urlscan.io logo urlscan.io
SecurityTrails logo

downrips.xyz Open in urlscan Pro
2606:4700:e6::ac40:ca1d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://downrips.xyz/
Effective URL: https://downrips.xyz/
Submission Tags: tranco_l324
Submission: On November 19 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 24 HTTP transactions. The main IP is 2606:4700:e6::ac40:ca1d, located in United States and belongs to CLOUDFLARENET, US. The main domain is downrips.xyz.
TLS certificate: Issued by R3 on October 31st 2021. Valid for: 3 months.
This is the only time downrips.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 192.243.59.13 39572 (ADVANCEDH...)
1 4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 130.211.31.231 15169 (GOOGLE)
24 10
7    2606:4700:e6::ac40:ca1d (United States)

ASN13335 (CLOUDFLARENET, US)
downrips.xyz
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
urgesick.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
8    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2606:4700:3037::ac43:bd78 (United States)

ASN13335 (CLOUDFLARENET, US)
superonclick.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    130.211.31.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.31.211.130.bc.googleusercontent.com
discovernative.com
Domain Requested by
8 www.youtube.com downrips.xyz
www.youtube.com
7 downrips.xyz 1 redirects downrips.xyz
3 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
2 superonclick.com downrips.xyz
1 discovernative.com downrips.xyz
1 ufpcdn.com superonclick.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 pagead2.googlesyndication.com downrips.xyz
1 urgesick.com downrips.xyz
24 10

This site contains links to these domains. Also see Links.

Domain
discovernative.com
Subject Issuer Validity Valid
*.downrips.xyz
R3		 2021-10-31 -
2022-01-29		 3 months crt.sh
urgesick.com
R3		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
discovernative.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-04 -
2022-03-04		 a year crt.sh

This page contains 4 frames:

Primary Page: https://downrips.xyz/
Frame ID: 562907EDB364D79949539E7DF7D0B57A
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gV4cPxiARps
Frame ID: 8CE39B1F90B3D7707FAD8DB4CABCE5B3
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: EFCFA877699AB3D58DFEA06244DADA6D
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 6D6453F9A7B920BC8696F49A251F191F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Embed Videos | Embed Videos Online Free

Page URL History Show full URLs

  1. http://downrips.xyz/ HTTP 301
    https://downrips.xyz/ Page URL

Page Statistics

24
Requests

96 %
HTTPS

78 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

806 kB
Transfer

2798 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://downrips.xyz/ HTTP 301
    https://downrips.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
downrips.xyz/
Redirect Chain
  • http://downrips.xyz/
  • https://downrips.xyz/
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2c618e9cefb257b7b41239ca51d5022faf8ed7ffda1db6bf42fed3de39c207

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 19 Nov 2021 10:24:40 GMT
content-type
text/html; charset=UTF-8
link
<http://downrips.xyz/index.php?rest_route=/>; rel="https://api.w.org/", <http://downrips.xyz/index.php?rest_route=/wp/v2/pages/8339>; rel="alternate"; type="application/json", <http://downrips.xyz/>; rel=shortlink
x-proxy-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sX2R7QDalhVAcoeMZ9BRC86aWlnWte99fgS76Wz6IWSLMnvm5Uh7eRG2GigPGbw%2FQubYKc0doi2tDfNh3gErmiLpPdaMj%2B%2BfYbdqKOwGrBbqaolTnGODPEE4x3akn7OdlJuSXMePVhuK5mQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b08baecc9a14e74-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Fri, 19 Nov 2021 10:24:40 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 19 Nov 2021 11:24:40 GMT
Location
https://downrips.xyz/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2YFImtZIp%2Fbzu2Sl%2B0U1lnzi%2F2dXX8RL56fBgLJyHq8im%2BL2rXpzXoIJrUnIOIhNgPAY26EamiEItCRJQzfWptjOJyeYDABZxMeHCbe5qMSqutlwRXPt0vkYI66O6T3hjhtpu%2BTa7S6Bt8%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6b08baec89e87039-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
downrips.xyz/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downrips.xyz/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 10:24:40 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 20 Sep 2021 09:28:27 GMT
server
cloudflare
x-microcachable
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2W5LuFbtU%2B%2Bj0DxrzU%2BMZ3M9yrPOhwI3muzts6ixUOIBL2xuwc3RUQUw5z72ZiHr9Yc6sPJSjkjgCR3f%2FkX2sTLouBsHOvokpgLhtlb1gR0C79sH0ATZTHuwPnLSwrZz3atTTl9TsQNSWA%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b08baee2c4f4e74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
downrips.xyz/wp-content/themes/ivideo/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downrips.xyz/wp-content/themes/ivideo/style.css?ver=5.8.1
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28da7b11c017339be74c494cdcfe55119d5169c5eb1f473cc902c9e68c200965

