urlscan.io logo urlscan.io
SecurityTrails logo

raibank.tk Open in urlscan Pro
2606:4700:3036::ac43:95c3  Public Scan

Go To Rescan Add Verdict Report
URL: http://raibank.tk/
Submission: On November 02 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 17 domains to perform 35 HTTP transactions. The main IP is 2606:4700:3036::ac43:95c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is raibank.tk.
This is the only time raibank.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 192.151.248.70 132839 (POWERLINE...)
1 2 192.151.248.176 132839 (POWERLINE...)
3 6 162.159.135.42 13335 (CLOUDFLAR...)
1 151.101.0.193 54113 (FASTLY)
1 107.180.21.54 26496 (AS-26496-...)
1 2a04:4e42:200... 54113 (FASTLY)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
35 17
2    2606:4700:3036::ac43:95c3 (United States)

ASN13335 (CLOUDFLARENET, US)
raibank.tk
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2606:4700:4400::ac40:95c0 (United States)

ASN13335 (CLOUDFLARENET, US)
i.pinimg.com
1    192.151.248.70 (United States)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)
www.hijabnour.com
2    192.151.248.176 (United States)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)
www.020xu.com
6    162.159.135.42 (None, )

ASN13335 (CLOUDFLARENET, US)
www.twinflames1111.com
1    151.101.0.193 (United States)

ASN54113 (FASTLY, US)
pm1.narvii.com
1    107.180.21.54 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 54.21.180.107.host.secureserver.net
andreamaicreative.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
8    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81c::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
Apex Domain
Subdomains		 Transfer
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
991 KB
6 twinflames1111.com
www.twinflames1111.com
183 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 207
32 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
static.doubleclick.net — Cisco Umbrella Rank: 255
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
3 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 1904
235 KB
2 020xu.com
www.020xu.com
205 B
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137
31 KB
2 raibank.tk
raibank.tk
10 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 219
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
36 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
82 KB
1 andreamaicreative.com
andreamaicreative.com
1 narvii.com
pm1.narvii.com — Cisco Umbrella Rank: 147673
72 KB
1 hijabnour.com
www.hijabnour.com
295 B
0 twinflamesdoc.com Failed
www.twinflamesdoc.com Failed
35 17
Domain Requested by
8 www.youtube.com raibank.tk
www.youtube.com
6 www.twinflames1111.com 3 redirects raibank.tk
4 jnn-pa.googleapis.com www.youtube.com
3 i.pinimg.com raibank.tk
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
2 www.020xu.com 1 redirects raibank.tk
2 maxcdn.bootstrapcdn.com raibank.tk
2 raibank.tk raibank.tk
1 www.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 code.jquery.com raibank.tk
1 andreamaicreative.com raibank.tk
1 pm1.narvii.com raibank.tk
1 www.hijabnour.com 1 redirects
0 www.twinflamesdoc.com Failed raibank.tk
35 19

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.pinimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-09 -
2024-07-09		 a year crt.sh
pm1.narvii.com
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://raibank.tk/
Frame ID: 9705B0F6CB8626998C3434F6A25C028B
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Oz7F0sjHXzk
Frame ID: 1BE5A61CD6D5363A79B3223084BD9A86
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Twin Souls - Have you met your better half?

