urlscan.io logo urlscan.io
SecurityTrails logo

411.owncutboy.live Open in urlscan Pro
141.94.19.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://novemestopodsmrkem.sjezdcskb2019.cz/
Effective URL: https://411.owncutboy.live/flpouedo/?u=mhwp605&o=f36eruu&t=czms5&f=1&sid=t1~uyap1w5nxellu0pjsokdvusb&fp=ykn7JulrybUXMrvA%2B...
Submission: On October 04 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 32 HTTP transactions. The main IP is 141.94.19.38, located in and belongs to . The main domain is 411.owncutboy.live.
TLS certificate: Issued by R3 on September 25th 2022. Valid for: 3 months.
This is the only time 411.owncutboy.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2606:4700:3035::ac43:86f5 (United States)

ASN13335 (CLOUDFLARENET, US)
novemestopodsmrkem.sjezdcskb2019.cz
7    2607:f8b0:4006:81c::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
2    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
3    2607:f8b0:4006:81d::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    5.8.47.52 (Haarlem, Netherlands)

ASN35277 (LLHOST-INC-SRL, RO)
PTR: cname-pl-vm03.texdom.org
winprize2022.click
2    2607:f8b0:4006:81d::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:81c::2006 (Rockville, United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2607:f8b0:4006:806::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2607:f8b0:4006:80c::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    141.94.19.38 (None, )

ASN- ()
411.owncutboy.live
Apex Domain
Subdomains		 Transfer
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 90
797 KB
5 sjezdcskb2019.cz
novemestopodsmrkem.sjezdcskb2019.cz
9 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
static.doubleclick.net — Cisco Umbrella Rank: 402
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com Failed
43 KB
2 winprize2022.click
winprize2022.click
40 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 5532
1 KB
1 owncutboy.live
411.owncutboy.live
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 19
14 KB
1 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 336
0 ytimg.com Failed
i.ytimg.com Failed
0 ggpht.com Failed
yt3.ggpht.com Failed
0 Failed
function sub() { [native code] }. Failed
32 12
Domain Requested by
7 www.youtube.com novemestopodsmrkem.sjezdcskb2019.cz
www.youtube.com
5 novemestopodsmrkem.sjezdcskb2019.cz novemestopodsmrkem.sjezdcskb2019.cz
3 fonts.gstatic.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 winprize2022.click novemestopodsmrkem.sjezdcskb2019.cz
winprize2022.click
2 counter.yadro.ru 1 redirects
1 411.owncutboy.live winprize2022.click
411.owncutboy.live
1 www.google.com www.youtube.com
1 jnn-pa.googleapis.com www.youtube.com
1 static.doubleclick.net www.youtube.com
0 www.gstatic.com Failed www.youtube.com
0 i.ytimg.com Failed www.youtube.com
0 yt3.ggpht.com Failed www.youtube.com
0 Failed novemestopodsmrkem.sjezdcskb2019.cz
32 14

This site contains no links.

Subject Issuer Validity Valid
*.sjezdcskb2019.cz
E1		 2022-08-13 -
2022-11-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
winprize2022.click
R3		 2022-08-11 -
2022-11-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.owncutboy.live
R3		 2022-09-25 -
2022-12-24		 3 months crt.sh

This page contains 3 frames:

Frame: https://411.owncutboy.live/web/?sid=t1~uyap1w5nxellu0pjsokdvusb
Frame ID: 972C7F39D2321634FC78B9C82BE80C44
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Np8CRTz9tNA
Frame ID: 8E5188D0F505F71EB6EE298DE77FD535
Requests: 21 HTTP requests in this frame

Frame: https://winprize2022.click/media/mainstream/frame.html
Frame ID: A96529F7522517D32D81DB8C2FCB0532
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://novemestopodsmrkem.sjezdcskb2019.cz/ Page URL
  2. https://winprize2022.click/?u=mhwp605&o=f36eruu&t=czms5 Page URL
  3. https://411.owncutboy.live/flpouedo/?u=mhwp605&o=f36eruu&t=czms5&f=1&sid=t1~uyap1w5nxellu0pjsokdvusb&fp... Page URL

