:25:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 325507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7235
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 00:07:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 10 Dec 2022 03:25:05 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 80AA 5 KB
1 KB 142ms
141ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63db0892f3e38553a2c87c81506825bcddc2362cd886cf8487894940566c9a1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211208.02.02
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Goog-Visitor-Id: Cgs5SE9JTDN0cDh3cyiUgN-NBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1390
x-xss-protection: 0
expires: Mon, 13 Dec 2021 21:50:12 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/_bu4VPNe8_U/ Frame 80AA 23 KB
23 KB 30ms
7ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/_bu4VPNe8_U/sddefault.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0cb43e1d1f20d3c0b83a712b7397608d902877fe12021fbf0e0d5128d6f9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:32:00 GMT
x-content-type-options: nosniff
age: 1092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23180
x-xss-protection: 0
server: sffe
etag: "1551351799"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Dec 2021 23:32:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 80AA 4 KB
3 KB 52ms
28ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 21:50:12 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame 80AA 52 KB
15 KB 51ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 12:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 14 Dec 2021 12:40:30 GMT

GET
H3 200 videoplayback Show response
r2---sn-4g5lznez.googlevideo.com/ Frame 80AA 71 KB
71 KB 18ms
8ms XHR
audio/webm 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1639453812&ei=FMC3YdfPH8jUgAe0wYpw&ip=2001%3Aac8%3A20%3A90%3A13a%3A%3A1&id=o-AJcDLibq2Z-sORo9BGuX3RAygz2dwuUXImihWKXDYnkR&itag=251&source=youtube&requiressl=yes&mh=bE&mm=31%2C29&mn=sn-4g5lznez%2Csn-4g5ednsz&ms=au%2Crdu&mv=m&mvi=2&pl=54&initcwndbps=663750&vprv=1&mime=audio%2Fwebm&ns=pJmjLBDOOi5PjmXXURwXGRwG&gir=yes&clen=11686344&dur=695.381&lmt=1543939900709121&mt=1639431893&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=sMEbWrGnIcvmQw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDREv_N30Ry-4A6PyhZu_OkgPWhtdiaUu70ZMpKjTehMCIQC_8D05c7Y4qaPIKj44oQFpnasZNBmjky_ie5gKYGbERQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAIxKTQn_wjQvfh0GBzglc90QJ3OAPoKplOt4DRwTGNUVAiEA792kxcZ0sCctgGu5cb3seF3FF0JnqXwT3C0fZIixt6Y%3D&alr=yes&cpn=E0wFeH3kp_VHuTq_&cver=1.20211208.02.02&range=66982-139953&rn=3&rbuf=3795

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

163d5ccbfa640e18c376f8dd47645161ce9d8a8275dca566289c3e18299cba69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72972
client-protocol: quic
last-modified: Tue, 04 Dec 2018 16:11:40 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 13 Dec 2021 21:50:12 GMT

GET
H3 200 videoplayback Show response
r2---sn-4g5lznez.googlevideo.com/ Frame 80AA 74 KB
74 KB 9ms
9ms XHR
video/webm 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3dc1f5248f8073e4183a70e89569f1875633fa5f0af61281b689d197220da5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75701
client-protocol: quic
last-modified: Tue, 04 Dec 2018 16:00:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 13 Dec 2021 21:50:12 GMT

