urlscan.io logo urlscan.io
SecurityTrails logo

www.ohmy3.site.nfoservers.com Open in urlscan Pro
72.5.53.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.ohmy3.site.nfoservers.com/
Submission: On July 03 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 39 HTTP transactions. The main IP is 72.5.53.10, located in Seattle, United States and belongs to NUCLEARFALLOUT-SEA, US. The main domain is www.ohmy3.site.nfoservers.com.
TLS certificate: Issued by R3 on May 4th 2021. Valid for: 3 months.
This is the only time www.ohmy3.site.nfoservers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    72.5.53.10 (Seattle, United States)

ASN32751 (NUCLEARFALLOUT-SEA, US)
PTR: hosted7.nfoservers.com
www.ohmy3.site.nfoservers.com
ohmyctf.com
ohmy3.site.nfoservers.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
3    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.paypalobjects.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2606:4700::6810:1d09 (United States)

ASN13335 (CLOUDFLARENET, US)
cache.gametracker.com
image.gametracker.com
8    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
Domain Requested by
11 ohmyctf.com www.ohmy3.site.nfoservers.com
8 www.youtube.com www.ohmy3.site.nfoservers.com
www.youtube.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 secure.gravatar.com www.ohmy3.site.nfoservers.com
3 cache.gametracker.com www.ohmy3.site.nfoservers.com
cache.gametracker.com
3 www.paypalobjects.com www.ohmy3.site.nfoservers.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.paypal.com 2 redirects
1 image.gametracker.com cache.gametracker.com
1 static.doubleclick.net www.youtube.com
1 ohmy3.site.nfoservers.com www.ohmy3.site.nfoservers.com
1 fonts.googleapis.com www.ohmy3.site.nfoservers.com
1 www.ohmy3.site.nfoservers.com
39 13

This site contains links to these domains. Also see Links.

Domain
ohmyctf.com
www.teamspeak.com
wordpress.org
Subject Issuer Validity Valid
www.ohmy3.site.nfoservers.com
R3		 2021-05-04 -
2021-08-02		 3 months crt.sh
ohmyctf.com
R3		 2021-06-21 -
2021-09-19		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-07 -
2021-08-30		 3 months crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2021-04-29 -
2021-12-13		 8 months crt.sh
nfoservers.com
nfoservers.com		 2010-02-04 -
2011-02-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.gametracker.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-05 -
2021-12-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.ohmy3.site.nfoservers.com/
Frame ID: BD79F3D5C55D0EE4E6484CC9237B20A2
Requests: 25 HTTP requests in this frame

Frame: https://cache.gametracker.com/components/html0/?host=74.91.121.227:28960&bgColor=333333&fontColor=cccccc&titleBgColor=222222&titleColor=ff9900&borderColor=555555&linkColor=ffcc00&borderLinkColor=222222&showMap=1&currentPlayersHeight=100&showCurrPlayers=1&topPlayersHeight=100&showTopPlayers=1&showBlogs=0&width=240
Frame ID: B7AFD1DF83A0675DE76A67DFE860B84A
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
Frame ID: 39A97596F0DC27D133397E7DC863A2A7
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

39
Requests

97 %
HTTPS

70 %
IPv6

10
Domains

13
Subdomains

10
IPs

3
Countries

2126 kB
Transfer

2820 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif
Request Chain 9
  • https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Request Chain 31
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ohmy3.site.nfoservers.com/ 		30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache / PHP/7.3.27
Resource Hash
da826d622ae52ec8ec7399a89853efe3b5099fa7587abb7c50556053aed05640

Request headers

Host
www.ohmy3.site.nfoservers.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:16 GMT
Server
Apache
X-Powered-By
PHP/7.3.27
Link
<https://ohmyctf.com/index.php?rest_route=/>; rel="https://api.w.org/"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
7902
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
style.min.css
ohmyctf.com/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ohmyctf.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Apr 2021 04:30:02 GMT
Server
Apache
ETag
"e33b-5bffb511f0ba1-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
8685
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
474b108ec89f6dcc8a647ee4bb8f9ffe001db4b7dbaefd0db6a01fae6db8d22d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 03 Jul 2021 09:24:31 GMT
server
ESF
date
Sat, 03 Jul 2021 10:28:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Jul 2021 10:28:16 GMT
genericons.css
ohmyctf.com/wp-content/plugins/jetpack/_inc/genericons/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ohmyctf.com/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:16 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Jun 2021 16:20:54 GMT
Server
Apache
ETag
"6e6a-5c3def59fcdbb-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
16441
style.css
ohmyctf.com/wp-content/themes/BAK051516/twentysixteen/ 		71 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ohmyctf.com/wp-content/themes/BAK051516/twentysixteen/style.css?ver=5.7.2
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache /
Resource Hash
79a2d506107b37251d003866c24f7abf7f2371d531d5f4d1d5c4805acc327657

