URL: http://basfeilogdoct.ml/
Submission: On April 09 via manual from IT

Summary

This website contacted 17 IPs in 2 countries across 14 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3032::6815:1b9, located in United States and belongs to CLOUDFLARENET, US. The main domain is basfeilogdoct.ml.
This is the only time basfeilogdoct.ml was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
9 www.youtube.com basfeilogdoct.ml
www.youtube.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 godatingsite.com basfeilogdoct.ml
1 embrywomenshealth.com basfeilogdoct.ml
1 maryvaleptaorg.files.wordpress.com basfeilogdoct.ml
1 i1.rgstatic.net basfeilogdoct.ml
1 upload.wikimedia.org basfeilogdoct.ml
1 cdnjs.cloudflare.com basfeilogdoct.ml
1 fonts.googleapis.com basfeilogdoct.ml
1 basfeilogdoct.ml
28 16

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA
2020-11-09 -
2021-11-16
a year crt.sh
*.rgstatic.net
AlphaSSL CA - SHA256 - G2
2020-08-31 -
2021-10-02
a year crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA
2020-12-21 -
2022-01-21
a year crt.sh
godatingsite.com
R3
2021-02-27 -
2021-05-28
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
www.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.googleusercontent.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
edgestatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh

This page contains 2 frames:

Primary Page: http://basfeilogdoct.ml/
Frame ID: ACBD46B9464D403C47B0E06864E32E31
Requests: 12 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9w6Z_AyujwQ
Frame ID: E05CB63C26A3E269672D7F8B5ADF2D58
Requests: 17 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

28
Requests

79 %
HTTPS

88 %
IPv6

14
Domains

16
Subdomains

17
IPs

2
Countries

13415 kB
Transfer

14150 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
Request Chain 17
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
basfeilogdoct.ml/
32 KB
12 KB
Document
General
Full URL
http://basfeilogdoct.ml/
Protocol
HTTP/1.1
Server
2606:4700:3032::6815:1b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27427241de0f9f5009c79dc38f8c74e5fd1ba75219a902112736533c30f42e9

Request headers

Host
basfeilogdoct.ml
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 02:52:18 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
ch1c=b
CF-Cache-Status
DYNAMIC
cf-request-id
09562481cc000097baba17b000000001
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KmxNqe4tiX7xV44VQ3IQLi4blpStXaEbshAA4zqPCejHtVJQR0%2BHtbwBxYs5nC92qgbqUfrbGIsUv5TKeyx0uwrOwp0t42YejIGwrke6LXBkhaL1n0WhMiEyUVx2"}],"group":"cf-nel"}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
63d070494d4397ba-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/
38 KB
2 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i
Requested by
Host: basfeilogdoct.ml
URL: http://basfeilogdoct.ml/
Protocol
HTTP/1.1
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d32044294e568c03a11e43a06eaabc3e23a5ebbe55c4d322c907015dc97f014a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://basfeilogdoct.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 02:52:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Apr 2021 02:52:18 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Fri, 09 Apr 2021 02:52:18 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
  • https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
157 KB
18 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: basfeilogdoct.ml
URL: http://basfeilogdoct.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://basfeilogdoct.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1844483
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17550
cf-request-id
09562482310000176608b2a000000001
timing-allow-origin
*
last-modified
Thu, 06 Aug 2020 17:01:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f2c377f-2722e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V4St4XySXaH01TVck77VAcx9XSf52PyCwOAgrPXndBJEMCmDCX%2BM3p1t0DIExfOqYkWydK5cHUGvZZRl3E1JoIxwJMCHi3zKhtc0xQ3ZX8NSDad7aLoB0SknP8rfF1euuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63d07049eea61766-FRA
expires
Wed, 30 Mar 2022 02:52:18 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
Non-Authoritative-Reason
HSTS
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://basfeilogdoct.ml
Hunter_College_High_School_(48059229647).jpg
upload.wikimedia.org/wikipedia/commons/d/dd/
11 MB
11 MB
Image
General
Full URL
https://upload.wikimedia.org/wikipedia/commons/d/dd/Hunter_College_High_School_(48059229647).jpg
Requested by
Host: basfeilogdoct.ml
URL: http://basfeilogdoct.ml/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
11ad7878fbdb5dff03128425c76dc55d006cc5f915883942ecd674e8dcb7181d
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://basfeilogdoct.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:34:51 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
76647
x-cache-status
hit-local
x-cache
cp3051 hit, cp3061 pass
server-timing
cache;desc="hit-local", host;desc="cp3061"
content-length
11081135
x-client-ip
2a01:4f8:192:5414::2
x-object-meta-sha1base36
r0f1ab26xcpzwzuwu8v3in9u3wgjv9s
last-modified
Fri, 14 Jun 2019 04:06:48 GMT
server
ATS/8.0.8
etag
ead4d1d69e2eb91fcbc8790aea8b1cfe
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
x-timestamp
1560485207.78992
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
largepreview.png
i1.rgstatic.net/publication/230590415_Barriers_to_Physical_Activity_in_East_Harlem_New_York/links/00b49519bbcd65e709000000/
43 B
499 B
Image
General
Full URL
https://i1.rgstatic.net/publication/230590415_Barriers_to_Physical_Activity_in_East_Harlem_New_York/links/00b49519bbcd65e709000000/largepreview.png
Requested by
Host: basfeilogdoct.ml
URL: http://basfeilogdoct.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:927 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64f9990414c6f684965940e59100224d1b14b86680d69ce42d23398feb93e5e1

