urlscan.io logo urlscan.io
SecurityTrails logo

wish.ninkbeschnonprub.tk Open in urlscan Pro
2606:4700:3035::ac43:8c32  Public Scan

Go To Rescan Add Verdict Report
URL: http://wish.ninkbeschnonprub.tk/
Submission: On December 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3035::ac43:8c32, located in United States and belongs to CLOUDFLARENET, US. The main domain is wish.ninkbeschnonprub.tk.
This is the only time wish.ninkbeschnonprub.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3035::ac43:8c32 (United States)

ASN13335 (CLOUDFLARENET, US)
wish.ninkbeschnonprub.tk
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.196.43.220 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-43-220.ap-northeast-1.compute.amazonaws.com
comingout.tokyo
2    125.63.35.54 (Chiyoda-ku, Japan)

ASN24278 (USEN-NET USEN CORPORATION, JP)
PTR: 125x63x35x54.rev.usen.com
image.hitosara.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
5    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a04:4e42:200::591 (United States)

ASN54113 (FASTLY, US)
img-mdpr.freetls.fastly.net
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
581 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
28 KB
2 hitosara.com
image.hitosara.com
431 KB
1 fastly.net
img-mdpr.freetls.fastly.net
42 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 73
584 B
1 comingout.tokyo
comingout.tokyo
201 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
1 ninkbeschnonprub.tk
wish.ninkbeschnonprub.tk
44 KB
19 8
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com wish.ninkbeschnonprub.tk
www.google.com
www.gstatic.com
2 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 image.hitosara.com wish.ninkbeschnonprub.tk
1 img-mdpr.freetls.fastly.net wish.ninkbeschnonprub.tk
1 www.youtube.com 1 redirects
1 comingout.tokyo wish.ninkbeschnonprub.tk
1 fonts.googleapis.com wish.ninkbeschnonprub.tk
1 wish.ninkbeschnonprub.tk
19 9

This site contains no links.

Subject Issuer Validity Valid
comingout.tokyo
Amazon		 2022-10-30 -
2023-11-27		 a year crt.sh
*.hitosara.com
GlobalSign RSA OV SSL CA 2018		 2022-02-08 -
2023-03-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://wish.ninkbeschnonprub.tk/
Frame ID: C294BF1649478FBFC9A35B5A4CEA215E
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/UwCKZ2n5RzE&q=EhAqAxsgAAbwEQAAAAAAAABuGJj6g50GIjDGUhK77Lj8gPqp8W_hP31vo3bAOH6xSYtpZopEnOFerqw4gU-CgCrvsrCGhjlnt2QyAXI
Frame ID: DC93526405F5F129473E1E3003C67C72
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&s=T606sgARzGF2pTkW7YdkPxjLt_kiF2fCVwZsUVqbhAhyrZ-CqQwP4qXlV67JAR6XX8fv3GA6sQkwXkpRV6s5b6SNa3GUKJT0J5nNNk_mnlMTVhXj7QrIpVXRKt3LRIAa19mPOXwsClUPJL4ad8F3BsRRQ5wOMsiGmD1eDJvDaqq4N3VuViSX0ELCKsHbkN_66NTPh-UiFzy1tfNmcIsGIGoLZQjb7qN-5V_mMDNz9P08R74kwz8zPei-lVTskXblxUb9-ieBdX6wC8l3E9FOB0ZCe4w1cPs&cb=58fm7xapqgiz
Frame ID: 75175735E7786A40A2FC10AC09D64330
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Frame ID: A11D458B8AC4B42E743DAD25CB45BD5A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

【2020年】はじめての四国・愛媛【松山】の旅行計画なら"王道"観光スポットをチェック!