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Nov 2017 20:56:32 GMT
Server
Apache
ETag
"11cbc-55d429299ce17-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
13287
jquery.min.js
ohmyctf.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ohmyctf.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Apr 2021 17:30:24 GMT
Server
Apache
ETag
"15d98-5bfc9de6534e4-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
30916
jquery-migrate.min.js
ohmyctf.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ohmyctf.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Apr 2021 17:30:24 GMT
Server
Apache
ETag
"2bd8-5bfc9de654484-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
4169
cropped-dashboard.jpg
ohmyctf.com/wp-content/uploads/2017/10/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ohmyctf.com/wp-content/uploads/2017/10/cropped-dashboard.jpg
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache /
Resource Hash
cbd9f7eb07958ff12049cfb37c9361eec10fc841a057bfebe7ecd2360d4091aa

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:17 GMT
Last-Modified
Sat, 04 Nov 2017 18:50:26 GMT
Server
Apache
ETag
"e16b-55d2cb1c6b89c"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
57707
thermometer.php
ohmyctf.com/wp-content/plugins/olimometer/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ohmyctf.com/wp-content/plugins/olimometer/thermometer.php?olimometer_id=3
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache / PHP/7.3.27
Resource Hash
726b3d03cadb99e9f64efbf88a1115c7dfa9163f21da2f97976931cc08c3965e

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:17 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/7.3.27
Transfer-Encoding
chunked
Keep-Alive
timeout=15, max=99
Content-Type
image/png
btn_donate_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain
  • https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif
  • https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4a289c9f71fb1bb1e08de0f61000167d7824e87ad441c0a0dd8a9c68d0346252
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Jul 2021 10:28:17 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=1597 idim=92x26 ifmt=gif ofsz=1582 odim=92x26 ofmt=gif
paypal-debug-id
4a1a98aca6f49
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
1582
x-served-by
cache-sjc10060-SJC, cache-hhn4070-HHN
x-timer
S1625308097.383902,VS0,VE0
etag
"U3pl0/XCujlHacl+n45I4YfostqG/gKwMB9VmB+OaEg"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
5219, 2

Redirect headers

date
Sat, 03 Jul 2021 10:28:17 GMT
via
1.1 varnish, 1.1 varnish
x-timer
S1625308097.145697,VS0,VE165
x-served-by
cache-hhn11564-HHN, cache-ams21078-AMS
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
location
https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
4f7858f57762
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-cache-hits
0, 0
pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain
  • https://www.paypal.com/en_US/i/scr/pixel.gif
  • https://www.paypalobjects.com/en_US/i/scr/pixel.gif
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Jul 2021 10:28:17 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id
9641b5557f44e
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
42
x-served-by
cache-sjc10080-SJC, cache-hhn4070-HHN
x-timer
S1625308097.446552,VS0,VE0
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
13354, 3