Request headers

Referer
http://basfeilogdoct.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 02:52:19 GMT
x-correlation-id
rgreq-b5f399a51e8dad04e93863382c0bb879
cf-cache-status
MISS
last-modified
Fri, 09 Apr 21 02:52:18 +0000
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray
63d0704a1c964edf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
095624824f00004edfea80e000000001
expires
Thu, 19 Nov 1981 08:52:00 GMT
maryvale-rendering.png
maryvaleptaorg.files.wordpress.com/2019/09/
394 KB
395 KB
Image
General
Full URL
https://maryvaleptaorg.files.wordpress.com/2019/09/maryvale-rendering.png
Requested by
Host: basfeilogdoct.ml
URL: http://basfeilogdoct.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.22 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b403f432b35e7a480df9918699bc071caf65c68d22cc50f4fb7da706bcf9b4f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://basfeilogdoct.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS arn 22 np
date
Fri, 09 Apr 2021 02:52:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Sep 2019 02:33:38 GMT
server
nginx
accept-ranges
bytes
vary
Origin
content-type
image/png
access-control-allow-origin
https://maryvaleptaorg.wordpress.com
x-orig-src
01_mogdir
access-control-allow-credentials
true
content-length
403801
expires
Sun, 02 May 2021 02:04:19 GMT
Covid-19-test-center.jpg
embrywomenshealth.com/wp-content/uploads/2020/07/
205 KB
205 KB
Image
General
Full URL
https://embrywomenshealth.com/wp-content/uploads/2020/07/Covid-19-test-center.jpg
Requested by
Host: basfeilogdoct.ml
URL: http://basfeilogdoct.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1114b8fdf641e5ec051a5667336cc6716f6c672a71bc4f08f793f7da7df5dd97

Request headers

Referer
http://basfeilogdoct.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:52:19 GMT
cf-cache-status
MISS
last-modified
Sun, 19 Jul 2020 15:09:07 GMT
server
cloudflare
etag
"332a1-5f146213-36e549;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
63d0704a18513140-FRA
content-length
209569
cf-request-id
095624824b00003140cc882000000001
expires
Fri, 16 Apr 2021 02:52:19 GMT
15070_0_866682.jpg
godatingsite.com/uploaded/1/8/
16 KB
16 KB
Image
General
Full URL
https://godatingsite.com/uploaded/1/8/15070_0_866682.jpg
Requested by
Host: basfeilogdoct.ml
URL: http://basfeilogdoct.ml/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.222.24.105 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.lbs-to-kg.com
Software
Apache/2 /
Resource Hash
f5d6b76415201a637937e8ea75dca1861cbcd451188872547e3fa655c9d6627f

