yt.d0.cx Open in urlscan Pro
73.35.161.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Submission: On May 22 via manual (May 22nd 2021, 7:57:26 pm UTC) from US

Summary HTTP 64 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 19 domains to perform 64 HTTP transactions. The main IP is 73.35.161.200, located in Mercer Island, United States and belongs to COMCAST-7922, US. The main domain is yt.d0.cx.
TLS certificate: Issued by R3 on May 11th 2021. Valid for: 3 months.

This is the only time yt.d0.cx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	73.35.161.200 73.35.161.200	7922 (COMCAST-7922) (COMCAST-7922)
1	2a04:4e42:1b:... 2a04:4e42:1b::729	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.187.129.45 37.187.129.45	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:400a:6::7	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400e:4d::7	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:60::7	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
64	22

16 73.35.161.200 (Mercer Island, United States)

ASN7922 (COMCAST-7922, US)
PTR: c-73-35-161-200.hsd1.wa.comcast.net

yt.d0.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.187.129.45 (France)

ASN16276 (OVH, FR)
PTR: ns316269.ip-37-187-129.eu

counter4.stat.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.86 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400a:6::7 (United States) 1 redirects

ASN15169 (GOOGLE, US)

r2---sn-nx57ynse.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:4d::7 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

r2---sn-5hnekn7z.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:60::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5e6ns6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	d0.cx yt.d0.cx	254 KB
11	ytimg.com i.ytimg.com	513 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	157 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	114 KB
3	googlevideo.com r2---sn-nx57ynse.googlevideo.com Failed r2---sn-5hnekn7z.googlevideo.com r2---sn-4g5e6ns6.googlevideo.com	3 KB
3	buysellads.net cdn4.buysellads.net	233 KB
2	google.de www.google.de adservice.google.de	272 B
2	google.com www.google.com adservice.google.com	272 B
2	googletagservices.com www.googletagservices.com	48 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	yandex.ru 1 redirects mc.yandex.ru	69 KB
1	googleadservices.com partner.googleadservices.com	255 B
1	amung.us whos.amung.us	146 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	stat.ovh counter4.stat.ovh	570 B
1	waust.at waust.at	4 KB
1	ggpht.com yt3.ggpht.com	1 KB
1	zencdn.net vjs.zencdn.net	10 KB
64	19

	Domain	Requested by
16	yt.d0.cx	yt.d0.cx
11	i.ytimg.com	yt.d0.cx
5	mc.yandex.com	2 redirects yt.d0.cx
5	pagead2.googlesyndication.com	yt.d0.cx pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	cdn4.buysellads.net	yt.d0.cx
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.googletagservices.com	cdn4.buysellads.net pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	mc.yandex.ru	1 redirects yt.d0.cx
1	r2---sn-4g5e6ns6.googlevideo.com	yt.d0.cx
1	r2---sn-5hnekn7z.googlevideo.com	1 redirects
1	r2---sn-nx57ynse.googlevideo.com	yt.d0.cx
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	whos.amung.us	waust.at
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	www.google.de	yt.d0.cx
1	www.google.com	yt.d0.cx
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	yt.d0.cx
1	counter4.stat.ovh	yt.d0.cx
1	waust.at	yt.d0.cx
1	yt3.ggpht.com	yt.d0.cx
1	vjs.zencdn.net	yt.d0.cx
64	26

This site contains links to these domains. Also see Links.

Domain
www.patreon.com
youtube.com
www.boxypixel.com
bit.ly
amzn.to
www.instagram.com
www.facebook.com
twitter.com
matthewmccheskey.bandcamp.com
dorper.me
forum.dorper.me
www.freecounterstat.com

Subject Issuer	Validity	Valid
dorper.me R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-04` - `2021-09-04`	a year	crt.sh
counter4.idealpes.com R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2019-08-23` - `2021-08-22`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-05-11` - `2021-07-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Frame ID: AB5956302073939608CCC7E2BCC34482
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: E567F9D7FE3CBE8AEC0D7D54AFFF0878
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7366935910744567&output=html&adk=4165189433&adf=250190938&lmt=1621713422&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621713422805&bpp=3&bdt=834&idt=84&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6273312928422&frm=20&pv=2&ga_vid=795395444.1621713423&ga_sid=1621713423&ga_hid=486035312&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060710%2C31060839&oid=3&pvsid=2204690759307021&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=101
Frame ID: B4471EACC070A6B009044632F7188142
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7366935910744567&output=html&h=600&slotname=8611129712&adk=1485576906&adf=2229769918&pi=t.ma~as.8611129712&w=300&fwrn=4&fwrnh=100&lmt=1621713422&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621713422808&bpp=2&bdt=836&idt=101&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6273312928422&frm=20&pv=1&ga_vid=795395444.1621713423&ga_sid=1621713423&ga_hid=486035312&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=965&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060710%2C31060839&oid=3&pvsid=2204690759307021&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eR9gDCZyDM&p=https%3A//yt.d0.cx&dtd=107
Frame ID: 4257E0B7DD609081511D2D8CBC0ACB59
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1E28095E9871C4E1380438A65EC96F97
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

64
Requests

97 %
HTTPS

78 %
IPv6

19
Domains

26
Subdomains

22
IPs

7
Countries

1463 kB
Transfer

6912 kB
Size

9
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://www.patreon.com/MachoNachoProductions
Title: https://www.patreon.com/MachoNachoPro...