Redirect headers

date
Sat, 03 Jul 2021 10:28:17 GMT
via
1.1 varnish, 1.1 varnish
x-timer
S1625308097.145678,VS0,VE218
x-served-by
cache-hhn11580-HHN, cache-ams21078-AMS
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
location
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
7642c7447c417
accept-ranges
bytes
dc
phx-origin-www-3.paypal.com
content-length
0
x-cache-hits
0, 0
btn_donate_pp_142x27.png
www.paypalobjects.com/webstatic/en_US/btn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/en_US/btn/btn_donate_pp_142x27.png
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fbfd7609a5c3fcaa169e94012b1ccdc0f7309246fdc4e7c9cdcf7bd2f9636393
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Jul 2021 10:28:17 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=5532 idim=142x27 ifmt=png ofsz=1993 odim=142x27 ofmt=png
paypal-debug-id
7f89befd64722
fastly-stats
io=1
dc
phx-origin-www-1.paypal.com
content-length
1993
x-served-by
cache-sjc10055-SJC, cache-hhn4070-HHN
x-timer
S1625308097.190800,VS0,VE162
etag
"oUhutWvm1/Ep4WKeyQy/o8J2iBwnU3eLpI1McMYzTuQ"
strict-transport-security
max-age=31557600
content-type
image/png
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
51, 1
skip-link-focus-fix.js
ohmyctf.com/wp-content/themes/BAK051516/twentysixteen/js/ 		1 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ohmyctf.com/wp-content/themes/BAK051516/twentysixteen/js/skip-link-focus-fix.js?ver=20160412
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache /
Resource Hash
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 May 2016 20:10:18 GMT
Server
Apache
ETag
"423-532e718c5be80-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
588
functions.js
ohmyctf.com/wp-content/themes/BAK051516/twentysixteen/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ohmyctf.com/wp-content/themes/BAK051516/twentysixteen/js/functions.js?ver=20160412
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache /
Resource Hash
0161f4d0837753708a4b16315a4d804d48c57f3ecaa8e9877aef0ef752ada6e4

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 May 2016 20:10:18 GMT
Server
Apache
ETag
"1aa4-532e718c5be80-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
1962
wp-embed.min.js
ohmyctf.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ohmyctf.com/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Apr 2021 17:30:24 GMT
Server
Apache
ETag
"592-5bfc9de65a245-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
765
wp-emoji-release.min.js
ohmyctf.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ohmyctf.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Jul 2021 10:28:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Apr 2021 17:30:24 GMT
Server
Apache
ETag
"3795-5bfc9de660005-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
4662
bg2.jpg
ohmy3.site.nfoservers.com/wp-content/uploads/2016/02/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ohmy3.site.nfoservers.com/wp-content/uploads/2016/02/bg2.jpg
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.5.53.10 Seattle, United States, ASN32751 (NUCLEARFALLOUT-SEA, US),
Reverse DNS
hosted7.nfoservers.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ohmy3.site.nfoservers.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 10:05:12 GMT
x-content-type-options
nosniff
age
260585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 10:05:12 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ohmy3.site.nfoservers.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 11:40:57 GMT
x-content-type-options
nosniff
age
254840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19300
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:09:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 11:40:57 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ohmy3.site.nfoservers.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 02:22:03 GMT
x-content-type-options
nosniff
age
288374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 02:22:03 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ohmy3.site.nfoservers.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 13:51:58 GMT
x-content-type-options
nosniff
age
333379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18924
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:08:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 13:51:58 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Origin
https://www.ohmy3.site.nfoservers.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
/
cache.gametracker.com/components/html0/ Frame B7AF 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.gametracker.com/components/html0/?host=74.91.121.227:28960&bgColor=333333&fontColor=cccccc&titleBgColor=222222&titleColor=ff9900&borderColor=555555&linkColor=ffcc00&borderLinkColor=222222&showMap=1&currentPlayersHeight=100&showCurrPlayers=1&topPlayersHeight=100&showTopPlayers=1&showBlogs=0&width=240
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1d09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8327a01d87e13acb88362dee2e131ddc89bb63d8bf3ae0c5d89f821627a61e42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
cache.gametracker.com
:scheme
https
:path
/components/html0/?host=74.91.121.227:28960&bgColor=333333&fontColor=cccccc&titleBgColor=222222&titleColor=ff9900&borderColor=555555&linkColor=ffcc00&borderLinkColor=222222&showMap=1&currentPlayersHeight=100&showCurrPlayers=1&topPlayersHeight=100&showTopPlayers=1&showBlogs=0&width=240
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ohmy3.site.nfoservers.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ohmy3.site.nfoservers.com/

