urlscan.io logo urlscan.io
SecurityTrails logo

www.freegoogleplaycodes.realrocco.com Open in urlscan Pro
77.81.121.41  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.freegoogleplaycodes.realrocco.com/
Submission Tags: @phishunt_io
Submission: On October 08 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 77.81.121.41, located in Amsterdam, Netherlands and belongs to KNOWNSRV, NL. The main domain is www.freegoogleplaycodes.realrocco.com.
TLS certificate: Issued by R3 on October 7th 2021. Valid for: 3 months.
This is the only time www.freegoogleplaycodes.realrocco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    77.81.121.41 (Amsterdam, Netherlands)

ASN200514 (KNOWNSRV, NL)
www.freegoogleplaycodes.realrocco.com
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
Domain Requested by
8 www.youtube.com www.freegoogleplaycodes.realrocco.com
www.youtube.com
6 www.freegoogleplaycodes.realrocco.com www.freegoogleplaycodes.realrocco.com
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.googleapis.com www.freegoogleplaycodes.realrocco.com
1 static.doubleclick.net www.youtube.com
22 6

This site contains links to these domains. Also see Links.

Domain
freegoogleplaycodes.realrocco.com
Subject Issuer Validity Valid
www.realhanks.realrocco.com
R3		 2021-10-07 -
2022-01-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://www.freegoogleplaycodes.realrocco.com/
Frame ID: 5AF07D7E82D75F4FEA7D63FDD9EFB126
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/8D8nXhdbPMA
Frame ID: A043432B2E01B1582537139CC278472A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Google Play Codes Generator - No Survey (Fast Server)

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

843 kB
Transfer

2863 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.freegoogleplaycodes.realrocco.com/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.freegoogleplaycodes.realrocco.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.81.121.41 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL),
Reverse DNS
Software
/
Resource Hash
6cda851c0ef27f817afddd7ffa507abc1e6fe690155650a0737735114500f9d2

Request headers

Host
www.freegoogleplaycodes.realrocco.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 08 Oct 2021 05:12:27 GMT
Last-Modified
Wed, 08 Jan 2020 10:28:03 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
3939
Content-Type
text/html
X-Varnish
246891303
Age
0
X-Cache
MISS
Accept-Ranges
bytes
Connection
keep-alive
bootstrap.min.css
www.freegoogleplaycodes.realrocco.com/vendor/bootstrap/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.freegoogleplaycodes.realrocco.com/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: www.freegoogleplaycodes.realrocco.com
URL: https://www.freegoogleplaycodes.realrocco.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.81.121.41 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL),
Reverse DNS
Software
/
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.freegoogleplaycodes.realrocco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.freegoogleplaycodes.realrocco.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.freegoogleplaycodes.realrocco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 05:12:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Apr 2019 17:07:08 GMT
Age
0
Vary
Accept-Encoding,User-Agent
X-Cache
MISS
X-Varnish
246891305
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
21047
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Catamaran:100,200,300,400,500,600,700,800,900
Requested by
Host: www.freegoogleplaycodes.realrocco.com
URL: https://www.freegoogleplaycodes.realrocco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
efd2de711ea02b48fbe18ffcb3528fcea09a247e681d7c86df931b6dd684c268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.freegoogleplaycodes.realrocco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 04:46:31 GMT
server
ESF
date
Fri, 08 Oct 2021 05:12:27 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 08 Oct 2021 05:12:27 GMT
css
fonts.googleapis.com/ 		7 KB
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Requested by
Host: www.freegoogleplaycodes.realrocco.com
URL: https://www.freegoogleplaycodes.realrocco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50069dd80a131b78b7fd612ad86927814782ddff1f58c06c376f0d9bf90ff051
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.freegoogleplaycodes.realrocco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 08 Oct 2021 05:12:27 GMT
server
ESF
date
Fri, 08 Oct 2021 05:12:27 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 08 Oct 2021 05:12:27 GMT
one-page-wonder.min.css
www.freegoogleplaycodes.realrocco.com/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.freegoogleplaycodes.realrocco.com/css/one-page-wonder.min.css
Requested by
Host: www.freegoogleplaycodes.realrocco.com
URL: https://www.freegoogleplaycodes.realrocco.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.81.121.41 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL),
Reverse DNS
Software
/
Resource Hash
ac74e534180b27f356c9189c73c69b412c78e3cd079a6eb65e835f80bbb0de3b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.freegoogleplaycodes.realrocco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.freegoogleplaycodes.realrocco.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.freegoogleplaycodes.realrocco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 05:12:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Sep 2018 02:54:24 GMT
Age
0
Vary
Accept-Encoding,User-Agent
X-Cache
MISS
X-Varnish
242246063
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
953
b5cb917c6c3905933f7989e0e74726fa_1.js
www.freegoogleplaycodes.realrocco.com/cdn.sendpulse.com/js/push/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freegoogleplaycodes.realrocco.com/cdn.sendpulse.com/js/push/b5cb917c6c3905933f7989e0e74726fa_1.js
Requested by
Host: www.freegoogleplaycodes.realrocco.com
URL: https://www.freegoogleplaycodes.realrocco.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.81.121.41 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL),
Reverse DNS
Software
/
Resource Hash
991d0cb33a59b69f970692aaa2b948626d53af498764385bebba1a29afa7c6ea