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 10:24:40 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 20 Jul 2015 15:50:54 GMT
server
cloudflare
x-microcachable
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJihDYjfrrqBHjvNlYe5OEpsOioB4bgybakQWi3Oh4tbDFIBqYTm%2B0Ro2fSHb8c%2B641n8aGCLANyC1wzJ9ADnaCVL9XL%2B035iyZJGcdBxFW9AXLIfigMrncvHiymphm61PKb5q4HeljcPsc%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b08baee2c534e74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
invisible.js
downrips.xyz/cdn-cgi/challenge-platform/h/b/scripts/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downrips.xyz/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e18aee6953ab1da5957377bd36024f362e60de87b2f6e243ad8edf906cbc0447

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 10:24:40 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9nmrdfuKPq5Q1GMsBRWmw0pSogc%2BNGbnR5bPxjn3B6qyinTYi71whbdJHEGiLn%2Fsg6M8ZwmZLLHDQmfLCwPSmZToymEp2scKaWCjCUhQA%2FqnXTkbJO1Br7zrb8ixrzhJC87xKTWxPjthLI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6b08baee2c554e74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-embed.min.js
downrips.xyz/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downrips.xyz/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 10:24:40 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 20 Sep 2021 09:28:27 GMT
server
cloudflare
x-microcachable
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IHI%2BxaSBXywXD%2F0IXrYPsZki2%2FgJRxTcVdoGIMwSsNA4T6TraCnZK2Oe3o2EKb5RDpUXiir0JMkX4tYAKEUcuuy24fpQCgQBzTzCcBGuSurhr9eKzMbsogSk4jYYY%2Bb7V6fTVjRYBoVvAw%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b08baee2c544e74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
6ddcac927095db08c4d682452dc28c3b.js
urgesick.com/6d/dc/ac/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://urgesick.com/6d/dc/ac/6ddcac927095db08c4d682452dc28c3b.js
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 10:24:41 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58a2515654d4fd62ad09719024b47595d552a4ff42ea0fdcab882702c763fbd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 10:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51181
x-xss-protection
0
server
cafe
etag
7416778922242415356
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Nov 2021 10:24:40 GMT
white_sand.png
downrips.xyz/wp-content/themes/ivideo/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://downrips.xyz/wp-content/themes/ivideo/images/white_sand.png
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/wp-content/themes/ivideo/style.css?ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/wp-content/themes/ivideo/style.css?ver=5.8.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 10:24:40 GMT
cf-cache-status
BYPASS
last-modified
Mon, 20 Jul 2015 14:56:46 GMT
server
cloudflare
x-microcachable
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5geg6G5YOoHsE9ycrZ%2FpUspJ%2BgdTrXMKTurBudh8Tnas%2FGEhFHrjBuG8gkIgsWcyTrg%2BJS2L3ndZVLiI%2Fmhvx24G9T5hUFnba4QKQ4YmuwGGC%2FvruQvHt%2Bfru9i6fpg5zLMjyYYILoEAzAg%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6b08baee6cac4e74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21591
gV4cPxiARps
www.youtube.com/embed/ Frame 8CE3 		51 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/gV4cPxiARps
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2186acbbd0719d8820db84017c242cf50b4102dfdb765c454680a919ed551e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 19 Nov 2021 10:24:40 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame EFCF 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 19 Nov 2021 06:55:30 GMT
expires
Fri, 03 Dec 2021 06:55:30 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
12550
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
native_render.js
superonclick.com/script/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_render.js
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
date
Fri, 19 Nov 2021 10:24:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
x-guploader-uploadid
ADPycdvoa8H_yL7lng1wpll3kZDUKdtyrMQHUfofmTSSw4FbaYvV70MglspfwFyZCZ1GC86N3MmGDqxEUa_j862MIEp3TxS09Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 10:15:50 GMT
server
cloudflare
etag
W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lKEi%2FfA%2FgyqViauJ%2FZ8tVp6hFm5uP9SSLdjcWEDLAaIMmE8gAGazsmHu1no1YY2B0Z0kuHnBWSJR1UR2mxuMvhBmx3DGFdIgdbcoVSvjtperheUUUpVtYGTgydOMxd2xoho8VV1EqL6yrMcJVuw"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1550052950916101
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
4285
cf-ray
6b08baef3aba6925-FRA
expires
Fri, 19 Nov 2021 10:28:37 GMT
native_server.js
superonclick.com/script/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superonclick.com/script/native_server.js
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash
crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
date
Fri, 19 Nov 2021 10:24:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3363
x-guploader-uploadid
ADPycdt9-0Neg4qFlc1_qS1vxIkTfSADI55e8o4DTVjsirsAtnZdG2zERZgfrvWjZCvKfo0PVKip84u1VR0PJqBrt3wCn5XggA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 10:15:52 GMT
server
cloudflare
etag
W/"51d87e9ebd831fccab6a016079a60793"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijbidof37LjlkTFKaZxY2ulVq35i4%2F3T8vapGWtz2skXg3KZlGsBCs6NFVYDZzEOz1Y%2BwOY7ysvBmSoYYwi5Fs0yEd%2BQfOwFWULHlULg%2FuxWdn5PjvFX0ofzQHiB3P%2FaN45LrT5N79%2FseTmZ4eiG"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1550052952705094
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
9260
cf-ray
6b08baef3abc6925-FRA
expires
Fri, 19 Nov 2021 09:41:39 GMT
www-player-webp.css
www.youtube.com/s/player/ad2aeb77/ Frame 8CE3 		336 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ad2aeb77/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gV4cPxiARps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 15:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
67685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47193
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 18 Nov 2022 15:36:35 GMT
www-embed-player.js
www.youtube.com/s/player/ad2aeb77/www-embed-player.vflset/ Frame 8CE3 		214 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ad2aeb77/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gV4cPxiARps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 15:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
67700
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71869
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 18 Nov 2022 15:36:20 GMT
base.js
www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/ Frame 8CE3 		2 MB
522 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7954f007e9aa82d6e368ba89484584d864ed1939ad5b3ba187c26dc38e3901f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gV4cPxiARps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 15:37:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
67656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
534562
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 18 Nov 2022 15:37:04 GMT
fetch-polyfill.js
www.youtube.com/s/player/ad2aeb77/fetch-polyfill.vflset/ Frame 8CE3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ad2aeb77/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gV4cPxiARps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 15:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
67700
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 18 Nov 2022 15:36:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8CE3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 17:06:41 GMT
x-content-type-options
nosniff
age
235079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 17:06:41 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 8CE3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H3
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a153e3750831bfd8904396f01f56617d89f19e51e72d64a95c4d4cdab91d633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 10:24:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 19 Nov 2021 10:24:40 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8CE3 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 10:12:28 GMT
x-content-type-options
nosniff
age
732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Nov 2021 10:27:28 GMT
qoe
www.youtube.com/api/stats/ Frame 8CE3 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&cpn=KkkzTo8_sTJz975y&el=embedded&docid=gV4cPxiARps&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24027708%2C24064555%2C24080738%2C24082662%2C24115508%2C24116772%2C24129402%2C24129452%2C24136255&cl=410645725&seq=1&cbr=Chrome&cbrver=96.0.4664.45&c=WEB_EMBEDDED_PLAYER&cver=1.20211117.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/gV4cPxiARps
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Nov 2021 10:24:41 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/ Frame 8CE3 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d93cac9e8d3c8802a1926a35ce2117c2765d4784d7937dd81e93a6a5155982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gV4cPxiARps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 15:37:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
67656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7357
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 18 Nov 2022 15:37:05 GMT
truncated
/ Frame 8CE3 		319 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e15532983f0e76d961ddc14f26416f39cbe4cf7e8b0a4e0c962876fff03d4a2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
identify.html
ufpcdn.com/script/ Frame 6D64 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/