Page Statistics

32
Requests

63 %
HTTPS

70 %
IPv6

12
Domains

14
Subdomains

11
IPs

3
Countries

906 kB
Transfer

3096 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://novemestopodsmrkem.sjezdcskb2019.cz/ Page URL
  2. https://winprize2022.click/?u=mhwp605&o=f36eruu&t=czms5 Page URL
  3. https://411.owncutboy.live/flpouedo/?u=mhwp605&o=f36eruu&t=czms5&f=1&sid=t1~uyap1w5nxellu0pjsokdvusb&fp=ykn7JulrybUXMrvA%2BH05GnIfwOpV0w2%2BDHeH6x5tZ4YDJdL%2Br26bHidG1cIOXR6qq5TTcPgDhZjkinRHgZihx%2BlMSHqGC8nxWK%2FEWy1J8ByWpZTIrKiAFWaWpeBKQJuYQZREUI4Uizu4g7yFbFWv4jm%2BdoFrNbNkyV4%2BrBKD3OVjnmsaCtIUrzWSUjonyDr%2BtjMUtjjKxGTNxMwYWzWveiYvLBve65X3n02ugElJblJ%2FcVpskAi5yomWIWoXxXbhJFlpQFe2W4wNFwVCIxYN7bO3Bil2XZqcQzwm2rilmmzg3FE2svyprVW3bRWmI2e6GD6UDdyPzCuw7CCTI%2BaRqa6dvDeghPx3hkfm88%2BnK%2BImIclP6rBb%2Btx%2FwEckkRAq6SaK5dSbejQuTNd7NbeLm4adBQFyRnSZS%2FsQto0hskRLP7f89E5IIZ3v5PAQ8m%2FGz1PdCYT%2B1Y2yYopOTLCaywUPsR18hCTQJbZ23MI7al%2BsaU8R5G8kqq%2FraqSPCcK4YAjZKTFq2%2F4xWU2OnbNP4ICIH8zg4DqiN0quHzcPZgMNh0g%2F2sHg%2BIVWiGtMdcFmyhJObdHODnMQubnPhZ3ZA4BPazFRPPALDcMLdtJWl4lU75zQ78zHHEJt%2BcXvAzFmEYdGgIEqpuylpjRrReZWbNGHOakEoNjVWa2LwgAMpcSgdM8rc1LblKHFpsEGam6sUY7qC98PSKKLPyKEkdWes54SfRwLrzFOX%2B2YidjEJy5AkM35l5nVk1OIgQSWWA4rBAKrM9KFgTrsxDfR5lAVI1iyXD%2BD9Fuobtyc4AToDxdJsZEmxJ9Rpu7nSUZUI8OX3YBETC8mfBjYr7vIW6v%2BMYkhbCn1Z3%2FRqY07o4EQRboHAXv7HSgkaPmNqFvCKTnAKstlf82ETZWBwm%2Fj%2FKqrhX%2B5ayroHjGOPQfE4wT7sD9GNUXkRLb5jQnvVOIsy1m5uc8Y4j53rLyvh0%2Bt9xfq%2BxpQ8ccYLLFMoD06QDgp3hi1qyYw51NQEAAnApNrL8518R7otvUTyqK5AFl2KSrfCW%2Fs46vRbV3n6kS1aPhQVXdhLtLn48vVIWTwU9PAiQ7RaqXkEcw031DuSgYdvj5pguMyEwrk7vh6O2zv%2F%2FJKZ8W76kozyji%2F4ojCECW9yhwE%2FQA0%2FdbQyWIvhXYAqiF24uJJ1KuQlliZ6ul5iC5olyB%2BoHl6YmK21lHHO%2BnAFpNSWXJbdnf2xvGE%2FaoEJsDWQeXpj03PEluDwi%2F%2FfHejj2Oh8g8sNByOgH6OZVRTk%2FrnVSZfHAxH7RIkKO8OH69As6IxEe6aOXEthRKZ5drCcgjPO%2Bv2%2B6YDBVe%2FAEHznofgANFrs4QXEiHn0v%2Bby%2FJui8SW5Ogc8I7QvspaAMukkYRtFi273B7%2FazjfWnn4%2BDo9DbRBBflnFvNtA2gel6YFiiN09t0rVbvsQnY3IVEbKknlbMxDW27Giz0evVTgqzrQKV9467hD2FVl0Th3OReNMP5K60tNIh1tlUeQv46SnM7obmvGy0lSPEWinC8ot%2BuenwVPhgP0tKOWUrm7AEanDBB7b%2FBPU3iYFbjHnSRI8hQrhbEyPifb2KltkXojnNX2YbJmV%2B4UTuPGymVyUcoxD8iJZjUamnVQfKej1wPO3B5jqt%2BWSfNDDze9qsauQyiZHHBp1C95X5fjryWzVny6fmFKCBxarDCzQl%2FnORmhP5fY55%2FNrhQVuJCUwPIKZ3wECzrmP%2F7Xq7ZbZzZpq9a6n8ZJhK8S%2Bz2k3PMK5QsRrxS32g%2Bl76sbxNR2zKZnwphJbKRlBgcjxxK%2BERfsePnTE0oe0bqYLs59bwS5tc%2ByOIvtQPbEtv4K7hlCK0cZ%2BQ3XKgOYTxR3j9DP2wniNt4irlK6%2FaLWpZZZgkfk848FBQe8%2B9bsba6mLZoKm%2FYdYEN0ipqNEQV2yCYynsCG09UlBZFcc12vDqWb7xKY08I9CMeAxMcqA8mzlURmgIYMjmnRPFFJ0pc646OE%2FR%2F6gULeOKttvIcJDE5S%2Fnm2SzDfTa0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://counter.yadro.ru/hit;czms5?t44.6;r;s1600*1200*24;uhttp%3A//novemestopodsmrkem.sjezdcskb2019.cz/;hUkazky%20gymnazium%20j.m.hurbana%20osemrocne%20sjezdcskb2019.cz;0.6251180816879465 HTTP 302
  • https://counter.yadro.ru/hit;czms5?q;t44.6;r;s1600*1200*24;uhttp%3A//novemestopodsmrkem.sjezdcskb2019.cz/;hUkazky%20gymnazium%20j.m.hurbana%20osemrocne%20sjezdcskb2019.cz;0.6251180816879465
Request Chain 16
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
novemestopodsmrkem.sjezdcskb2019.cz/ 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://novemestopodsmrkem.sjezdcskb2019.cz/
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:86f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c102f44d07b073bc8fc35aaa74e78d1bf1a20d23998fb84266ca96574517ed4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
754d9faf19a5da1f-MIA
Connection
keep-alive
Content-Encoding
gzip
Content-Language
cs
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 Oct 2022 11:37:07 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyPq%2F%2FkHTSf2WGEwSjd%2BSrFHC4RMiPVASfm7bqAg8LdXzQfq%2BhvChM%2Bj9V8IqFtRNr%2BR%2F%2BxTgJBJ8zvl13cIb1KusdfCmMvDEt49aLWeKtfHwRmL98JEirLkjTvn2X7GHyKXhVLou99kcszDjrk8m93%2BHF411I0BN1klm2sqYY6vsw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e601961e568587c02517ef542b648af4866e8fa329c6c565f974cfa54623a9d7
/ 		0
0
email-decode.min.js
novemestopodsmrkem.sjezdcskb2019.cz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://novemestopodsmrkem.sjezdcskb2019.cz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: novemestopodsmrkem.sjezdcskb2019.cz
