urlscan.io logo urlscan.io
SecurityTrails logo

rock.brutaserwedpe.tk Open in urlscan Pro
2606:4700:3031::6815:5092  Public Scan

Go To Rescan Add Verdict Report
URL: https://rock.brutaserwedpe.tk/
Submission: On March 01 via api from BR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 14 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3031::6815:5092, located in United States and belongs to CLOUDFLARENET, US. The main domain is rock.brutaserwedpe.tk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 27th 2020. Valid for: a year.
This is the only time rock.brutaserwedpe.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3031::6815:5092 (United States)

ASN13335 (CLOUDFLARENET, US)
rock.brutaserwedpe.tk
2    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
netdna.bootstrapcdn.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a02:26f0:6c00:284::19fe (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
images-americanas.b2w.io
1    2a03:b780:1:5:216:3eff:fe00:c1c (Czech Republic)

ASN198171 (HOSTING90 ===== UPSTREAM connectivity =====, CZ)
www.motelgilau.ro
1    31.222.66.68 (Cyprus)

ASN12678 (BADOO-U, CY)
pd1eu.badoocdn.com
1    89.35.160.42 (Romania)

ASN31554 (LANSOFT LANSOFT NETWORK, RO)
PTR: cdn.mediacx.com.160.35.89.in-addr.arpa
www.mediacx.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
7    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
9 www.youtube.com rock.brutaserwedpe.tk
www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 netdna.bootstrapcdn.com rock.brutaserwedpe.tk
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 www.mediacx.com rock.brutaserwedpe.tk
1 pd1eu.badoocdn.com rock.brutaserwedpe.tk
1 www.motelgilau.ro rock.brutaserwedpe.tk
1 images-americanas.b2w.io rock.brutaserwedpe.tk
1 code.jquery.com rock.brutaserwedpe.tk
1 rock.brutaserwedpe.tk
0 static2.escorte.net Failed rock.brutaserwedpe.tk
0 static3.escorte.net Failed rock.brutaserwedpe.tk
26 17

This site contains links to these domains. Also see Links.

Domain
twitter.com
facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-27 -
2021-11-26		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
b2wdigital.com
DigiCert SHA2 Secure Server CA		 2021-02-02 -
2022-02-06		 a year crt.sh
*.hosting90.cz
RapidSSL RSA CA 2018		 2019-03-11 -
2020-05-09		 a year crt.sh
*.badoocdn.com
R3		 2021-01-14 -
2021-04-14		 3 months crt.sh
cdn.mediacx.com
R3		 2021-01-12 -
2021-04-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
edgestatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://rock.brutaserwedpe.tk/
Frame ID: 4F139C2C55C38CA91602EF3E6FB74621
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/whan2z5AtPA
Frame ID: A2B6693E2C77FA39673F917DA4B9C559
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

26
Requests

88 %
HTTPS

88 %
IPv6

14
Domains

17
Subdomains

17
IPs

6
Countries

1145 kB
Transfer

3055 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rock.brutaserwedpe.tk/ 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rock.brutaserwedpe.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a291c979247965d262e0b61fd491e2b7c763fd63ae85cfc3740e00bcafd458

Request headers

:method
GET
:authority
rock.brutaserwedpe.tk
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:51:02 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d97700a02293dbef12e172f1d2911bd6e1614628262; expires=Wed, 31-Mar-21 19:51:02 GMT; path=/; domain=.brutaserwedpe.tk; HttpOnly; SameSite=Lax ch1c=b
cf-cache-status
DYNAMIC
cf-request-id
0890f12a5500004dee1225d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TABuG32FB%2FwqP1%2BrB%2FZJ7Bz3itJiDR44NNJLBY61P0CDVPFlN%2FdSrUDZpa%2F2KyCrrib6ekZ48ol4rAmGG1scsYVKLYnE7DxnnWbpBhVmSz1fqJr1nbXCSugFneCEfe20HZo%3D"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6294eaf088914dee-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.3.5/css/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
Requested by
Host: rock.brutaserwedpe.tk
URL: https://rock.brutaserwedpe.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rock.brutaserwedpe.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19879
jquery.js
code.jquery.com/ 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery.js
Requested by
Host: rock.brutaserwedpe.tk
URL: https://rock.brutaserwedpe.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Referer
https://rock.brutaserwedpe.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:51:02 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:08 GMT
server
nginx
etag
W/"54499a48-4508e"
vary
Accept-Encoding
x-hw
1614628262.dop224.fr8.t,1614628262.cds240.fr8.hc,1614628262.cds051.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
83875
bootstrap.min.js
netdna.bootstrapcdn.com/bootstrap/3.3.5/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Requested by
Host: rock.brutaserwedpe.tk
URL: https://rock.brutaserwedpe.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rock.brutaserwedpe.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9743
412898-TransDeea-0757962166_thumbnail.jpg
static3.escorte.net/103603/ 		0
0
399702-Lorena-0758903202_thumbnail.jpg
static2.escorte.net/100271/ 		0
0
1201511202_1GG.jpg
images-americanas.b2w.io/produtos/01/00/img/1201511/2/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-americanas.b2w.io/produtos/01/00/img/1201511/2/1201511202_1GG.jpg
Requested by
Host: rock.brutaserwedpe.tk
URL: https://rock.brutaserwedpe.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:284::19fe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
27494f97b02af66fafb8db3c21b350f958c1cd174f9b8cb4432e9c6a03b24a25