Response headers

date
Sat, 03 Jul 2021 10:28:17 GMT
content-type
text/html; charset=UTF-8
expires
Sat, 03 Jul 2021 10:28:16 GMT
last-modified
Sat, 03 Jul 2021 10:28:17 GMT
cache-control
no-cache
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
668f6d175b094abd-FRA
xkE-0v2Dh3w
www.youtube.com/embed/ Frame 39A9 		48 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d62df6da74824b77b5fdc72e02d86edddce9e006e292ee0f136e9439b265c0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/xkE-0v2Dh3w?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ohmy3.site.nfoservers.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ohmy3.site.nfoservers.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 03 Jul 2021 10:28:17 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=XIsODi7uRsw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=OetbmZ6-lyc; Domain=.youtube.com; Expires=Thu, 30-Dec-2021 10:28:17 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+886; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
94dd946842241107b5a2fe3aeb8ef204
secure.gravatar.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/94dd946842241107b5a2fe3aeb8ef204?s=49&r=g
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
91134262eef7b8edaee61bcaeef276e2c908ffaec61864f873f7facad60759e7

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 03 Jul 2021 10:28:17 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="94dd946842241107b5a2fe3aeb8ef204.jpg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/94dd946842241107b5a2fe3aeb8ef204?s=49&r=g>; rel="canonical"
content-length
1841
expires
Sat, 03 Jul 2021 10:33:17 GMT
4864d3dc71624ff4b346a7998f7c100f
secure.gravatar.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/4864d3dc71624ff4b346a7998f7c100f?s=49&r=g
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
91134262eef7b8edaee61bcaeef276e2c908ffaec61864f873f7facad60759e7

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 03 Jul 2021 10:28:17 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="4864d3dc71624ff4b346a7998f7c100f.jpg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/4864d3dc71624ff4b346a7998f7c100f?s=49&r=g>; rel="canonical"
content-length
1841
expires
Sat, 03 Jul 2021 10:33:17 GMT
2bfe30664b4d02c16e40f0f022b1d1cd
secure.gravatar.com/avatar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/2bfe30664b4d02c16e40f0f022b1d1cd?s=49&r=g
Requested by
Host: www.ohmy3.site.nfoservers.com
URL: https://www.ohmy3.site.nfoservers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
91134262eef7b8edaee61bcaeef276e2c908ffaec61864f873f7facad60759e7

Request headers

Referer
https://www.ohmy3.site.nfoservers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sat, 03 Jul 2021 10:28:17 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="2bfe30664b4d02c16e40f0f022b1d1cd.jpg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/2bfe30664b4d02c16e40f0f022b1d1cd?s=49&r=g>; rel="canonical"
content-length
1841
expires
Sat, 03 Jul 2021 10:33:17 GMT
www-player-webp.css
www.youtube.com/s/player/7acefd5d/ Frame 39A9 		324 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7acefd5d/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6c3d5fa60e4bf93e81d7df8456be46e03d60e70378e9af123c010a610e49192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Jul 2021 09:54:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
2031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45801
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Jul 2022 09:54:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 39A9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 08:09:57 GMT
x-content-type-options
nosniff
age
267500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 08:09:57 GMT
www-embed-player.js
www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/ Frame 39A9 		192 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4118e3905681f28cf8dc9eb48bd5aabd36bff99666193810868d9182ba9686da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 14:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
244068
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64943
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 14:40:29 GMT
base.js
www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/ Frame 39A9 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75b0a7bd1689b8f44e349e382ac54c3004d8559c347546ec7f3aea716cad758f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 23:40:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
age
38846
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1739763
x-xss-protection
0
expires
Sat, 02 Jul 2022 23:40:51 GMT
fetch-polyfill.js
www.youtube.com/s/player/7acefd5d/fetch-polyfill.vflset/ Frame 39A9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7acefd5d/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Jul 2021 04:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
age
22856
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Sun, 03 Jul 2022 04:07:21 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 39A9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
361a8eb3b168f0a86e0c3682713abd9fb14c8743f7e2e9be66c27e5b1879369c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Jul 2021 10:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 03 Jul 2021 10:28:17 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 39A9 		29 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Jul 2021 10:17:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
656
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sat, 03 Jul 2021 10:32:21 GMT
qoe
www.youtube.com/api/stats/ Frame 39A9 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&cpn=1oejbnTw_GIwuPS1&el=embedded&docid=xkE-0v2Dh3w&ns=yt&fexp=23940237%2C23973490%2C23983296%2C23991329%2C23999405%2C24001373%2C24003103%2C24003105%2C24004644%2C24007246%2C24023960%2C24036236%2C24045412%2C24053866%2C24058128%2C24058293%2C24058812%2C24063702%2C24066553&cl=382180333&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210629.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 03 Jul 2021 10:28:17 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/ Frame 39A9 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a3573a374b60552bfaf599cbda271a4301bbad1b489f65f091c3208f1e759e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 14:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
age
244068
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7482
x-xss-protection
0
expires
Thu, 30 Jun 2022 14:40:29 GMT
truncated
/ Frame 39A9 		168 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9ff53a447e422efcf585619196f9be901720a24c04e51410843d61c64a05133