URL: http://novemestopodsmrkem.sjezdcskb2019.cz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:86f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
http://novemestopodsmrkem.sjezdcskb2019.cz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:37:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Sep 2022 11:11:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633188f8-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUrzWS%2F6pUgj1WE5%2B%2FA1hkyd%2FDIdi9JqD5Lm6LDP5yh5E5dDHz1w7lLHtBL%2BPpNNR64%2BaAnkYCEZkiBe5WewSD5MkCTKvfHH7OntYWj2k1sjjLDQ7dQncMJ8ijctVzan6Uf9JVbsld%2Ff4rM0pbzt1Z8gbFPWRb%2FNIsE%2Bg%2BlIoeRkVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
754d9fb07d1367cf-MIA
expires
Thu, 06 Oct 2022 11:37:07 GMT
huyoxxs.js
novemestopodsmrkem.sjezdcskb2019.cz/ 		1020 B
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://novemestopodsmrkem.sjezdcskb2019.cz/huyoxxs.js?0.45379034503109694&q=VWthemt5IGd5bW5heml1bSBqLm0uaHVyYmFuYSBvc2Vtcm9jbmU=
Requested by
Host: novemestopodsmrkem.sjezdcskb2019.cz
URL: http://novemestopodsmrkem.sjezdcskb2019.cz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:86f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
006a448d9da399a2da2347c816ee0bb912e060683e1059e80263c5ad34fa785b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://novemestopodsmrkem.sjezdcskb2019.cz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:37:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Oct 2022 11:37:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zqs4rcaC9IchF1A594XBBAAQMXYY3yyVwScF6XbviXsVHsPaZFjdjxGsAi8%2BByBODwqFVN2dgA8sQB5HIrRfLifo%2FK%2FOayR6ieWlHAJd44hc25LZ9E%2Fn1A4E%2BijpeV7bRR5JOc5bBmtad0XYgq9vC%2B860djK%2FPSyMxipNyQMbaDrqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
754d9fb07d1567cf-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Np8CRTz9tNA
www.youtube.com/embed/ Frame 8E51 		68 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Np8CRTz9tNA
Requested by
Host: novemestopodsmrkem.sjezdcskb2019.cz
URL: http://novemestopodsmrkem.sjezdcskb2019.cz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d424f1ac60b0b4a8ddf4fcd2df68fd9897528f6c2ad7d91480a2c22ae55eafd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://novemestopodsmrkem.sjezdcskb2019.cz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Tue, 04 Oct 2022 11:37:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
http://novemestopodsmrkem.sjezdcskb2019.cz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
hit;czms5
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;czms5?t44.6;r;s1600*1200*24;uhttp%3A//novemestopodsmrkem.sjezdcskb2019.cz/;hUkazky%20gymnazium%20j.m.hurbana%20osemrocne%20sjezdcskb2019.cz;0.6251180816879465
  • https://counter.yadro.ru/hit;czms5?q;t44.6;r;s1600*1200*24;uhttp%3A//novemestopodsmrkem.sjezdcskb2019.cz/;hUkazky%20gymnazium%20j.m.hurbana%20osemrocne%20sjezdcskb2019.cz;0.6251180816879465
132 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;czms5?q;t44.6;r;s1600*1200*24;uhttp%3A//novemestopodsmrkem.sjezdcskb2019.cz/;hUkazky%20gymnazium%20j.m.hurbana%20osemrocne%20sjezdcskb2019.cz;0.6251180816879465
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
http://novemestopodsmrkem.sjezdcskb2019.cz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 11:37:08 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
132
Expires
Sun, 03 Oct 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 04 Oct 2022 11:37:08 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit;czms5?q;t44.6;r;s1600*1200*24;uhttp%3A//novemestopodsmrkem.sjezdcskb2019.cz/;hUkazky%20gymnazium%20j.m.hurbana%20osemrocne%20sjezdcskb2019.cz;0.6251180816879465
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sun, 03 Oct 2021 21:00:00 GMT
nasbwaz.gif
novemestopodsmrkem.sjezdcskb2019.cz/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://novemestopodsmrkem.sjezdcskb2019.cz/nasbwaz.gif?ref=&url=http%3A//novemestopodsmrkem.sjezdcskb2019.cz/&scr=1600x1200&q=1664883427&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/106.0.5249.91%20Safari/537.36&0.9636759919216458