Request headers

Referer
https://rock.brutaserwedpe.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:51:02 GMT
last-modified
Mon, 01 Mar 2021 17:38:39 GMT
server
BIS
etag
72356e848d1afcd76e343357420152055329fcc830cc73acb2423fce75b51e32
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=604800
warning
38108
content-disposition
inline; filename="1201511202_1GG.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
54076
x-request-id
D5lvfwJvYHbnPgE8c-QDC
expires
Mon, 08 Mar 2021 19:51:02 GMT
Gilau-Locatie-5-of-5-960x379.jpg
www.motelgilau.ro/wp-content/uploads/2012/10/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.motelgilau.ro/wp-content/uploads/2012/10/Gilau-Locatie-5-of-5-960x379.jpg
Requested by
Host: rock.brutaserwedpe.tk
URL: https://rock.brutaserwedpe.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a03:b780:1:5:216:3eff:fe00:c1c , Czech Republic, ASN198171 (HOSTING90 ===== UPSTREAM connectivity =====, CZ),
Reverse DNS
Software
nginx /
Resource Hash
c63bd1f7e6a5282a914fa5246ba618c48f9f2b27507d69fcc782c7e6cd837f9b

Request headers

Referer
https://rock.brutaserwedpe.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:51:03 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2017 11:05:34 GMT
server
nginx
etag
W/"277f9-556642cecfb80"
vary
Accept-Encoding
content-type
image/jpeg
sz___size__.jpg
pd1eu.badoocdn.com/p47/50222/6/8/4/554857091/d1329403/t1490281110/c_fTU6SiKih0riDGB09TU9MSKvxdkaYgV5pD31tvcT.XUYnmaqiLSABw/1329403914/dfs_190x190/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd1eu.badoocdn.com/p47/50222/6/8/4/554857091/d1329403/t1490281110/c_fTU6SiKih0riDGB09TU9MSKvxdkaYgV5pD31tvcT.XUYnmaqiLSABw/1329403914/dfs_190x190/sz___size__.jpg?jpegq=80&wp=1&h=4XN
Requested by
Host: rock.brutaserwedpe.tk
URL: https://rock.brutaserwedpe.tk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.66.68 , Cyprus, ASN12678 (BADOO-U, CY),
Reverse DNS
Software
nginx /
Resource Hash
c6c7cff719f7823acfd29740bc123e74e6e3b3d3a26c35103be210225b7e9f59