Response headers

date
Fri, 19 Nov 2021 10:24:41 GMT
content-type
text/html
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eh%2FeKuDPHuGS%2BWkP3KGekTjUvdepYsZ9%2BF3w0mDLmlHSqDU9QymOdpy0Li7HptbJvaUMdGoFrcpFLO29PwYz9kyQPrZ6mUHO30sgxUqXFz2k2ud15dOAlaGihDFOVtsIQr5Ywztapdk5"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b08baf0dbf04e7a-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
native.php
discovernative.com/script/ 		0
71 B 		Script
General
Check archive.org
Download Go to
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=4910275&cbrandom=0.8130733776196322&cbWidth=1600&cbHeight=1200&cbtitle=Embed%20Videos%20%7C%20Embed%20Videos%20Online%20Free&cbref=&cbdescription=&cbkeywords=&cbiframe=0&&ufp=12498268411862359430977489530&callback=jsonp242542
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.31.211.130.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 19 Nov 2021 10:24:41 GMT
via
1.1 google
server
openresty
alt-svc
clear
log_event
www.youtube.com/youtubei/v1/ Frame 8CE3 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/ad2aeb77/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/gV4cPxiARps
X-YouTube-Client-Version
1.20211117.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtYQWZac0dpRkNqSSjo9t2MBg%3D%3D
X-YouTube-Ad-Signals
dt=1637317480870&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C400&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 19 Nov 2021 10:24:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 19 Nov 2021 10:24:43 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers object| wp function| __cf_worker_run_after_load function| __cf_run_after_load object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach boolean| wait function| native_request string| zone object| adcashUfp function| jsonp242542 object| __CF$cv$params

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: lm5i0TpLbT0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: XAfZsGiFCjI
.ufpcdn.com/ Name: __cf_bm
Value: SB9v3nmq_O1DRzzYHcDCInnzjJLkAbBApEluoJE2yuc-1637317481-0-AX7OkIsn8jDVs8J0g1S+TVMP5edlGh4GCnmBwn+Fbs4A/3+cCqxtEJhcllHSGe1gXTfzlK+2A7D6ZPSI3MlPFhQ=
downrips.xyz/ Name: adcashufpv3
Value: 12498268411862359430977489530

1 Console Messages

Source Level URL
Text
network error URL: https://urgesick.com/6d/dc/ac/6ddcac927095db08c4d682452dc28c3b.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

discovernative.com
downrips.xyz
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.doubleclick.net
superonclick.com
ufpcdn.com
urgesick.com
www.youtube.com
130.211.31.231
192.243.59.13
2606:4700:3037::ac43:8e31
2606:4700:3037::ac43:bd78
2606:4700:e6::ac40:ca1d
2a00:1450:4001:802::200e
2a00:1450:4001:812::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f
1b2c618e9cefb257b7b41239ca51d5022faf8ed7ffda1db6bf42fed3de39c207
28da7b11c017339be74c494cdcfe55119d5169c5eb1f473cc902c9e68c200965
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
58a2515654d4fd62ad09719024b47595d552a4ff42ea0fdcab882702c763fbd3
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
6aaf90b8a7792c137daa8a324bfc07b5bf47a1b4c71bdb4e2b8675008b48afee
7954f007e9aa82d6e368ba89484584d864ed1939ad5b3ba187c26dc38e3901f3
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
8a153e3750831bfd8904396f01f56617d89f19e51e72d64a95c4d4cdab91d633
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
a0d93cac9e8d3c8802a1926a35ce2117c2765d4784d7937dd81e93a6a5155982
c2186acbbd0719d8820db84017c242cf50b4102dfdb765c454680a919ed551e3
d59215215ab74c1db96fd8ab0ab80ca05ebbbae6afc8ba156c5ae53b83fd652a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e15532983f0e76d961ddc14f26416f39cbe4cf7e8b0a4e0c962876fff03d4a2c
e18aee6953ab1da5957377bd36024f362e60de87b2f6e243ad8edf906cbc0447
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a