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

19
Requests

84 %
HTTPS

78 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

1128 kB
Transfer

2050 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.youtube.com/embed/UwCKZ2n5RzE HTTP 302
  • https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/UwCKZ2n5RzE&q=EhAqAxsgAAbwEQAAAAAAAABuGJj6g50GIjDGUhK77Lj8gPqp8W_hP31vo3bAOH6xSYtpZopEnOFerqw4gU-CgCrvsrCGhjlnt2QyAXI

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wish.ninkbeschnonprub.tk/ 		132 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://wish.ninkbeschnonprub.tk/
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:8c32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51454c21622e490724e14768b7b5c94cfc34149d819e370cb2b79acbf205a012

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
77c425792cbd8ffb-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Dec 2022 00:08:56 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nxep5n4%2FvcJi9kcGNsRHKuPRNO0%2F1RrivsNKQOUtLrwFxtIx0GY4IjrKatIkzZqREVVtCIvSTuXD0uL3EiZO%2F65SLPpPFrVIFoZle7HArbop7Vo6wIn9F2vY0HtxKbD3a7FoIBpeoBm3oJmraQZzJDbEXT9sI2M%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Requested by
Host: wish.ninkbeschnonprub.tk
URL: http://wish.ninkbeschnonprub.tk/
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
629b012c851f4242e4e12f5f51c9e02609423e89cafee41bc838631114ac9455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://wish.ninkbeschnonprub.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 00:08:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Tue, 20 Dec 2022 00:04:58 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Tue, 20 Dec 2022 00:08:56 GMT
0bf3fec57c36547aaab65079968545bb.png
comingout.tokyo/wp-content/uploads/2020/09/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comingout.tokyo/wp-content/uploads/2020/09/0bf3fec57c36547aaab65079968545bb.png
Requested by
Host: wish.ninkbeschnonprub.tk
URL: http://wish.ninkbeschnonprub.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.43.220 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-43-220.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://wish.ninkbeschnonprub.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 20 Dec 2022 00:08:57 GMT
cache-control
no-cache, no-store, must-revalidate
server
Apache
x-frame-options
SAMEORIGIN
expires
0
0006073028F9_551x413y.jpg
image.hitosara.com/gg/image/0006073028/ 		328 KB
329 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.hitosara.com/gg/image/0006073028/0006073028F9_551x413y.jpg
Requested by
Host: wish.ninkbeschnonprub.tk
URL: http://wish.ninkbeschnonprub.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.63.35.54 Chiyoda-ku, Japan, ASN24278 (USEN-NET USEN CORPORATION, JP),
Reverse DNS
125x63x35x54.rev.usen.com
Software
Apache /
Resource Hash
1b0c14a8bfab35029ca2ef97b852ba923a7f71972aff01a5da5ede7dacb42686

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://wish.ninkbeschnonprub.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 00:08:57 GMT
Last-Modified
Wed, 02 Nov 2022 09:57:40 GMT
Server
Apache
ETag
"7ba21-5ec79defeed00"
Content-Type
image/jpeg
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
336298
Expires
Tue, 20 Dec 2022 01:08:57 GMT
0006073028K1_740x555y.jpg
image.hitosara.com/gg/image/0006073028/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.hitosara.com/gg/image/0006073028/0006073028K1_740x555y.jpg
Requested by
Host: wish.ninkbeschnonprub.tk
URL: http://wish.ninkbeschnonprub.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
125.63.35.54 Chiyoda-ku, Japan, ASN24278 (USEN-NET USEN CORPORATION, JP),
Reverse DNS
125x63x35x54.rev.usen.com
Software
Apache /
Resource Hash
3f6db76049855d9891f9222eead65006f856c653711ce92f7fda5d0987a3c748