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
us.gif
cache.gametracker.com/images/flags/ Frame B7AF 		367 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.gametracker.com/images/flags/us.gif
Requested by
Host: cache.gametracker.com
URL: https://cache.gametracker.com/components/html0/?host=74.91.121.227:28960&bgColor=333333&fontColor=cccccc&titleBgColor=222222&titleColor=ff9900&borderColor=555555&linkColor=ffcc00&borderLinkColor=222222&showMap=1&currentPlayersHeight=100&showCurrPlayers=1&topPlayersHeight=100&showTopPlayers=1&showBlogs=0&width=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1d09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b92f4eb6e7e071a728ae3fb103c1dfe56c0b0f1423171c94afd1709ea466fdab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cache.gametracker.com/components/html0/?host=74.91.121.227:28960&bgColor=333333&fontColor=cccccc&titleBgColor=222222&titleColor=ff9900&borderColor=555555&linkColor=ffcc00&borderLinkColor=222222&showMap=1&currentPlayersHeight=100&showCurrPlayers=1&topPlayersHeight=100&showTopPlayers=1&showBlogs=0&width=240
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Jul 2021 10:28:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2016 19:01:00 GMT
server
cloudflare
age
6151096
etag
"585ad16c-16f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
668f6d1998284abd-FRA
content-length
367
expires
Sun, 03 Jul 2022 10:28:17 GMT
cod2.png
cache.gametracker.com/images/game_icons16/ Frame B7AF 		763 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.gametracker.com/images/game_icons16/cod2.png
Requested by
Host: cache.gametracker.com
URL: https://cache.gametracker.com/components/html0/?host=74.91.121.227:28960&bgColor=333333&fontColor=cccccc&titleBgColor=222222&titleColor=ff9900&borderColor=555555&linkColor=ffcc00&borderLinkColor=222222&showMap=1&currentPlayersHeight=100&showCurrPlayers=1&topPlayersHeight=100&showTopPlayers=1&showBlogs=0&width=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1d09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d67ffce32ddb6a65b2fff0fcc7c263c51470d41f13a81b9f7f0a8676f567faf5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cache.gametracker.com/components/html0/?host=74.91.121.227:28960&bgColor=333333&fontColor=cccccc&titleBgColor=222222&titleColor=ff9900&borderColor=555555&linkColor=ffcc00&borderLinkColor=222222&showMap=1&currentPlayersHeight=100&showCurrPlayers=1&topPlayersHeight=100&showTopPlayers=1&showBlogs=0&width=240
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Jul 2021 10:28:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2016 19:01:00 GMT
server
cloudflare
age
6142142
etag
"585ad16c-2fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
668f6d19982c4abd-FRA
content-length
763
expires
Sun, 03 Jul 2022 10:28:17 GMT
mp_tobruk.jpg
image.gametracker.com/images/maps/160x120/cod2/ Frame B7AF 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.gametracker.com/images/maps/160x120/cod2/mp_tobruk.jpg
Requested by
Host: cache.gametracker.com
URL: https://cache.gametracker.com/components/html0/?host=74.91.121.227:28960&bgColor=333333&fontColor=cccccc&titleBgColor=222222&titleColor=ff9900&borderColor=555555&linkColor=ffcc00&borderLinkColor=222222&showMap=1&currentPlayersHeight=100&showCurrPlayers=1&topPlayersHeight=100&showTopPlayers=1&showBlogs=0&width=240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:1d09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14660ee9bc83c171731fa59097dae3d5930e143078ac4b410890a84740bf585c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cache.gametracker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Jul 2021 10:28:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
58365
cf-bgj
h2pri
content-length
8354
last-modified
Mon, 18 Feb 2008 17:58:17 GMT
server
cloudflare
x-frame-options
DENY
etag
"47b9c739-20a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
668f6d1998324abd-FRA
expires
Sun, 04 Jul 2021 10:28:17 GMT
truncated
/ Frame B7AF 		754 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c8e8c2e99fda25d94cc2f98d3a1f12affefcf06da636358f29bad4c7a1cc9bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
log_event
www.youtube.com/youtubei/v1/ Frame 39A9 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/xkE-0v2Dh3w?feature=oembed
X-YouTube-Client-Version
1.20210629.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtPZXRibVo2LWx5YyjB94CHBg%3D%3D
X-YouTube-Ad-Signals
dt=1625308097272&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C200%2C113&vis=1&wgl=true&ca_type=image&bid=ANyPxKrU0Xw7uqjdl1Xa4YuLCHOFVsXiT6CRnThatcGTx2YOsbxe5u1h3VZkXK08nAWb12ItHt3R_YTzSXMyOEGpDzdBk4u2qw