Request headers

Referer
https://rock.brutaserwedpe.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 19:51:02 GMT
Vary
Accept
X-Coca-Served-By
p47m/cache0p0
Connection
keep-alive
X-Photo-Modifiers
fmt=webp, img_size=360, fit=190/190, pixelize=, blur=, crop=,-,, downscale=1, progressive=0, inter=cubic, webpq=80, jpegq=80
Content-Length
4170
X-Coca-Proxy-Host
d111m
Last-Modified
Thu, 23 Mar 2017 14:58:30 GMT
Server
nginx
X-PR-Bypass
bypass_default
ETag
"58d3e296-9c37"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/webp
Access-Control-Allow-Origin
https://badoo.com
Access-Control-Expose-Headers
Content-Type, X-Requested-With, Origin, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
Cache-Control
max-age=31536000, no-transform
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
https://badoo.com
Access-Control-Allow-Headers
Content-Type, X-Requested-With, Origin, X-Webapp-Build, X-Use-Session-Cookie, X-User-Agent, X-User-id, X-App-Version, X-Message-type, X-Desktop-web, X-Coca-Proxy-Host, X-Coca-Served-By, X-DPhotos-Mtime, X-Photo-Modifiers, X-Pingback
Expires
Tue, 01 Mar 2022 19:51:02 GMT
150-5984752_17.jpg
www.mediacx.com/escorte/upload/thumbs/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mediacx.com/escorte/upload/thumbs/150-5984752_17.jpg
Requested by
Host: rock.brutaserwedpe.tk
URL: https://rock.brutaserwedpe.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.35.160.42 , Romania, ASN31554 (LANSOFT LANSOFT NETWORK, RO),
Reverse DNS
cdn.mediacx.com.160.35.89.in-addr.arpa
Software
nginx /
Resource Hash
838bfc69ba41e86b6c4e9169c638b3a7b9dceb04fd0601ca50c359744595239e

Request headers

Referer
https://rock.brutaserwedpe.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 19:50:59 GMT
Last-Modified
Thu, 24 Oct 2019 11:12:57 GMT
Server
nginx
ETag
"5db18739-12889"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
75913
Expires
Thu, 31 Dec 2037 23:55:55 GMT
whan2z5AtPA
www.youtube.com/embed/ Frame A2B6 		51 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/whan2z5AtPA
Requested by
Host: rock.brutaserwedpe.tk
URL: https://rock.brutaserwedpe.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c7953a4abfef5a7b5a657684c590170a02c4843ebdd7a72a5fb203ccadc1eb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/whan2z5AtPA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rock.brutaserwedpe.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://rock.brutaserwedpe.tk/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 01 Mar 2021 19:51:02 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=mHTdV-DlpC0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=X86eGux0P5g; Domain=.youtube.com; Expires=Sat, 28-Aug-2021 19:51:02 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+201; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/4fe52f49/ Frame A2B6 		340 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/whan2z5AtPA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
8231
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52149
x-xss-protection
0
expires
Tue, 01 Mar 2022 17:33:52 GMT
www-embed-player.js
www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/ Frame A2B6 		157 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/whan2z5AtPA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 13:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
22752
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58416
x-xss-protection
0
expires
Tue, 01 Mar 2022 13:31:51 GMT
base.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame A2B6 		2 MB
502 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/whan2z5AtPA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
5360
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
513497
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:21:43 GMT
fetch-polyfill.js
www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/ Frame A2B6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/whan2z5AtPA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:51:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
7191
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Tue, 01 Mar 2022 17:51:12 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A2B6 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/whan2z5AtPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
314724
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10748
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:38 GMT
id
googleads.g.doubleclick.net/pagead/ Frame A2B6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/whan2z5AtPA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6058d7f940ac416366c19b1f517453bb770b0dc572f829b8b3db8698dfd9d483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 01 Mar 2021 19:51:03 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A2B6 		29 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:41:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
546
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Mon, 01 Mar 2021 19:56:57 GMT
remote.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame A2B6 		96 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64620c4b38f39b52be7567a111c31cb9a516e243c6b689564e73103c69d3c2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 09:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
38411
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32547
x-xss-protection
0
expires
Tue, 01 Mar 2022 09:10:52 GMT
5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
www.google.com/js/bg/ Frame A2B6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 14:59:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
17481
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6224
x-xss-protection
0
expires
Tue, 01 Mar 2022 14:59:42 GMT
embed.js
www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/ Frame A2B6 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 01:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 01:23:32 GMT
server
sffe
age
65968
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9681
x-xss-protection
0
expires
Tue, 01 Mar 2022 01:31:35 GMT
truncated
/ Frame A2B6 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
AAUvwni0uMy0TDKwvrbZykMS6E_No4cZfI0Vb_X7pIgp=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A2B6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwni0uMy0TDKwvrbZykMS6E_No4cZfI0Vb_X7pIgp=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/whan2z5AtPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7f41750e54b4125c53725b54fc350740e37ae4b9e47c13572915e1ebecc54944
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:12:08 GMT
x-content-type-options
nosniff
age
9535
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1865
x-xss-protection
0
server
fife
etag
"v72"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Feb 2021 12:49:47 GMT
sddefault.webp
i.ytimg.com/vi_webp/whan2z5AtPA/ Frame A2B6 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/whan2z5AtPA/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/whan2z5AtPA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc0554df2de27b81ec548618314098315b7d79217f6e17d1bd9ad639768dac27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:54:14 GMT
x-content-type-options
nosniff
server
sffe
age
7009
etag
"1511354421"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32596
x-xss-protection
0
expires
Mon, 01 Mar 2021 19:54:14 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A2B6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Mon, 01 Mar 2021 19:51:03 GMT
generate_204
www.youtube.com/ Frame A2B6 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?btp7UQ
Requested by
Host: rock.brutaserwedpe.tk
URL: https://rock.brutaserwedpe.tk/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/whan2z5AtPA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 19:51:03 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
log_event
www.youtube.com/youtubei/v1/ Frame A2B6 		28 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4fe52f49/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/whan2z5AtPA
X-YouTube-Client-Version
1.20210224.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtYODZlR3V4MFA1Zyimi_WBBg%3D%3D
X-YouTube-Ad-Signals
dt=1614628263041&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKoxxVYv6KISFRaCyT-XrJu3Y0FpNE98Uoi_PrwfdSwQ47tCR3PJIibUiqP_UfQFb-BcQxOyOvlbv6jllXs2L2QeifG3eA