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

71 %
HTTPS

71 %
IPv6

17
Domains

19
Subdomains

17
IPs

3
Countries

1723 kB
Transfer

4449 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://www.hijabnour.com/wp-content/uploads/2019/05/Twin-Flame-Astrology-Infographic-720x5377.jpg HTTP 302
  • http://www.020xu.com/home.php HTTP 301
  • https://www.020xu.com/home.php
Request Chain 5
  • https://www.twinflames1111.com/blog/wp-content/uploads/2017/02/twin-flame-astrology-3.jpg HTTP 301
  • https://www.twinflames1111.com/wp-content/uploads/2017/02/twin-flame-astrology-3.jpg
Request Chain 9
  • https://www.twinflames1111.com/blog/wp-content/uploads/2017/02/twin-flame-astrology-4.jpg HTTP 301
  • https://www.twinflames1111.com/wp-content/uploads/2017/02/twin-flame-astrology-4.jpg
Request Chain 10
  • https://www.twinflames1111.com/blog/wp-content/uploads/2017/02/twin-flame-astrology-2.jpg HTTP 301
  • https://www.twinflames1111.com/wp-content/uploads/2017/02/twin-flame-astrology-2.jpg
Request Chain 21
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
raibank.tk/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://raibank.tk/
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:95c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9056e0570dc5120908588cf4253ac98b2b8a345223e60333832c908329cd7b28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
81f9d9c0a908b984-AMS
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Nov 2023 05:06:51 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5RwVqpTi%2BgVLKy48qammSgotXNk4uzxXEJ6TRNEsntDdi106c5O7t8dyui9Gg87Nw9HZ%2BPTGs277tACqJ0FeJ11FUKAqPCXWBlrQuHDv8fB1dQSuo7ylO4%2FcJGELkVNc1slnkJu2w9V"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://raibank.tk/
Origin
http://raibank.tk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
755
cdn-cachedat
10/31/2023 18:48:20
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"2f624089c65f12185e79925bc5a7fc42"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
62fcdb7ebc930e2d6b649df834cfc1b0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
81f9d9c14b715c74-FRA
cdn-requestpullsuccess
True
/
raibank.tk/ 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://raibank.tk/
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
HTTP/1.1
Server
2606:4700:3036::ac43:95c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9056e0570dc5120908588cf4253ac98b2b8a345223e60333832c908329cd7b28

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 05:06:51 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhV%2FnCp%2BWgfpgDmLGtgVr1MneeWgX73dsf%2FreXSBX7q3U1GWEc9pa63pWlVsfd%2F%2B6r99sqMjIhjoOgDXVimim5WaC8Epdm1YCcizSwmNDWLaPk37Zam9Mf9lDvL7Hy1r1Sh4VMR49wj0"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
CF-RAY
81f9d9c10951b984-AMS
alt-svc
h3=":443"; ma=86400
f211b44ce301d746e8882d708eec66ec.jpg
i.pinimg.com/736x/f2/11/b4/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/f2/11/b4/f211b44ce301d746e8882d708eec66ec.jpg
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2192b4b618e353b82a928f00465944c00b56bf3993fdfa80285d76fcd8f6b26

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:52 GMT
x-cdn
cloudflare
server
cloudflare
etag
"262a7ee567c7bab39219fb51ca522463"
edge-start
1698901611768
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81f9d9c1795030f0-FRA
alt-svc
h3=":443"; ma=600
content-length
109593
origin-latency
244
home.php
www.020xu.com/
Redirect Chain
  • https://www.hijabnour.com/wp-content/uploads/2019/05/Twin-Flame-Astrology-Infographic-720x5377.jpg
  • http://www.020xu.com/home.php
  • https://www.020xu.com/home.php
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.020xu.com/home.php
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
HTTP/1.1
Server
192.151.248.176 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Redirect headers

Location
https://www.020xu.com/home.php
Date
Wed, 01 Nov 2023 21:06:31 GMT
Server
nginx/1.20.1
Connection
keep-alive
Content-Length
169
Content-Type
text/html
ffed69f18487d9512247f5c084bd6cf2.jpg
i.pinimg.com/736x/ff/ed/69/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/ff/ed/69/ffed69f18487d9512247f5c084bd6cf2.jpg
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb56427fec987ee2421fdcf9253a2ef706da134bb4bd3255028ec0dd815bb15