GET
H3 200 videoplayback Show response
r2---sn-4g5lznez.googlevideo.com/ Frame 80AA 151 KB
151 KB 9ms
8ms XHR
audio/webm 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5lznez.googlevideo.com/videoplayback?expire=1639453812&ei=FMC3YdfPH8jUgAe0wYpw&ip=2001%3Aac8%3A20%3A90%3A13a%3A%3A1&id=o-AJcDLibq2Z-sORo9BGuX3RAygz2dwuUXImihWKXDYnkR&itag=251&source=youtube&requiressl=yes&mh=bE&mm=31%2C29&mn=sn-4g5lznez%2Csn-4g5ednsz&ms=au%2Crdu&mv=m&mvi=2&pl=54&initcwndbps=663750&vprv=1&mime=audio%2Fwebm&ns=pJmjLBDOOi5PjmXXURwXGRwG&gir=yes&clen=11686344&dur=695.381&lmt=1543939900709121&mt=1639431893&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=sMEbWrGnIcvmQw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDREv_N30Ry-4A6PyhZu_OkgPWhtdiaUu70ZMpKjTehMCIQC_8D05c7Y4qaPIKj44oQFpnasZNBmjky_ie5gKYGbERQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAIxKTQn_wjQvfh0GBzglc90QJ3OAPoKplOt4DRwTGNUVAiEA792kxcZ0sCctgGu5cb3seF3FF0JnqXwT3C0fZIixt6Y%3D&alr=yes&cpn=E0wFeH3kp_VHuTq_&cver=1.20211208.02.02&range=139954-294176&rn=5&rbuf=8022

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0feeac8c2082ade4fcd1c00abf6d73c155e6aeab2c1463711ce624c53ff0012f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:12 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154223
client-protocol: quic
last-modified: Tue, 04 Dec 2018 16:11:40 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 13 Dec 2021 21:50:12 GMT

GET
H3 200 videoplayback Show response
r2---sn-4g5lznez.googlevideo.com/ Frame 80AA 190 KB
190 KB 8ms
7ms XHR
video/webm 2a00:1450:4001:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:11::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d9ed6b16158056d483b7cddcf31c2b8248f7fc2f99667aa6de274c0afacf30ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:50:14 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194914
client-protocol: quic
last-modified: Tue, 04 Dec 2018 16:00:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 13 Dec 2021 21:50:14 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 80AA 28 B
54 B 26ms
26ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/dc05ba20/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_bu4VPNe8_U?rel=0&autoplay=1
X-YouTube-Client-Version: 1.20211208.02.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs5SE9JTDN0cDh3cyiUgN-NBg%3D%3D
X-YouTube-Ad-Signals: dt=1639432212314&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C460&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 13 Dec 2021 21:50:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 13 Dec 2021 21:50:14 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 03:43:04	Name: _bit Value: lbdlOb-914cf4fc418313f1d9-00y
r3zl3u.ze06oktlnk.online/	1970-01-19 23:45:28	Name: d1an_sc_data Value: 62212c5406aa9041522c255c28a71d7a
r3zl3u.ze06oktlnk.online/	1970-01-19 23:45:28	Name: d1an_sc_hash Value: 62ofu0mv_jj3a4q3bgse
r41rwf.ub06septjo.online/	1970-01-19 23:28:11	Name: d Value: https%3A%2F%2Fr42eid.qwr2306pay.space
r41rwf.ub06septjo.online/	1970-01-19 23:28:11	Name: hash Value: 62ofu0mv_jj3a4q3bgse
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: JBd6yhmxeCs
.youtube.com/	1970-01-20 03:43:04	Name: VISITOR_INFO1_LIVE Value: 9HOIL3tp8ws