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://wish.ninkbeschnonprub.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 20 Dec 2022 00:08:57 GMT
Last-Modified
Wed, 02 Nov 2022 09:57:40 GMT
Server
Apache
ETag
"a52d-5ec79defeed00"
Content-Type
image/jpeg
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
104806
Expires
Tue, 20 Dec 2022 01:08:57 GMT
index
www.google.com/sorry/ Frame DC93
Redirect Chain
  • https://www.youtube.com/embed/UwCKZ2n5RzE
  • https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/UwCKZ2n5RzE&q=EhAqAxsgAAbwEQAAAAAAAABuGJj6g50GIjDGUhK77Lj8gPqp8W_hP31vo3bAOH6xSYtpZopEnOFerqw4gU-CgCrvsrCGhjlnt2QyAXI
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/UwCKZ2n5RzE&q=EhAqAxsgAAbwEQAAAAAAAABuGJj6g50GIjDGUhK77Lj8gPqp8W_hP31vo3bAOH6xSYtpZopEnOFerqw4gU-CgCrvsrCGhjlnt2QyAXI
Requested by
Host: wish.ninkbeschnonprub.tk
URL: http://wish.ninkbeschnonprub.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
a6f4de203f564af028e35b3ed99fb94f8e987920be178fe977a02a0894a9637e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://wish.ninkbeschnonprub.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-store, no-cache, must-revalidate
content-length
3342
content-type
text/html
date
Tue, 20 Dec 2022 00:08:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-store, no-cache, must-revalidate
content-length
392
content-type
text/html; charset=UTF-8
date
Tue, 20 Dec 2022 00:08:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/UwCKZ2n5RzE&q=EhAqAxsgAAbwEQAAAAAAAABuGJj6g50GIjDGUhK77Lj8gPqp8W_hP31vo3bAOH6xSYtpZopEnOFerqw4gU-CgCrvsrCGhjlnt2QyAXI
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
xRjZoAmih99s4PiysQh3wJGEDhLwfSoM8PqbnHQnJcA.jpg
img-mdpr.freetls.fastly.net/article/xRjZ/nm/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-mdpr.freetls.fastly.net/article/xRjZ/nm/xRjZoAmih99s4PiysQh3wJGEDhLwfSoM8PqbnHQnJcA.jpg?width=700&disable=upscale&auto=webp
Requested by
Host: wish.ninkbeschnonprub.tk
URL: http://wish.ninkbeschnonprub.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4d57bea07ffa9ac19d1853bafb40d3d9cbe01cc9793debe74e79bb1c9b34f4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://wish.ninkbeschnonprub.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 20 Dec 2022 00:08:57 GMT
via
1.1 varnish, 1.1 varnish
x-amz-request-id
JC81NE58N0WHEE6E
age
0
x-cache
MISS, MISS
fastly-io-info
ifsz=1061303 idim=1600x1065 ifmt=jpeg ofsz=42228 odim=700x466 ofmt=webp
fastly-stats
io=1
content-length
42228
x-amz-id-2
QTCVLg//ybMxCiaf2heaKZ95Ph5YsLPntUlzIupvB/mOqeOJbAnqdDKNWeSuirX/kmGnkJpAZbY=
x-served-by
cache-tyo11974-TYO, cache-hhn-etou8220035-HHN
server
AmazonS3
x-timer
S1671494937.620924,VS0,VE511
etag
"UkHNkx/NjgriQrz0Qzgu8uKuPbVI1//II7jNzIcNhwQ"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 00:08:57 GMT
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://wish.ninkbeschnonprub.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 17 Dec 2022 03:51:30 GMT
X-Content-Type-Options
nosniff
Age
245846
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
27268
X-XSS-Protection
0
Last-Modified
Mon, 11 Jul 2022 18:56:23 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 17 Dec 2023 03:51:30 GMT
api.js
www.google.com/recaptcha/ Frame DC93 		850 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/UwCKZ2n5RzE&q=EhAqAxsgAAbwEQAAAAAAAABuGJj6g50GIjDGUhK77Lj8gPqp8W_hP31vo3bAOH6xSYtpZopEnOFerqw4gU-CgCrvsrCGhjlnt2QyAXI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/UwCKZ2n5RzE&q=EhAqAxsgAAbwEQAAAAAAAABuGJj6g50GIjDGUhK77Lj8gPqp8W_hP31vo3bAOH6xSYtpZopEnOFerqw4gU-CgCrvsrCGhjlnt2QyAXI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 00:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Tue, 20 Dec 2022 00:08:57 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame DC93 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 18:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 18:52:20 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7517 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&s=T606sgARzGF2pTkW7YdkPxjLt_kiF2fCVwZsUVqbhAhyrZ-CqQwP4qXlV67JAR6XX8fv3GA6sQkwXkpRV6s5b6SNa3GUKJT0J5nNNk_mnlMTVhXj7QrIpVXRKt3LRIAa19mPOXwsClUPJL4ad8F3BsRRQ5wOMsiGmD1eDJvDaqq4N3VuViSX0ELCKsHbkN_66NTPh-UiFzy1tfNmcIsGIGoLZQjb7qN-5V_mMDNz9P08R74kwz8zPei-lVTskXblxUb9-ieBdX6wC8l3E9FOB0ZCe4w1cPs&cb=58fm7xapqgiz