Requested by
Host: novemestopodsmrkem.sjezdcskb2019.cz
URL: http://novemestopodsmrkem.sjezdcskb2019.cz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:86f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://novemestopodsmrkem.sjezdcskb2019.cz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
www-player.css
www.youtube.com/s/player/374003a5/ Frame 8E51 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Np8CRTz9tNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Np8CRTz9tNA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:16:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
76867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50019
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:16:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8E51 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Np8CRTz9tNA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:41:34 GMT
x-content-type-options
nosniff
age
604534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 27 Sep 2023 11:41:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8E51 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Np8CRTz9tNA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
349950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Sep 2023 10:24:38 GMT
www-embed-player.js
www.youtube.com/s/player/374003a5/www-embed-player.vflset/ Frame 8E51 		305 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Np8CRTz9tNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Np8CRTz9tNA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
74921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97205
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:48:27 GMT
base.js
www.youtube.com/s/player/374003a5/player_ias.vflset/en_US/ Frame 8E51 		2 MB
578 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Np8CRTz9tNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Np8CRTz9tNA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:16:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
76867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
591773
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:16:01 GMT
fetch-polyfill.js
www.youtube.com/s/player/374003a5/fetch-polyfill.vflset/ Frame 8E51 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Np8CRTz9tNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Np8CRTz9tNA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
74921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:48:27 GMT
kulgkld.js
novemestopodsmrkem.sjezdcskb2019.cz/ 		519 B
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://novemestopodsmrkem.sjezdcskb2019.cz/kulgkld.js?get=1&q=1664883427&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/106.0.5249.91%20Safari/537.36&0.7638902166993453
Requested by
Host: novemestopodsmrkem.sjezdcskb2019.cz
URL: https://novemestopodsmrkem.sjezdcskb2019.cz/huyoxxs.js?0.45379034503109694&q=VWthemt5IGd5bW5heml1bSBqLm0uaHVyYmFuYSBvc2Vtcm9jbmU=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:86f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://novemestopodsmrkem.sjezdcskb2019.cz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:37:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 04 Oct 2022 11:37:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWh%2F0XfAhHPtnCBvhjTdaIoslH0p01CzQcflkzucZbk06%2FPDZq0N8Nk7NqnfBP52v5wEop2QPtVAvPrHXupFvtpWHm42F2ZpwPbyd9utGA%2Fy%2FIntkVWqkBYzZyh2hUAmo6jPA360X%2Fh0Q89tFbfsy%2FGjt8h1ECiAG6d1mO2De%2B4QeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
754d9fb2e832ef1e-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
winprize2022.click/ 		88 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winprize2022.click/?u=mhwp605&o=f36eruu&t=czms5
Requested by
Host: novemestopodsmrkem.sjezdcskb2019.cz
URL: http://novemestopodsmrkem.sjezdcskb2019.cz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.8.47.52 Haarlem, Netherlands, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS
cname-pl-vm03.texdom.org
Software
nginx /
Resource Hash
db8c85cba981d4ccf0248e7bdafe7e4ba1142e467ffcc64895fa6b1c896f9a20