Request headers

Referer
http://basfeilogdoct.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:52:19 GMT
last-modified
Sun, 07 Apr 2019 19:49:24 GMT
server
Apache/2
etag
"3ff3-585f6044a9900"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
16371
expires
Sun, 09 May 2021 02:52:19 GMT
9w6Z_AyujwQ
www.youtube.com/embed/ Frame E05C
51 KB
22 KB
Document
General
Full URL
https://www.youtube.com/embed/9w6Z_AyujwQ
Requested by
Host: basfeilogdoct.ml
URL: http://basfeilogdoct.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
868271e501ab52bc087ac4c80364263e03fcf382ec6e782cab35c9dde0588c5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/9w6Z_AyujwQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://basfeilogdoct.ml/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://basfeilogdoct.ml/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 09 Apr 2021 02:52:18 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=riAzraszn6o; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=oKRxSJJNqEo; Domain=.youtube.com; Expires=Wed, 06-Oct-2021 02:52:18 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+691; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/
14 KB
14 KB
Font
General
Full URL
http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://basfeilogdoct.ml
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 02:03:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:09:22 GMT
Server
sffe
Age
89356
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
14380
X-XSS-Protection
0
Expires
Fri, 08 Apr 2022 02:03:02 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
http://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://basfeilogdoct.ml
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 02:03:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Nov 2020 22:01:55 GMT
Server
sffe
Age
89354
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
7776
X-XSS-Protection
0
Expires
Fri, 08 Apr 2022 02:03:04 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/
15 KB
15 KB
Font
General
Full URL
http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://basfeilogdoct.ml
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 02:03:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:09:47 GMT
Server
sffe
Age
89355
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
14880
X-XSS-Protection
0
Expires
Fri, 08 Apr 2022 02:03:03 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
http://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://basfeilogdoct.ml
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 03:19:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 05 Nov 2020 22:01:48 GMT
Server
sffe
Age
84795
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
7832
X-XSS-Protection
0
Expires
Fri, 08 Apr 2022 03:19:03 GMT
www-player-webp.css
www.youtube.com/s/player/1d7f16b4/ Frame E05C
356 KB
53 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/1d7f16b4/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9w6Z_AyujwQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88e0a3323df787ff708bc5f3e407898796ba8eff28cc360382ee427195376bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9w6Z_AyujwQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 15:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 00:22:30 GMT
server
sffe
age
212782
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53425
x-xss-protection
0
expires
Wed, 06 Apr 2022 15:45:56 GMT
www-embed-player.js
www.youtube.com/s/player/1d7f16b4/www-embed-player.vflset/ Frame E05C
174 KB
62 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d7f16b4/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9w6Z_AyujwQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5a83d1a9d5cd5d03da79bc522572bff2685b7c4b1f4f68c53dd2a44ac4b4256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9w6Z_AyujwQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 15:46:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 00:22:30 GMT
server
sffe
age
212762
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63351
x-xss-protection
0
expires
Wed, 06 Apr 2022 15:46:16 GMT
base.js
www.youtube.com/s/player/1d7f16b4/player_ias.vflset/en_US/ Frame E05C
2 MB
2 MB
Script
General
Full URL
https://www.youtube.com/s/player/1d7f16b4/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9w6Z_AyujwQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67ac5cda138bb3d13e0998c873d5cf57995edaac561a7dbaced67b01e7cd20cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9w6Z_AyujwQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 16:01:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 00:22:30 GMT
server
sffe
age
39065
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1643753
x-xss-protection
0
expires
Fri, 08 Apr 2022 16:01:13 GMT
fetch-polyfill.js
www.youtube.com/s/player/1d7f16b4/fetch-polyfill.vflset/ Frame E05C
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d7f16b4/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9w6Z_AyujwQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9w6Z_AyujwQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 07:22:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 00:22:30 GMT
server
sffe
age
70161
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Fri, 08 Apr 2022 07:22:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E05C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9w6Z_AyujwQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
578921
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:37 GMT
id
googleads.g.doubleclick.net/pagead/ Frame E05C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
559 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9w6Z_AyujwQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59a52d9160c549e34ffc8a266fa172b036dd7ee7a4ded05b9d3a2f1db5cad1e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:52:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 09 Apr 2021 02:52:19 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame E05C
29 B
407 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d7f16b4/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
675
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Fri, 09 Apr 2021 02:56:04 GMT
remote.js
www.youtube.com/s/player/1d7f16b4/player_ias.vflset/en_US/ Frame E05C
97 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d7f16b4/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d7f16b4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4784af117d6a622d9fc0bd27c60b86bf06a7f444a20644672ad875d7dfb8dcf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9w6Z_AyujwQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 15:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 00:22:30 GMT
server
sffe
age
212758
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32721
x-xss-protection
0
expires
Wed, 06 Apr 2022 15:46:21 GMT
aeODL3IsgW4-lUbekjUPXfbd8dX-NY4OoxLW4uFDbgM.js
www.google.com/js/th/ Frame E05C
33 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/aeODL3IsgW4-lUbekjUPXfbd8dX-NY4OoxLW4uFDbgM.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d7f16b4/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69e3832f722c816e3e9546de92350f5df6ddf1d5fe358e0ea312d6e2e1436e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 16:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:00:00 GMT
server
sffe
age
468309
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12747
x-xss-protection
0
expires
Sun, 03 Apr 2022 16:47:10 GMT
embed.js
www.youtube.com/s/player/1d7f16b4/player_ias.vflset/en_US/ Frame E05C
24 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d7f16b4/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d7f16b4/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba789b68cad54c32c72abbfce1848ac55c88ad4f81ef2dbc33d610a34d326c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/9w6Z_AyujwQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 15:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 00:22:30 GMT
server
sffe
age
212728
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7486
x-xss-protection
0
expires
Wed, 06 Apr 2022 15:46:51 GMT
truncated
/ Frame E05C
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwngttVN6gqZDIt3esZwgxM8X7VOXVf-7LLXsk2v5YQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E05C
3 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AAUvwngttVN6gqZDIt3esZwgxM8X7VOXVf-7LLXsk2v5YQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9w6Z_AyujwQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4a592a49ceabf0cbdcab5842b700bf74bc91e37552dcad43bb9b37869ee0461f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 00:10:59 GMT
x-content-type-options
nosniff
age
9680
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3363
x-xss-protection
0
server
fife
etag
"v60b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 07 Apr 2021 03:14:20 GMT
sddefault.jpg
i.ytimg.com/vi/9w6Z_AyujwQ/ Frame E05C
72 KB
72 KB
Image
General
Full URL
https://i.ytimg.com/vi/9w6Z_AyujwQ/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9w6Z_AyujwQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b8a8bfe614b2057096554775b3d7624f012208d5f4b091eda89384fab667b80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:52:19 GMT
x-content-type-options
nosniff
server
sffe
etag
"1495756368"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73434
x-xss-protection
0
expires
Fri, 09 Apr 2021 04:52:19 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E05C
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d7f16b4/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:52:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Fri, 09 Apr 2021 02:52:19 GMT
generate_204
www.youtube.com/ Frame E05C
0
38 B
Image
General
Full URL
https://www.youtube.com/generate_204?nGa0Vg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9w6Z_AyujwQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/9w6Z_AyujwQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:52:19 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
log_event
www.youtube.com/youtubei/v1/ Frame E05C
28 B
305 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d7f16b4/www-embed-player.vflset/www-embed-player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/9w6Z_AyujwQ
X-YouTube-Client-Version
1.20210405.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtvS1J4U0pKTnFFbyjigr-DBg%3D%3D
X-YouTube-Ad-Signals
dt=1617936739026&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKorvg0zbW1MLm0-EneSQy4jpH971GHU9XmSbXB5-81VNxpL1qD4f2fGxA-VfAUyfvNZV25IJFhJMUlV0521O7O6ifJMBQ