Response headers

date
Mon, 01 Mar 2021 19:51:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 01 Mar 2021 19:51:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static3.escorte.net
URL
https://static3.escorte.net/103603/412898-TransDeea-0757962166_thumbnail.jpg
Domain
static2.escorte.net
URL
https://static2.escorte.net/100271/399702-Lorena-0758903202_thumbnail.jpg

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery1111022227274340009684

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: X86eGux0P5g
rock.brutaserwedpe.tk/ Name: ch1c
Value: b
.youtube.com/ Name: YSC
Value: mHTdV-DlpC0
.brutaserwedpe.tk/ Name: __cfduid
Value: d97700a02293dbef12e172f1d2911bd6e1614628262

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
images-americanas.b2w.io
netdna.bootstrapcdn.com
pd1eu.badoocdn.com
rock.brutaserwedpe.tk
static.doubleclick.net
static2.escorte.net
static3.escorte.net
www.google.com
www.gstatic.com
www.mediacx.com
www.motelgilau.ro
www.youtube.com
yt3.ggpht.com
static2.escorte.net
static3.escorte.net
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:3a
2606:4700:3031::6815:5092
2a00:1450:4001:800::200e
2a00:1450:4001:802::2003
2a00:1450:4001:808::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2002
2a02:26f0:6c00:284::19fe
2a03:b780:1:5:216:3eff:fe00:c1c
31.222.66.68
89.35.160.42
0080cb454fdee548ddf7fe5a570ec35de96ae2b2b1d5af2e178c0a717a35c423
27494f97b02af66fafb8db3c21b350f958c1cd174f9b8cb4432e9c6a03b24a25
2d619e1addf6b5ae77461e2ca5337064f47894441b8df71be6ad8fd5288a1aba
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
6058d7f940ac416366c19b1f517453bb770b0dc572f829b8b3db8698dfd9d483
64620c4b38f39b52be7567a111c31cb9a516e243c6b689564e73103c69d3c2b5
67a291c979247965d262e0b61fd491e2b7c763fd63ae85cfc3740e00bcafd458
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7f41750e54b4125c53725b54fc350740e37ae4b9e47c13572915e1ebecc54944
838bfc69ba41e86b6c4e9169c638b3a7b9dceb04fd0601ca50c359744595239e
9c7953a4abfef5a7b5a657684c590170a02c4843ebdd7a72a5fb203ccadc1eb4
b15819c89eec43f6a9f25d77a37dc02960dad46caa0dabe10699df1fccf45101
c63bd1f7e6a5282a914fa5246ba618c48f9f2b27507d69fcc782c7e6cd837f9b
c6c7cff719f7823acfd29740bc123e74e6e3b3d3a26c35103be210225b7e9f59
d3343a4e8f05ab408911f4ea5f601801208a10a7d01f3a40a65bf4c6ec3900f9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fc0554df2de27b81ec548618314098315b7d79217f6e17d1bd9ad639768dac27