Request headers

Referer
http://novemestopodsmrkem.sjezdcskb2019.cz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
40401
Content-Type
text/html
Date
Tue, 04 Oct 2022 11:37:09 GMT
Server
nginx
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
id
googleads.g.doubleclick.net/pagead/ Frame 8E51
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Np8CRTz9tNA
Protocol
H3
Server
2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 04 Oct 2022 11:37:09 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8E51 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 11:27:16 GMT
x-content-type-options
nosniff
age
593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Oct 2022 11:42:16 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 04 Oct 2022 11:37:09 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8E51 		0
0
remote.js
www.youtube.com/s/player/374003a5/player_ias.vflset/en_US/ Frame 8E51 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Np8CRTz9tNA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:16:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
76867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:16:01 GMT
VM1LbcxuQZ7urdjSm15-Kft2IdlldgxYJTjOL3p1Mjw.js
www.google.com/js/th/ Frame 8E51 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/VM1LbcxuQZ7urdjSm15-Kft2IdlldgxYJTjOL3p1Mjw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 03:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
288440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14098
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Oct 2023 03:29:49 GMT
embed.js
www.youtube.com/s/player/374003a5/player_ias.vflset/en_US/ Frame 8E51 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/Np8CRTz9tNA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
74921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8068
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:48:27 GMT
truncated
/ Frame 8E51 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu-JOii0PseUFJFt1NodhAIexUWr2zs8_p4-uw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8E51 		0
0
sddefault.webp
i.ytimg.com/vi_webp/Np8CRTz9tNA/ Frame 8E51 		0
0
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8E51 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Np8CRTz9tNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 23:09:35 GMT
x-content-type-options
nosniff
age
390454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Sep 2023 23:09:35 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 8E51 		0
0
generate_204
www.youtube.com/ Frame 8E51 		0
0
atr
www.youtube.com/api/stats/ Frame 8E51 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame 8E51 		0
0
frame.html
winprize2022.click/media/mainstream/ Frame A965 		39 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://winprize2022.click/media/mainstream/frame.html
Requested by
Host: winprize2022.click
URL: https://winprize2022.click/?u=mhwp605&o=f36eruu&t=czms5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.8.47.52 Haarlem, Netherlands, ASN35277 (LLHOST-INC-SRL, RO),
Reverse DNS
cname-pl-vm03.texdom.org
Software
nginx /
Resource Hash