Search URL Search Domain Scan URL

URL: https://youtube.com/playlist?list=PLuDsAo0Gifdq1mG6ixix1uB_H7567fs1W
Title: https://youtube.com/playlist?list=PLu...

Search URL Search Domain Scan URL

URL: https://www.boxypixel.com/collections/game-boy-advance-sp/products/game-boy-advance-sp-single-piece
Title: https://www.boxypixel.com/collections...

Search URL Search Domain Scan URL

URL: https://bit.ly/39hHnz7
Title: https://bit.ly/39hHnz7

Search URL Search Domain Scan URL

URL: https://amzn.to/2E8P2X3
Title: https://amzn.to/2E8P2X3

Search URL Search Domain Scan URL

URL: https://amzn.to/2EdULeo
Title: https://amzn.to/2EdULeo

Search URL Search Domain Scan URL

URL: https://amzn.to/2FE9Mq5
Title: https://amzn.to/2FE9Mq5

Search URL Search Domain Scan URL

URL: https://amzn.to/2CnJEOt
Title: https://amzn.to/2CnJEOt

Search URL Search Domain Scan URL

URL: https://amzn.to/314rc88
Title: https://amzn.to/314rc88

Search URL Search Domain Scan URL

URL: https://amzn.to/2RvVLNS
Title: https://amzn.to/2RvVLNS

Search URL Search Domain Scan URL

URL: https://amzn.to/2RB9naO
Title: https://amzn.to/2RB9naO

Search URL Search Domain Scan URL

URL: https://amzn.to/32BYPhE
Title: https://amzn.to/32BYPhE

Search URL Search Domain Scan URL

URL: https://amzn.to/2ZLfkpZ
Title: https://amzn.to/2ZLfkpZ

Search URL Search Domain Scan URL

URL: https://amzn.to/3hQlIDB
Title: https://amzn.to/3hQlIDB

Search URL Search Domain Scan URL

URL: https://amzn.to/2YEna4A
Title: https://amzn.to/2YEna4A

Search URL Search Domain Scan URL

URL: https://amzn.to/2NDyTu5
Title: https://amzn.to/2NDyTu5

Search URL Search Domain Scan URL

URL: https://amzn.to/37ZwSS1
Title: https://amzn.to/37ZwSS1

Search URL Search Domain Scan URL

URL: https://amzn.to/3fVrouj
Title: https://amzn.to/3fVrouj

Search URL Search Domain Scan URL

URL: https://amzn.to/2Ylq6Dd
Title: https://amzn.to/2Ylq6Dd

Search URL Search Domain Scan URL

URL: https://amzn.to/2zV7VuC
Title: https://amzn.to/2zV7VuC

Search URL Search Domain Scan URL

URL: https://amzn.to/2Ni1V22
Title: https://amzn.to/2Ni1V22

Search URL Search Domain Scan URL

URL: https://amzn.to/3hQ7fb2
Title: https://amzn.to/3hQ7fb2

Search URL Search Domain Scan URL

URL: https://amzn.to/37P8rGV
Title: https://amzn.to/37P8rGV

Search URL Search Domain Scan URL

URL: https://amzn.to/2V2uaWU
Title: https://amzn.to/2V2uaWU

Search URL Search Domain Scan URL

URL: https://amzn.to/3ghlMuS
Title: https://amzn.to/3ghlMuS

Search URL Search Domain Scan URL

URL: https://amzn.to/3gdgVdV
Title: https://amzn.to/3gdgVdV

Search URL Search Domain Scan URL

URL: https://amzn.to/39FSxQa
Title: https://amzn.to/39FSxQa

Search URL Search Domain Scan URL

URL: https://amzn.to/308Zm9O
Title: https://amzn.to/308Zm9O

Search URL Search Domain Scan URL

URL: https://amzn.to/2CR5LxF
Title: https://amzn.to/2CR5LxF

Search URL Search Domain Scan URL

URL: https://amzn.to/3hPnap0
Title: https://amzn.to/3hPnap0

Search URL Search Domain Scan URL

URL: https://amzn.to/3fcq3i6
Title: https://amzn.to/3fcq3i6

Search URL Search Domain Scan URL

URL: https://www.instagram.com/machonachop
Title: https://www.instagram.com/machonachop

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MachoNachoPr
Title: https://www.facebook.com/MachoNachoPr

Search URL Search Domain Scan URL

URL: https://twitter.com/MachoNachoProd1
Title: https://twitter.com/MachoNachoProd1

Search URL Search Domain Scan URL

URL: https://matthewmccheskey.bandcamp.com/
Title: https://matthewmccheskey.bandcamp.com/