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:52 GMT
x-cdn
cloudflare
server
cloudflare
etag
"cef8df32154f23870e9d4e6ee4c07d7d"
edge-start
1698901611770
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81f9d9c1895330f0-FRA
alt-svc
h3=":443"; ma=600
content-length
111817
origin-latency
270
twin-flame-astrology-3.jpg
www.twinflames1111.com/wp-content/uploads/2017/02/
Redirect Chain
  • https://www.twinflames1111.com/blog/wp-content/uploads/2017/02/twin-flame-astrology-3.jpg
  • https://www.twinflames1111.com/wp-content/uploads/2017/02/twin-flame-astrology-3.jpg
67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twinflames1111.com/wp-content/uploads/2017/02/twin-flame-astrology-3.jpg
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
H3
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2cfd72530ae0ff0e6a121fe9ba5421ac3be10e946ff1aee578d2591e4b46e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:53 GMT
ki-cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,501454c6e5638ac17bce5462ae271c6d1348c31c0262a5113aced065bcebfb02
cf-cache-status
HIT
ki-edge
v=20.2.4;mv=2.4.0
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-polished
status=not_needed
cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,501454c6e5638ac17bce5462ae271c6d1348c31c0262a5113aced065bcebfb02
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
content-length
68913
last-modified
Fri, 04 Aug 2023 18:18:27 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"64cd40f3-10d31"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nReWVl5Fkl%2F3F0rz6zDxNcwvaJEx7JlaC35JI8Iyw66M3rifVHaWsSGtYf%2BSnXiWIE4g0syn2y3WCxSQ%2FtX6mmlEXUABHqxAO18ZZeLsJWd7ydCNRkpORxgBXKIcDEr0YwupItZpYpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
81f9d9c69d3a902a-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Thu, 02 Nov 2023 05:06:52 GMT
ki-cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,0f6e3829d273b76024b2a77f916f840867ddd8cf51700f23df0e2908da99f1bb
cf-cache-status
HIT
ki-edge
v=20.2.4;mv=2.4.0
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,0f6e3829d273b76024b2a77f916f840867ddd8cf51700f23df0e2908da99f1bb
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
content-length
162
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2ygueuFEyknkQ%2Ff3BvqpLgr21oNXlVbz%2FUVKqHeEwDIfx6WEkWUEGxS1dj3t%2FMMcXrMEVsw06799pMvNKJLGsquQSLmkPoBJycDLTKxoNhO%2BKDQYBpX3YWoaFI9UgqQ9BEUunGaZro%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
/wp-content/uploads/2017/02/twin-flame-astrology-3.jpg
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
81f9d9c19c543660-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
e460b0e202a2e911ba45ded2232dce7bb8921ca7v2_hq.jpg
pm1.narvii.com/6800/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pm1.narvii.com/6800/e460b0e202a2e911ba45ded2232dce7bb8921ca7v2_hq.jpg
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b24d8b703883cad31756218e8c340a2e1bf3bb5aa394170c93311635f72d7c29
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
cache-pdx12324-PDX, cache-ams21050-AMS
date
Thu, 02 Nov 2023 05:06:51 GMT
via
1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=300
last-modified
Mon, 16 Apr 2018 00:10:37 GMT
server
AmazonS3
age
2430840
x-timer
S1698901612.738767,VS0,VE1
etag
"b84b1bef67c112f3806213588c588573"
x-cache
Miss from cloudfront, HIT, HIT
content-type
image/jpeg
cache-control
s-max-age: 31536000, max-age: 31536000, public
accept-ranges
bytes
content-length
73679
x-cache-hits
14, 1
twinflames-astrology-match-natal-chart.jpg
www.twinflamesdoc.com/wp-content/uploads/2018/10/ 		0
0
96c664cbf74f646c4dacc44eb5196cd6.jpg
i.pinimg.com/474x/96/c6/64/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/474x/96/c6/64/96c664cbf74f646c4dacc44eb5196cd6.jpg
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73f3fe6c5d272887673bb0bd475aa2ce149eed96cba1893f2d539ac834c5933a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:51 GMT
x-cdn
cloudflare
server
cloudflare
etag
"20c5313af8149e5f532083c598a5f4bc"
edge-start
1698901611769
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
81f9d9c1895430f0-FRA
alt-svc
h3=":443"; ma=600
content-length
18940
origin-latency
126
twin-flame-astrology-4.jpg
www.twinflames1111.com/wp-content/uploads/2017/02/
Redirect Chain
  • https://www.twinflames1111.com/blog/wp-content/uploads/2017/02/twin-flame-astrology-4.jpg
  • https://www.twinflames1111.com/wp-content/uploads/2017/02/twin-flame-astrology-4.jpg
67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twinflames1111.com/wp-content/uploads/2017/02/twin-flame-astrology-4.jpg
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
H2
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2513a14602e5e5d22f4e1fdaa0d4faf89c833951a7ad31fc0f9a12966eb6fd99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:52 GMT
ki-cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,2f81855e52480ecc31b9cbad2b8609f3c51f3f31afd3e438267262418d7389de
cf-cache-status
HIT
ki-edge
v=20.2.4;mv=2.4.0
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-polished
status=not_needed
cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,2f81855e52480ecc31b9cbad2b8609f3c51f3f31afd3e438267262418d7389de
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
content-length
68173
last-modified
Fri, 04 Aug 2023 18:18:21 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"64cd40ed-10a4d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b22snp3gm7u3uEjG8hWtsWMM3jog9lOhNIE%2BYXJREbeD4QoEi%2Fi4Wj7vzDxVWSCAQ%2BSQ1uTccF7xPDnt%2FOwdGxFLjcl%2FQRP3CX8h6T2Hyxkjz2%2BxwN5LXBUQr9iwICJS1I03THKWmcA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
81f9d9c62f1b3660-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Thu, 02 Nov 2023 05:06:52 GMT
ki-cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,3146b46be2901bfb51a2dd9a316b55c71ac44855b5c2e4dbacba4b7c4ae4b9f4
cf-cache-status
HIT
ki-edge
v=20.2.4;mv=2.4.0
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,3146b46be2901bfb51a2dd9a316b55c71ac44855b5c2e4dbacba4b7c4ae4b9f4
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
content-length
162
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kYtheFsjwH%2B3NBXaNnuwibLfsK%2FybhmIBmzAUm%2BMUszKfQiBLGGM7WlYGboQ1ROiTVUld2cM1sDRv%2B8kxZHQaLvPZZ0xOBoNbH98Z50%2BqtzlVGfpYYvB%2Bsdnce%2BlzsLxIdH709%2FdPA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