Response headers

date
Sat, 03 Jul 2021 10:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 03 Jul 2021 10:28:19 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| screenReaderText object| wp object| twemoji

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: OetbmZ6-lyc
.youtube.com/ Name: YSC
Value: XIsODi7uRsw

1 Console Messages

Source Level URL
Text
console-api log URL: https://ohmyctf.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cache.gametracker.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image.gametracker.com
ohmy3.site.nfoservers.com
ohmyctf.com
secure.gravatar.com
static.doubleclick.net
www.ohmy3.site.nfoservers.com
www.paypal.com
www.paypalobjects.com
www.youtube.com
151.101.114.133
151.101.129.21
2606:4700::6810:1d09
2a00:1450:4001:802::200a
2a00:1450:4001:811::200e
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a04:fa87:fffe::c000:4902
72.5.53.10
0161f4d0837753708a4b16315a4d804d48c57f3ecaa8e9877aef0ef752ada6e4
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
14660ee9bc83c171731fa59097dae3d5930e143078ac4b410890a84740bf585c
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
361a8eb3b168f0a86e0c3682713abd9fb14c8743f7e2e9be66c27e5b1879369c
3c8e8c2e99fda25d94cc2f98d3a1f12affefcf06da636358f29bad4c7a1cc9bb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4118e3905681f28cf8dc9eb48bd5aabd36bff99666193810868d9182ba9686da
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
474b108ec89f6dcc8a647ee4bb8f9ffe001db4b7dbaefd0db6a01fae6db8d22d
4a289c9f71fb1bb1e08de0f61000167d7824e87ad441c0a0dd8a9c68d0346252
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
65a3573a374b60552bfaf599cbda271a4301bbad1b489f65f091c3208f1e759e
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
726b3d03cadb99e9f64efbf88a1115c7dfa9163f21da2f97976931cc08c3965e
75b0a7bd1689b8f44e349e382ac54c3004d8559c347546ec7f3aea716cad758f
79a2d506107b37251d003866c24f7abf7f2371d531d5f4d1d5c4805acc327657
8327a01d87e13acb88362dee2e131ddc89bb63d8bf3ae0c5d89f821627a61e42
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
91134262eef7b8edaee61bcaeef276e2c908ffaec61864f873f7facad60759e7
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
b92f4eb6e7e071a728ae3fb103c1dfe56c0b0f1423171c94afd1709ea466fdab
cbd9f7eb07958ff12049cfb37c9361eec10fc841a057bfebe7ecd2360d4091aa
d62df6da74824b77b5fdc72e02d86edddce9e006e292ee0f136e9439b265c0bf
d67ffce32ddb6a65b2fff0fcc7c263c51470d41f13a81b9f7f0a8676f567faf5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da826d622ae52ec8ec7399a89853efe3b5099fa7587abb7c50556053aed05640
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c3d5fa60e4bf93e81d7df8456be46e03d60e70378e9af123c010a610e49192
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f9ff53a447e422efcf585619196f9be901720a24c04e51410843d61c64a05133
fbfd7609a5c3fcaa169e94012b1ccdc0f7309246fdc4e7c9cdcf7bd2f9636393