Request headers

Referer
https://winprize2022.click/?u=mhwp605&o=f36eruu&t=czms5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-transform
Connection
keep-alive
Content-Length
39
Content-Type
text/html
Date
Tue, 04 Oct 2022 11:37:09 GMT
ETag
"60a50ff7-27"
Last-Modified
Wed, 19 May 2021 13:17:43 GMT
Server
nginx
Vary
Accept-Encoding
Primary Request /
411.owncutboy.live/flpouedo/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://411.owncutboy.live/flpouedo/?u=mhwp605&o=f36eruu&t=czms5&f=1&sid=t1~uyap1w5nxellu0pjsokdvusb&fp=ykn7JulrybUXMrvA%2BH05GnIfwOpV0w2%2BDHeH6x5tZ4YDJdL%2Br26bHidG1cIOXR6qq5TTcPgDhZjkinRHgZihx%2BlMSHqGC8nxWK%2FEWy1J8ByWpZTIrKiAFWaWpeBKQJuYQZREUI4Uizu4g7yFbFWv4jm%2BdoFrNbNkyV4%2BrBKD3OVjnmsaCtIUrzWSUjonyDr%2BtjMUtjjKxGTNxMwYWzWveiYvLBve65X3n02ugElJblJ%2FcVpskAi5yomWIWoXxXbhJFlpQFe2W4wNFwVCIxYN7bO3Bil2XZqcQzwm2rilmmzg3FE2svyprVW3bRWmI2e6GD6UDdyPzCuw7CCTI%2BaRqa6dvDeghPx3hkfm88%2BnK%2BImIclP6rBb%2Btx%2FwEckkRAq6SaK5dSbejQuTNd7NbeLm4adBQFyRnSZS%2FsQto0hskRLP7f89E5IIZ3v5PAQ8m%2FGz1PdCYT%2B1Y2yYopOTLCaywUPsR18hCTQJbZ23MI7al%2BsaU8R5G8kqq%2FraqSPCcK4YAjZKTFq2%2F4xWU2OnbNP4ICIH8zg4DqiN0quHzcPZgMNh0g%2F2sHg%2BIVWiGtMdcFmyhJObdHODnMQubnPhZ3ZA4BPazFRPPALDcMLdtJWl4lU75zQ78zHHEJt%2BcXvAzFmEYdGgIEqpuylpjRrReZWbNGHOakEoNjVWa2LwgAMpcSgdM8rc1LblKHFpsEGam6sUY7qC98PSKKLPyKEkdWes54SfRwLrzFOX%2B2YidjEJy5AkM35l5nVk1OIgQSWWA4rBAKrM9KFgTrsxDfR5lAVI1iyXD%2BD9Fuobtyc4AToDxdJsZEmxJ9Rpu7nSUZUI8OX3YBETC8mfBjYr7vIW6v%2BMYkhbCn1Z3%2FRqY07o4EQRboHAXv7HSgkaPmNqFvCKTnAKstlf82ETZWBwm%2Fj%2FKqrhX%2B5ayroHjGOPQfE4wT7sD9GNUXkRLb5jQnvVOIsy1m5uc8Y4j53rLyvh0%2Bt9xfq%2BxpQ8ccYLLFMoD06QDgp3hi1qyYw51NQEAAnApNrL8518R7otvUTyqK5AFl2KSrfCW%2Fs46vRbV3n6kS1aPhQVXdhLtLn48vVIWTwU9PAiQ7RaqXkEcw031DuSgYdvj5pguMyEwrk7vh6O2zv%2F%2FJKZ8W76kozyji%2F4ojCECW9yhwE%2FQA0%2FdbQyWIvhXYAqiF24uJJ1KuQlliZ6ul5iC5olyB%2BoHl6YmK21lHHO%2BnAFpNSWXJbdnf2xvGE%2FaoEJsDWQeXpj03PEluDwi%2F%2FfHejj2Oh8g8sNByOgH6OZVRTk%2FrnVSZfHAxH7RIkKO8OH69As6IxEe6aOXEthRKZ5drCcgjPO%2Bv2%2B6YDBVe%2FAEHznofgANFrs4QXEiHn0v%2Bby%2FJui8SW5Ogc8I7QvspaAMukkYRtFi273B7%2FazjfWnn4%2BDo9DbRBBflnFvNtA2gel6YFiiN09t0rVbvsQnY3IVEbKknlbMxDW27Giz0evVTgqzrQKV9467hD2FVl0Th3OReNMP5K60tNIh1tlUeQv46SnM7obmvGy0lSPEWinC8ot%2BuenwVPhgP0tKOWUrm7AEanDBB7b%2FBPU3iYFbjHnSRI8hQrhbEyPifb2KltkXojnNX2YbJmV%2B4UTuPGymVyUcoxD8iJZjUamnVQfKej1wPO3B5jqt%2BWSfNDDze9qsauQyiZHHBp1C95X5fjryWzVny6fmFKCBxarDCzQl%2FnORmhP5fY55%2FNrhQVuJCUwPIKZ3wECzrmP%2F7Xq7ZbZzZpq9a6n8ZJhK8S%2Bz2k3PMK5QsRrxS32g%2Bl76sbxNR2zKZnwphJbKRlBgcjxxK%2BERfsePnTE0oe0bqYLs59bwS5tc%2ByOIvtQPbEtv4K7hlCK0cZ%2BQ3XKgOYTxR3j9DP2wniNt4irlK6%2FaLWpZZZgkfk848FBQe8%2B9bsba6mLZoKm%2FYdYEN0ipqNEQV2yCYynsCG09UlBZFcc12vDqWb7xKY08I9CMeAxMcqA8mzlURmgIYMjmnRPFFJ0pc646OE%2FR%2F6gULeOKttvIcJDE5S%2Fnm2SzDfTa0%3D
Requested by
Host: winprize2022.click