/wp-content/uploads/2017/02/twin-flame-astrology-4.jpg
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
81f9d9c19c573660-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
twin-flame-astrology-2.jpg
www.twinflames1111.com/wp-content/uploads/2017/02/
Redirect Chain
  • https://www.twinflames1111.com/blog/wp-content/uploads/2017/02/twin-flame-astrology-2.jpg
  • https://www.twinflames1111.com/wp-content/uploads/2017/02/twin-flame-astrology-2.jpg
46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.twinflames1111.com/wp-content/uploads/2017/02/twin-flame-astrology-2.jpg
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
H3
Server
162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c871c49fd71f411e12601e885bf5209e9527d32df73cbea4d692b7021feaf52b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:53 GMT
ki-cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,6946e9daaca4c384e116eddd9700499ca40ca2033991e68b5d9180214e82f8e1
cf-cache-status
HIT
ki-edge
v=20.2.4;mv=2.4.0
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-polished
status=not_needed
cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,6946e9daaca4c384e116eddd9700499ca40ca2033991e68b5d9180214e82f8e1
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
content-length
46625
last-modified
Fri, 04 Aug 2023 18:18:28 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"64cd40f4-b621"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2cwnsa4VXB8kPmU19YEdfsXHsyxoPNKrDThF0McCf9QFONVG0exksqffee0bJjD94RQvqUK9QiEjxnmmz3aQmDS5D09X0eEu1XTokzrtt6KloI9%2BythWnZGU9PI2ZyE11a74ZgodqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
81f9d9c6fd5f902a-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date
Thu, 02 Nov 2023 05:06:52 GMT
ki-cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,defa0e86501ffe1a14905a68b132ac66ffe2f18c7c7642918853164c6436e895
cf-cache-status
HIT
ki-edge
v=20.2.4;mv=2.4.0
x-content-type-options
nosniff
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cache-tag
3870d892-ad54-4244-a6bc-34bcface36db,defa0e86501ffe1a14905a68b132ac66ffe2f18c7c7642918853164c6436e895
ki-origin
g1p
alt-svc
h3=":443"; ma=86400
content-length
162
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVcmxrS7k9Lbg22T3mL2aSTRyB0o3DvGHi6Z0bw7v4kyZ6FZToc9wQCCEFM8Euu6yhs%2BtKHp4oQOMGqYOkVPQzIiJZTLk6IGCb4oNCWoc12lVvYkOBd8C8MPOKv2KntqtTGHXMVwBUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
/wp-content/uploads/2017/02/twin-flame-astrology-2.jpg
cache-control
public, max-age=31536000, s-maxage=2592000
ki-cache-type
CDN
cf-ray
81f9d9c19c553660-FRA
ki-cf-cache-status
HIT
x-edge-location-klb
1
Andrea_Prince-940x1024.jpg
andreamaicreative.com/wp-content/uploads/2017/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://andreamaicreative.com/wp-content/uploads/2017/01/Andrea_Prince-940x1024.jpg
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
HTTP/1.1
Server
107.180.21.54 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
54.21.180.107.host.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
jquery.js
code.jquery.com/ 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery.js
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
HTTP/1.1
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://raibank.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 05:06:51 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2487155
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
83875
X-Served-By
cache-lga13621-LGA, cache-ams21068-AMS
Last-Modified
Fri, 18 Oct 1991 12:00:00 GMT
Server
nginx
X-Timer
S1698901612.710855,VS0,VE0
ETag
W/"28feccc0-4508e"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=604800
Accept-Ranges
bytes
X-Cache-Hits
80, 6375
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://raibank.tk/
Origin
http://raibank.tk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cdn-edgestorageid
874
cdn-cachedat
10/31/2023 18:51:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"c5b5b2fa19bd66ff23211d9f844e0131"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
843f38146b0dc7ac976f6b79a684cde8
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
81f9d9c15b735c74-FRA
cdn-requestpullsuccess
True
Oz7F0sjHXzk
www.youtube.com/embed/ Frame 1BE5 		91 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Oz7F0sjHXzk
Requested by
Host: raibank.tk
URL: http://raibank.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9551c2f55277068f963ce0271c73160c4c89542ac1b0b036ac4a60b8a065d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://raibank.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 02 Nov 2023 05:06:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/0b285984/ Frame 1BE5 		377 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b285984/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Oz7F0sjHXzk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Oz7F0sjHXzk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 03:44:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
4932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48897
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:55:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 01 Nov 2024 03:44:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1BE5 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Oz7F0sjHXzk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 02:58:03 GMT
x-content-type-options
nosniff
age
439728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1BE5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Oz7F0sjHXzk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:06:30 GMT
x-content-type-options
nosniff
age
558021
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:06:30 GMT
embed.js
www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/ Frame 1BE5 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Oz7F0sjHXzk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
731f6885e3fad5585b6fa119f25c3a4f28f4ea7036b6c48cae554a1b126c31f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Oz7F0sjHXzk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 02:09:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