Response headers

date
Fri, 09 Apr 2021 02:52:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 09 Apr 2021 02:52:29 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: riAzraszn6o
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: oKRxSJJNqEo
basfeilogdoct.ml/ Name: ch1c
Value: b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

basfeilogdoct.ml
cdnjs.cloudflare.com
embrywomenshealth.com
fonts.googleapis.com
fonts.gstatic.com
godatingsite.com
googleads.g.doubleclick.net
i.ytimg.com
i1.rgstatic.net
maryvaleptaorg.files.wordpress.com
static.doubleclick.net
upload.wikimedia.org
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
192.0.72.22
2606:4700:10::6816:4ef3
2606:4700:3032::6815:1b9
2606:4700::6810:125e
2606:4700::6812:927
2620:0:862:ed1a::2:b
2a00:1450:4001:801::200a
2a00:1450:4001:801::2016
2a00:1450:4001:803::2003
2a00:1450:4001:811::2006
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::200e
67.222.24.105
1114b8fdf641e5ec051a5667336cc6716f6c672a71bc4f08f793f7da7df5dd97
11ad7878fbdb5dff03128425c76dc55d006cc5f915883942ecd674e8dcb7181d
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4784af117d6a622d9fc0bd27c60b86bf06a7f444a20644672ad875d7dfb8dcf1
4a592a49ceabf0cbdcab5842b700bf74bc91e37552dcad43bb9b37869ee0461f
59a52d9160c549e34ffc8a266fa172b036dd7ee7a4ded05b9d3a2f1db5cad1e2
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
64f9990414c6f684965940e59100224d1b14b86680d69ce42d23398feb93e5e1
67ac5cda138bb3d13e0998c873d5cf57995edaac561a7dbaced67b01e7cd20cb
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69e3832f722c816e3e9546de92350f5df6ddf1d5fe358e0ea312d6e2e1436e03
868271e501ab52bc087ac4c80364263e03fcf382ec6e782cab35c9dde0588c5b
88e0a3323df787ff708bc5f3e407898796ba8eff28cc360382ee427195376bb8
9b8a8bfe614b2057096554775b3d7624f012208d5f4b091eda89384fab667b80
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a5a83d1a9d5cd5d03da79bc522572bff2685b7c4b1f4f68c53dd2a44ac4b4256
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b403f432b35e7a480df9918699bc071caf65c68d22cc50f4fb7da706bcf9b4f1
ba789b68cad54c32c72abbfce1848ac55c88ad4f81ef2dbc33d610a34d326c09
c27427241de0f9f5009c79dc38f8c74e5fd1ba75219a902112736533c30f42e9
d32044294e568c03a11e43a06eaabc3e23a5ebbe55c4d322c907015dc97f014a
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f5d6b76415201a637937e8ea75dca1861cbcd451188872547e3fa655c9d6627f