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
r2---sn-4g5lznez.googlevideo.com
r3zl3u.ze06oktlnk.online
r41rwf.ub06septjo.online
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2001:4de0:ac18::1:a:2a
2606:4700:3035::6815:31eb
2606:4700:3037::6815:25d1
2606:4700::6810:135e
2a00:1450:4001:11::7
2a00:1450:4001:808::200a
2a00:1450:4001:809::2016
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2006
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
67.199.248.10
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
08c77d80f2e4e7c4bc913c2ff67c5f6341e87cc4fe83bba932b9f429d5eb6454
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b9b7d4309b46e1b1c18d48fd1ceb2fc5d18245a7f655af759281aad1b97dbfb
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0feeac8c2082ade4fcd1c00abf6d73c155e6aeab2c1463711ce624c53ff0012f
163d5ccbfa640e18c376f8dd47645161ce9d8a8275dca566289c3e18299cba69
1ce6685465805e98dfd2b3633e74711102167bc0ae656c536ba35587c20aeba4
2462686d344ef1fd4018b47593f655e60e8f0e31c9c6d75e78d2197c3c1f08b7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
2a0c1c1dc7463f88eda873b74aa205732438c909c005b110f505bf8436fe3472
2a96e868dc4629816767c6deac1ac15e1b4481d2c9082f1fefaff837eb658947
2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34c808f3988b301376617c0edaafc9cb7f91aed64d416aae5aa3276b173e34c9
351327e5d21915e5fa7618afe7c7c1b2ab9d858540f65fd46d004d4dbd17b7dc
3dc1f5248f8073e4183a70e89569f1875633fa5f0af61281b689d197220da5da
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4be89be4e302e91746d933d682ba89c4bb75975533583b1f2f2c45fecee48562
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
63db0892f3e38553a2c87c81506825bcddc2362cd886cf8487894940566c9a1f
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b76d712823bc0c98d4a9433cfd3e887835cd527d6b80ebd02f7a7c796fc83d3
6d10d412fdd410262de255c6027dfa1d93c639f071c4f62ab9bb52443d9e751b
754e65bf08e78aeb9a0dd4ebf21d177f45eb618506472a05f9bc159c2d071893
7c34f5e9aaad998328f956aa77088744d8a23d7f9737734e910fabca0e39c8af
8d0cb43e1d1f20d3c0b83a712b7397608d902877fe12021fbf0e0d5128d6f9e8
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8ee395a6e77d3ac6c8a619991b8e599d593b6cda70305240b83fbfb9e0e444de
90dc040e27d8efc25e5a351917c6693382ac776b32500fbb14496acd877478cd
9bd10e2952e1f6b115f0457835a9063ea0ef1c90ac331d181bb0fcf3dee74cd8
a60f87be1660d3c4bf03b11841588befcde06d1df82239f2c349a42d7639d232
ad609f7412bd864afe19e2e3f5046e0aca37045723940a4c84697b9d0e8c491c
b21cf98827b3e844ecdccf169d47f2ff057b1d010ed2bf98f421ed39a91b0d02
bca156258dfccbcc54e22c3296933d59fbacb52309ec728d0061169113ca6d53
c53d815362e2fa9f8a1a03a3fbb920e4c275c4b2b6a8a4f8108d927b169824a5
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd19f0e172e9bcaff7f4bec3444ef43d1e787b4a01550a44a537b206cf884a86
d5454260cb57fed502b6c52bd5d11d70b142ff51260e62c6ed740738c908b783
d592f1c585062f14b5c94145f916377badda3351026d67a5c96f95f8a6885472
d64528c6fc3976f876b181c1ee71805228e861c874c884331fb23da005054292
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8bf363a49c03e36d50445132a89bafe27ad8f30c048ba0d149c3c79e4da6e3f
d9a83df4a7309a8f8ad024b0d6fee08b8e79cc7011f5b088ded469746b6f0c66
d9ed6b16158056d483b7cddcf31c2b8248f7fc2f99667aa6de274c0afacf30ad
db84df7efc08d18fee51dec5b88cb91bb640172437b6f29184407485ef87d16d
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b8831cce99974b177dee9dcf96f06c9f1d8b2e7cf67108d8b64f18526649b1
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0a46884e594808c80391a35f262b46f549a859c8224582770b61f9951ac4a60
f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278
f924ab142038299989753ac3d71404cfe063943d66042286ef75b690aea090af
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e

r41rwf.ub06septjo.online Open in urlscan Pro 2606:4700:3037::6815:25d1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

62 Requests

98 %HTTPS

93 %IPv6

13 Domains

15 Subdomains

14 IPs

3 Countries

1885 kBTransfer

4276 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

r41rwf.ub06septjo.online Open in urlscan Pro
2606:4700:3037::6815:25d1 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

93 %
IPv6

13
Domains

15
Subdomains

14
IPs

3
Countries

1885 kB
Transfer

4276 kB
Size

7
Cookies

62 HTTP transactions
2 data transactions