10636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17032
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:55:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 01 Nov 2024 02:09:35 GMT
www-embed-player.js
www.youtube.com/s/player/0b285984/www-embed-player.vflset/ Frame 1BE5 		320 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b285984/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Oz7F0sjHXzk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23cd64209deba79ee3ab329d31eb8838ad83fdede8463828a702fd0fca2ac676
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Oz7F0sjHXzk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 04:44:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
1368
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98088
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:55:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 01 Nov 2024 04:44:03 GMT
base.js
www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/ Frame 1BE5 		2 MB
757 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Oz7F0sjHXzk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4564c669a80655c8b2066bb173b7abce15e3f8362660dabaaa85f9ead0305d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Oz7F0sjHXzk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
774827
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:55:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 01 Nov 2024 05:06:04 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 1BE5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Oz7F0sjHXzk
Protocol
H2
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f8e8ba63ea6cf0ec13deb21d5a9ec346d93b8dae6aa02dead23cad4adaa34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 02 Nov 2023 05:06:52 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 1BE5 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:05:08 GMT
x-content-type-options
nosniff
age
104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 02 Nov 2023 05:20:08 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 02 Nov 2023 05:06:52 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1BE5 		69 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c9de01096356e43296d20dfb687b4891909379bc1d024da55b984e13d77483c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 02 Nov 2023 05:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32163
x-xss-protection
0
remote.js
www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/ Frame 1BE5 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4b8e1f3bf00eb0c1fbf8fb9ae44acbd0f30cf75010db14bc2d4c00846116a7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Oz7F0sjHXzk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 01:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
11348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33681
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:55:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 01 Nov 2024 01:57:44 GMT
FHpo6pEqcSRgVdNkQyOrWf56osNa_SwdaUPxzrL5JrM.js
www.google.com/js/th/ Frame 1BE5 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/FHpo6pEqcSRgVdNkQyOrWf56osNa_SwdaUPxzrL5JrM.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
147a68ea912a71246055d3644323ab59fe7aa2c35afd2c1d6943f1ceb2f926b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 21:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
113520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14825
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 21:34:52 GMT
sddefault.webp
i.ytimg.com/vi_webp/Oz7F0sjHXzk/ Frame 1BE5 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/Oz7F0sjHXzk/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Oz7F0sjHXzk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92031977e6f4c5173f51350ebf2fe26cdb6fd21286f15b84da3a65f3fbd11caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:52 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36656
x-xss-protection
0
server
sffe
etag
"1570582213"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 02 Nov 2023 07:06:52 GMT
truncated
/ Frame 1BE5 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
APkrFKaCA_FoeqiiSbuRgqqp7I-B2YtRWQs3Y3Xz22ZSqQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1BE5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/APkrFKaCA_FoeqiiSbuRgqqp7I-B2YtRWQs3Y3Xz22ZSqQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Oz7F0sjHXzk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a1e01a7f3ede8f65c2c5f76e017d7d61629079f4dca3165be76d881ded4e5d1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:52 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2896
x-xss-protection
0
server
fife
etag
"ve2c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 03 Nov 2023 05:06:52 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1BE5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 02 Nov 2023 05:06:52 GMT
generate_204
www.youtube.com/ Frame 1BE5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?BTLISw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Oz7F0sjHXzk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Oz7F0sjHXzk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 05:06:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 02 Nov 2023 05:06:52 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1BE5 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
412dc55cc204a6784579432115a1ee3ae0fa2640a743e616773960a07b25a31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 02 Nov 2023 05:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 1BE5 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Goog-Request-Time
1698901614314
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Oz7F0sjHXzk
X-YouTube-Client-Version
1.20231029.00.00
X-YouTube-Time-Zone
Europe/Amsterdam
X-Goog-Visitor-Id
CgtjaW1raGdBZldqSSjr3IyqBjIICgJOTBICEgA%3D
X-YouTube-Ad-Signals
dt=1698901611919&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 02 Nov 2023 05:06:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Thu, 02 Nov 2023 05:06:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.twinflamesdoc.com
URL
https://www.twinflamesdoc.com/wp-content/uploads/2018/10/twinflames-astrology-match-natal-chart.jpg