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a25224243e09c82aec01fdbd72842b7236db57ebe9ddfec170a5aef9519b71c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fz1pH3R1K3aJr7GS_uGhKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/UwCKZ2n5RzE&q=EhAqAxsgAAbwEQAAAAAAAABuGJj6g50GIjDGUhK77Lj8gPqp8W_hP31vo3bAOH6xSYtpZopEnOFerqw4gU-CgCrvsrCGhjlnt2QyAXI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23217
content-security-policy
script-src 'report-sample' 'nonce-fz1pH3R1K3aJr7GS_uGhKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 00:08:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 7517 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&s=T606sgARzGF2pTkW7YdkPxjLt_kiF2fCVwZsUVqbhAhyrZ-CqQwP4qXlV67JAR6XX8fv3GA6sQkwXkpRV6s5b6SNa3GUKJT0J5nNNk_mnlMTVhXj7QrIpVXRKt3LRIAa19mPOXwsClUPJL4ad8F3BsRRQ5wOMsiGmD1eDJvDaqq4N3VuViSX0ELCKsHbkN_66NTPh-UiFzy1tfNmcIsGIGoLZQjb7qN-5V_mMDNz9P08R74kwz8zPei-lVTskXblxUb9-ieBdX6wC8l3E9FOB0ZCe4w1cPs&cb=58fm7xapqgiz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 15:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 15:12:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 7517 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&s=T606sgARzGF2pTkW7YdkPxjLt_kiF2fCVwZsUVqbhAhyrZ-CqQwP4qXlV67JAR6XX8fv3GA6sQkwXkpRV6s5b6SNa3GUKJT0J5nNNk_mnlMTVhXj7QrIpVXRKt3LRIAa19mPOXwsClUPJL4ad8F3BsRRQ5wOMsiGmD1eDJvDaqq4N3VuViSX0ELCKsHbkN_66NTPh-UiFzy1tfNmcIsGIGoLZQjb7qN-5V_mMDNz9P08R74kwz8zPei-lVTskXblxUb9-ieBdX6wC8l3E9FOB0ZCe4w1cPs&cb=58fm7xapqgiz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 18:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 18:52:20 GMT
truncated
/ Frame 7517 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7517 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7517 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 19:40:09 GMT
x-content-type-options
nosniff
age
361728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Dec 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7517 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&s=T606sgARzGF2pTkW7YdkPxjLt_kiF2fCVwZsUVqbhAhyrZ-CqQwP4qXlV67JAR6XX8fv3GA6sQkwXkpRV6s5b6SNa3GUKJT0J5nNNk_mnlMTVhXj7QrIpVXRKt3LRIAa19mPOXwsClUPJL4ad8F3BsRRQ5wOMsiGmD1eDJvDaqq4N3VuViSX0ELCKsHbkN_66NTPh-UiFzy1tfNmcIsGIGoLZQjb7qN-5V_mMDNz9P08R74kwz8zPei-lVTskXblxUb9-ieBdX6wC8l3E9FOB0ZCe4w1cPs&cb=58fm7xapqgiz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 12:17:50 GMT
x-content-type-options
nosniff
age
215468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 12:17:50 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7517 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&s=T606sgARzGF2pTkW7YdkPxjLt_kiF2fCVwZsUVqbhAhyrZ-CqQwP4qXlV67JAR6XX8fv3GA6sQkwXkpRV6s5b6SNa3GUKJT0J5nNNk_mnlMTVhXj7QrIpVXRKt3LRIAa19mPOXwsClUPJL4ad8F3BsRRQ5wOMsiGmD1eDJvDaqq4N3VuViSX0ELCKsHbkN_66NTPh-UiFzy1tfNmcIsGIGoLZQjb7qN-5V_mMDNz9P08R74kwz8zPei-lVTskXblxUb9-ieBdX6wC8l3E9FOB0ZCe4w1cPs&cb=58fm7xapqgiz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&s=T606sgARzGF2pTkW7YdkPxjLt_kiF2fCVwZsUVqbhAhyrZ-CqQwP4qXlV67JAR6XX8fv3GA6sQkwXkpRV6s5b6SNa3GUKJT0J5nNNk_mnlMTVhXj7QrIpVXRKt3LRIAa19mPOXwsClUPJL4ad8F3BsRRQ5wOMsiGmD1eDJvDaqq4N3VuViSX0ELCKsHbkN_66NTPh-UiFzy1tfNmcIsGIGoLZQjb7qN-5V_mMDNz9P08R74kwz8zPei-lVTskXblxUb9-ieBdX6wC8l3E9FOB0ZCe4w1cPs&cb=58fm7xapqgiz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 00:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 20 Dec 2022 00:08:57 GMT
bframe
www.google.com/recaptcha/api2/ Frame A11D 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b0dd7f01c1a944083990a13fe155b004e231a7cc7052cccf5cf8e5c58fb1e418
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rHApbhhslX_loiO5OkmfRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/UwCKZ2n5RzE&q=EhAqAxsgAAbwEQAAAAAAAABuGJj6g50GIjDGUhK77Lj8gPqp8W_hP31vo3bAOH6xSYtpZopEnOFerqw4gU-CgCrvsrCGhjlnt2QyAXI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1114
content-security-policy
script-src 'report-sample' 'nonce-rHApbhhslX_loiO5OkmfRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 00:08:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame A11D 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 15:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 15:12:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame A11D 		407 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 18:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166478
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 05:24:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Dec 2023 18:52:20 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange

1 Cookies

Domain/Path Name / Value
wish.ninkbeschnonprub.tk/ Name: ch1c
Value: b

2 Console Messages

Source Level URL
Text
network error URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/UwCKZ2n5RzE&q=EhAqAxsgAAbwEQAAAAAAAABuGJj6g50GIjDGUhK77Lj8gPqp8W_hP31vo3bAOH6xSYtpZopEnOFerqw4gU-CgCrvsrCGhjlnt2QyAXI
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://comingout.tokyo/wp-content/uploads/2020/09/0bf3fec57c36547aaab65079968545bb.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

comingout.tokyo
fonts.googleapis.com
fonts.gstatic.com
image.hitosara.com
img-mdpr.freetls.fastly.net
wish.ninkbeschnonprub.tk
www.google.com
www.gstatic.com
www.youtube.com
125.63.35.54
2606:4700:3035::ac43:8c32
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:829::2003
2a04:4e42:200::591
52.196.43.220
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
1b0c14a8bfab35029ca2ef97b852ba923a7f71972aff01a5da5ede7dacb42686
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f6db76049855d9891f9222eead65006f856c653711ce92f7fda5d0987a3c748
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
51454c21622e490724e14768b7b5c94cfc34149d819e370cb2b79acbf205a012
629b012c851f4242e4e12f5f51c9e02609423e89cafee41bc838631114ac9455
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
9a25224243e09c82aec01fdbd72842b7236db57ebe9ddfec170a5aef9519b71c
a6f4de203f564af028e35b3ed99fb94f8e987920be178fe977a02a0894a9637e
b0dd7f01c1a944083990a13fe155b004e231a7cc7052cccf5cf8e5c58fb1e418
d4d57bea07ffa9ac19d1853bafb40d3d9cbe01cc9793debe74e79bb1c9b34f4f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfe02a2d93a93c68f34213c0b1f9c16f59edc3a652167733cc9a06b3ed7fdecd
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20