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.freegoogleplaycodes.realrocco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.freegoogleplaycodes.realrocco.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.freegoogleplaycodes.realrocco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 05:12:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Mar 2019 11:47:24 GMT
Age
0
Vary
Accept-Encoding,User-Agent
X-Cache
MISS
X-Varnish
243298969
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
13102
jquery.min.js
www.freegoogleplaycodes.realrocco.com/vendor/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freegoogleplaycodes.realrocco.com/vendor/jquery/jquery.min.js
Requested by
Host: www.freegoogleplaycodes.realrocco.com
URL: https://www.freegoogleplaycodes.realrocco.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.81.121.41 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL),
Reverse DNS
Software
/
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.freegoogleplaycodes.realrocco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.freegoogleplaycodes.realrocco.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.freegoogleplaycodes.realrocco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 05:12:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Apr 2019 17:07:08 GMT
Age
0
Vary
Accept-Encoding,User-Agent
X-Cache
MISS
X-Varnish
249732718
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
30307
bootstrap.bundle.min.js
www.freegoogleplaycodes.realrocco.com/vendor/bootstrap/js/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.freegoogleplaycodes.realrocco.com/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: www.freegoogleplaycodes.realrocco.com
URL: https://www.freegoogleplaycodes.realrocco.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.81.121.41 Amsterdam, Netherlands, ASN200514 (KNOWNSRV, NL),
Reverse DNS
Software
/
Resource Hash
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.freegoogleplaycodes.realrocco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.freegoogleplaycodes.realrocco.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://www.freegoogleplaycodes.realrocco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 08 Oct 2021 05:12:27 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Apr 2019 17:07:08 GMT
Age
0
Vary
Accept-Encoding,User-Agent
X-Cache
MISS
X-Varnish
248854044
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
20693
8D8nXhdbPMA
www.youtube.com/embed/ Frame A043 		49 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/8D8nXhdbPMA
Requested by
Host: www.freegoogleplaycodes.realrocco.com
URL: https://www.freegoogleplaycodes.realrocco.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1eee5f13bf9fdbc2f4e61e8b6a99f16be5d3d2d9b101faf6ecf779a08dce9280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/8D8nXhdbPMA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.freegoogleplaycodes.realrocco.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.freegoogleplaycodes.realrocco.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 08 Oct 2021 05:12:27 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=B32y_U65zBw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=I0V1chuu490; Domain=.youtube.com; Expires=Wed, 06-Apr-2022 05:12:27 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+123; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.freegoogleplaycodes.realrocco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:13:08 GMT
x-content-type-options
nosniff
age
262759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 04:13:08 GMT
o-0IIpQoyXQa2RxT7-5r5TRA.woff2
fonts.gstatic.com/s/catamaran/v8/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/catamaran/v8/o-0IIpQoyXQa2RxT7-5r5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Catamaran:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b50be768f2ccf5cc794e5ead078be652a9f1f9da04cbf1ed4601a3832fb6dd41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.freegoogleplaycodes.realrocco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:36:48 GMT
x-content-type-options
nosniff
age
477339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32860
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:29:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 02 Oct 2022 16:36:48 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.freegoogleplaycodes.realrocco.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 06:39:46 GMT
x-content-type-options
nosniff
age
426761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 03 Oct 2022 06:39:46 GMT
www-player-webp.css
www.youtube.com/s/player/37e2b9da/ Frame A043 		332 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/37e2b9da/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8D8nXhdbPMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e634faa593de2f23eb01094d422f25d59063be4dda5e73868485e12c7ea74cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8D8nXhdbPMA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 00:56:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
101756
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46754
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 00:21:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Oct 2022 00:56:31 GMT
www-embed-player.js
www.youtube.com/s/player/37e2b9da/www-embed-player.vflset/ Frame A043 		206 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/37e2b9da/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8D8nXhdbPMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59b511b63c3883f58a06afc4938cb6f5e82bb02a7f7237df74e56a99dc6ba51b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8D8nXhdbPMA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 00:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
102224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69035
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 00:21:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Oct 2022 00:48:43 GMT
base.js
www.youtube.com/s/player/37e2b9da/player_ias.vflset/de_DE/ Frame A043 		2 MB
510 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/37e2b9da/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8D8nXhdbPMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90b3f8bb2e8124727e2fb3033fa0cebbc25b8b3366bca201042d0739cf223564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8D8nXhdbPMA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 00:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
102225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
522332
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 00:21:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Oct 2022 00:48:42 GMT
fetch-polyfill.js
www.youtube.com/s/player/37e2b9da/fetch-polyfill.vflset/ Frame A043 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/37e2b9da/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8D8nXhdbPMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8D8nXhdbPMA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 00:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
102224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 00:21:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Oct 2022 00:48:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A043 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8D8nXhdbPMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:07:47 GMT
x-content-type-options
nosniff
age
245080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 09:07:47 GMT
id
googleads.g.doubleclick.net/pagead/ Frame A043
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8D8nXhdbPMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b7af2e786c8b2ef84b87bf38ca6682bea48d728f4a44f2604b0ae0ff38b6102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 05:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 08 Oct 2021 05:12:27 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A043 		29 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/37e2b9da/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 05:04:51 GMT
x-content-type-options
nosniff
age
456
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Oct 2021 05:19:51 GMT
qoe
www.youtube.com/api/stats/ Frame A043 		0
200 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&cpn=WsdpgFlrh0lT3kex&el=embedded&docid=8D8nXhdbPMA&ns=yt&fexp=23748146%2C23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24047104%2C24064555%2C24080738%2C24082661%2C24084198%2C24101841%2C24106092&cl=400999777&seq=1&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20211005.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/37e2b9da/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/8D8nXhdbPMA
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 05:12:27 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/37e2b9da/player_ias.vflset/de_DE/ Frame A043 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/37e2b9da/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/37e2b9da/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e96b9b57c60541160adcedecbd8e3e0643cbce5b6f3cb8623655da39ec78cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/8D8nXhdbPMA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 01:00:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
101537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7362
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 00:21:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 07 Oct 2022 01:00:10 GMT
truncated
/ Frame A043 		296 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e83bcf0315f708e646d547688191140b0fbf240f230225e7e4cc136d8133fe3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
log_event
www.youtube.com/youtubei/v1/ Frame A043 		28 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/37e2b9da/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/8D8nXhdbPMA
X-YouTube-Client-Version
1.20211005.1.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtJMFYxY2h1dTQ5MCi7pv-KBg%3D%3D
X-YouTube-Ad-Signals
dt=1633669947797&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKp_0jV5a0IRkrgsHlHnFk2wVheEW-Vx2kq6_M-ZQyTLoOiJaH4JrdDoXDvwJbTYWnyCtO3H6zer3qXGypxnxSeVCfk5ow