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| jQuery111106053786918051489

3 Cookies

Domain/Path Name / Value
raibank.tk/ Name: ch1c
Value: b
.youtube.com/ Name: YSC
Value: e8IiINAnxZU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: cimkhgAfWjI

2 Console Messages

Source Level URL
Text
network error URL: https://www.twinflamesdoc.com/wp-content/uploads/2018/10/twinflames-astrology-match-natal-chart.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://andreamaicreative.com/wp-content/uploads/2017/01/Andrea_Prince-940x1024.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andreamaicreative.com
code.jquery.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.pinimg.com
i.ytimg.com
jnn-pa.googleapis.com
maxcdn.bootstrapcdn.com
pm1.narvii.com
raibank.tk
static.doubleclick.net
www.020xu.com
www.google.com
www.gstatic.com
www.hijabnour.com
www.twinflames1111.com
www.twinflamesdoc.com
www.youtube.com
yt3.ggpht.com
www.twinflamesdoc.com
107.180.21.54
151.101.0.193
162.159.135.42
192.151.248.176
192.151.248.70
2606:4700:3036::ac43:95c3
2606:4700:4400::ac40:95c0
2606:4700::6812:acf
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:81c::200e
2a00:1450:4001:81c::2016
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:831::2003
2a04:4e42:200::649
0c9de01096356e43296d20dfb687b4891909379bc1d024da55b984e13d77483c
0f2cfd72530ae0ff0e6a121fe9ba5421ac3be10e946ff1aee578d2591e4b46e7
147a68ea912a71246055d3644323ab59fe7aa2c35afd2c1d6943f1ceb2f926b3
23cd64209deba79ee3ab329d31eb8838ad83fdede8463828a702fd0fca2ac676
2513a14602e5e5d22f4e1fdaa0d4faf89c833951a7ad31fc0f9a12966eb6fd99
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f8e8ba63ea6cf0ec13deb21d5a9ec346d93b8dae6aa02dead23cad4adaa34c4
412dc55cc204a6784579432115a1ee3ae0fa2640a743e616773960a07b25a31e
4564c669a80655c8b2066bb173b7abce15e3f8362660dabaaa85f9ead0305d82
59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6bb56427fec987ee2421fdcf9253a2ef706da134bb4bd3255028ec0dd815bb15
731f6885e3fad5585b6fa119f25c3a4f28f4ea7036b6c48cae554a1b126c31f9
73f3fe6c5d272887673bb0bd475aa2ce149eed96cba1893f2d539ac834c5933a
9056e0570dc5120908588cf4253ac98b2b8a345223e60333832c908329cd7b28
92031977e6f4c5173f51350ebf2fe26cdb6fd21286f15b84da3a65f3fbd11caa
a1e01a7f3ede8f65c2c5f76e017d7d61629079f4dca3165be76d881ded4e5d1f
b2192b4b618e353b82a928f00465944c00b56bf3993fdfa80285d76fcd8f6b26
b24d8b703883cad31756218e8c340a2e1bf3bb5aa394170c93311635f72d7c29
c4b8e1f3bf00eb0c1fbf8fb9ae44acbd0f30cf75010db14bc2d4c00846116a7c
c871c49fd71f411e12601e885bf5209e9527d32df73cbea4d692b7021feaf52b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9551c2f55277068f963ce0271c73160c4c89542ac1b0b036ac4a60b8a065d58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9