URL: https://winprize2022.click/?u=mhwp605&o=f36eruu&t=czms5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.94.19.38 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://winprize2022.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
1095
Content-Type
text/html
Date
Tue, 04 Oct 2022 11:37:12 GMT
Server
nginx
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
/
411.owncutboy.live/web/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL
x-raw-image:///e601961e568587c02517ef542b648af4866e8fa329c6c565f974cfa54623a9d7
Domain
jnn-pa.googleapis.com
URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Domain
yt3.ggpht.com
URL
https://yt3.ggpht.com/ytc/AMLnZu-JOii0PseUFJFt1NodhAIexUWr2zs8_p4-uw=s68-c-k-c0x00ffffff-no-rj
Domain
i.ytimg.com
URL
https://i.ytimg.com/vi_webp/Np8CRTz9tNA/sddefault.webp
Domain
www.gstatic.com
URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Domain
www.youtube.com
URL
https://www.youtube.com/generate_204?Xtt2Gg
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=EzKcskmCC-YoV8-Y&ver=2&cmt=0&fs=0&rt=0&euri=http%3A%2F%2Fnovemestopodsmrkem.sjezdcskb2019.cz%2F&lact=454&cl=478376401&mos=0&volume=100&cbr=Chrome&cbrver=106.0.5249.91&c=WEB_EMBEDDED_PLAYER&cver=1.20221002.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=en_US&cr=US&len=214&fexp=23848210%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24198082%2C24219382%2C24226335%2C24248385%2C24249176%2C24255165%2C24277989%2C24278546%2C24279627%2C24283280%2C24289901%2C24290131%2C24290147%2C24298640%2C24298651%2C39322399&muted=0&docid=Np8CRTz9tNA
Domain
www.youtube.com
URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Domain
411.owncutboy.live
URL
https://411.owncutboy.live/web/?sid=t1~uyap1w5nxellu0pjsokdvusb

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

7 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 9s6fvmqc-2I
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: FgdmEqFZ_H8
.yadro.ru/ Name: FTID
Value: 1ZF1ha3HfPOP1ZF1ha001Rdl
.yadro.ru/ Name: VID
Value: 1kFAQi1AzMeP1ZF1ha0015YB
winprize2022.click/ Name: sid
Value: t1~uyap1w5nxellu0pjsokdvusb
winprize2022.click/ Name: p1
Value: https://owncutboy.live/flpouedo/
winprize2022.click/ Name: s1
Value: 0hbobuel6lw45ew4

2 Console Messages

Source Level URL
Text
network error URL: x-raw-image:///e601961e568587c02517ef542b648af4866e8fa329c6c565f974cfa54623a9d7
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network error URL: https://novemestopodsmrkem.sjezdcskb2019.cz/nasbwaz.gif?ref=&url=http%3A//novemestopodsmrkem.sjezdcskb2019.cz/&scr=1600x1200&q=1664883427&s=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/106.0.5249.91%20Safari/537.36&0.9636759919216458
Message:
Failed to load resource: the server responded with a status of 404 ()