Response headers

date
Fri, 08 Oct 2021 05:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 08 Oct 2021 05:12:30 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| oSpPOptions function| oSendpulsePush object| oSpP function| UAParser function| $ function| jQuery object| bootstrap

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: B32y_U65zBw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: I0V1chuu490
.doubleclick.net/ Name: IDE
Value: AHWqTUmybUA3n2sRG-fIsBKJetoSCGlL3HC4ydEniAJUih0ndSwd3xITtSFbr5IW

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
static.doubleclick.net
www.freegoogleplaycodes.realrocco.com
www.youtube.com
2a00:1450:4001:800::200a
2a00:1450:4001:803::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2006
77.81.121.41
0b7af2e786c8b2ef84b87bf38ca6682bea48d728f4a44f2604b0ae0ff38b6102
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1e96b9b57c60541160adcedecbd8e3e0643cbce5b6f3cb8623655da39ec78cb8
1eee5f13bf9fdbc2f4e61e8b6a99f16be5d3d2d9b101faf6ecf779a08dce9280
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
50069dd80a131b78b7fd612ad86927814782ddff1f58c06c376f0d9bf90ff051
59b511b63c3883f58a06afc4938cb6f5e82bb02a7f7237df74e56a99dc6ba51b
5e634faa593de2f23eb01094d422f25d59063be4dda5e73868485e12c7ea74cb
6cda851c0ef27f817afddd7ffa507abc1e6fe690155650a0737735114500f9d2
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8e83bcf0315f708e646d547688191140b0fbf240f230225e7e4cc136d8133fe3
90b3f8bb2e8124727e2fb3033fa0cebbc25b8b3366bca201042d0739cf223564
991d0cb33a59b69f970692aaa2b948626d53af498764385bebba1a29afa7c6ea
ac74e534180b27f356c9189c73c69b412c78e3cd079a6eb65e835f80bbb0de3b
b50be768f2ccf5cc794e5ead078be652a9f1f9da04cbf1ed4601a3832fb6dd41
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efd2de711ea02b48fbe18ffcb3528fcea09a247e681d7c86df931b6dd684c268