Search URL Search Domain Scan URL

URL: https://dorper.me/litetube/
Title: About

Search URL Search Domain Scan URL

URL: https://forum.dorper.me/viewforum.php?f=6
Title: Suggest Features

Search URL Search Domain Scan URL

URL: https://dorper.me/
Title: Dorper

Search URL Search Domain Scan URL

URL: https://www.freecounterstat.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9281.l2JjW-UOb5s-f4ZFJRTStDey4tdP6GCinlxVL1km5ocd_ZMOgePJx6jn_nzHAy6P.mQVXQUt5MEgHLiDUfbIFrvp7nfE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9281.4FOOVBNuI8f1i9sBxJbIp29ucScUfRNMbY-0CY2IYx3FGNPDNiVe3S0DvpXsuKdcBFW11Slp6On5i_H3e_lUHA%2C%2C.IK-M_0W2ORQj8H3ScaVhYO15ibU%2C

Request Chain 48

https://mc.yandex.com/watch/55927615?wmode=7&page-url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A7130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A663511456049%3Ahid%3A433366493%3Az%3A120%3Ai%3A20210522215702%3Aet%3A1621713423%3Ac%3A1%3Arn%3A778872795%3Au%3A1621713423753260599%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621713415461%3Ads%3A15%2C403%2C6089%2C1%2C0%2C0%2C%2C794%2C0%2C%2C%2C%2C7305%3Adsn%3A16%2C402%2C6090%2C0%2C0%2C0%2C%2C796%2C1%2C%2C%2C%2C7305%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621713423%3At%3AGBA%20SP%20Metal%20Shell%20Without%20The%20Hinge!%20%7C%20Boxy%20Pixel%20Unhinged%20SP%20%7C%20Install%20Tutorial%20%2B%20Review%20-%20LiteTube HTTP 302
https://mc.yandex.com/watch/55927615/1?wmode=7&page-url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A7130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A663511456049%3Ahid%3A433366493%3Az%3A120%3Ai%3A20210522215702%3Aet%3A1621713423%3Ac%3A1%3Arn%3A778872795%3Au%3A1621713423753260599%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621713415461%3Ads%3A15%2C403%2C6089%2C1%2C0%2C0%2C%2C794%2C0%2C%2C%2C%2C7305%3Adsn%3A16%2C402%2C6090%2C0%2C0%2C0%2C%2C796%2C1%2C%2C%2C%2C7305%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621713423%3At%3AGBA%20SP%20Metal%20Shell%20Without%20The%20Hinge%21%20%7C%20Boxy%20Pixel%20Unhinged%20SP%20%7C%20Install%20Tutorial%20%2B%20Review%20-%20LiteTube

Request Chain 58

https://r2---sn-nx57ynse.googlevideo.com/videoplayback?expire=1621735017&ei=CWKpYIC-KMH6kgbwqojYBQ&ip=73.35.161.200&id=o-AIHLobDX78expwWDqbk06asD5ZQuVMgJiGIeH59TH4fH&itag=18&source=youtube&requiressl=yes&mh=n_&mm=31%2C26&mn=sn-nx57ynse%2Csn-vgqskn7e&ms=au%2Conr&mv=m&mvi=2&pl=23&initcwndbps=1936250&vprv=1&mime=video%2Fmp4&ns=nUcxQEm8OlQ7X2HnYrLObXoF&gir=yes&clen=52366300&ratebypass=yes&dur=965.973&lmt=1613721231019053&mt=1621713175&fvip=6&fexp=24001373%2C24007246&c=WEB&txp=5530422&n=13_uON6o_rWDPU77&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOxmWLYBalm5duOUITINuRRYVAwsZars5fAjcHrmWzPqAiEAtszDEleens8HkFJnApDbtECIDDMIKrbia_IqEsAkHTQ%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAO_YNR-3ECurJz2kZ-LxNEBA2lAayv9rxg6T69CaIikxAiAlsFZyVrTT6hrAUiAG9GfQ60GlpMsD2G9SHQO90yK5rQ%3D%3D&host=r2---sn-nx57ynse.googlevideo.com HTTP 302
https://r2---sn-5hnekn7z.googlevideo.com/videoplayback?expire=1621735017&ei=CWKpYIC-KMH6kgbwqojYBQ&ip=73.35.161.200&id=o-AIHLobDX78expwWDqbk06asD5ZQuVMgJiGIeH59TH4fH&itag=18&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=nUcxQEm8OlQ7X2HnYrLObXoF&gir=yes&clen=52366300&ratebypass=yes&dur=965.973&lmt=1613721231019053&fexp=24001373,24007246&c=WEB&txp=5530422&n=13_uON6o_rWDPU77&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOxmWLYBalm5duOUITINuRRYVAwsZars5fAjcHrmWzPqAiEAtszDEleens8HkFJnApDbtECIDDMIKrbia_IqEsAkHTQ%3D&host=r2---sn-nx57ynse.googlevideo.com&redirect_counter=1&rm=sn-nx5ze7l&req_id=a4a83b4fc05736e2&cms_redirect=yes&ipbypass=yes&mh=n_&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-5hnekn7z&ms=au&mt=1621712954&mv=u&mvi=2&pl=29&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgXhTTqF-tsaEpuT9PziVABmOQrOzocXf5HXMQcF9CvzsCIG6PETUYAIbZRkUFbedsxp9KRWDET9PVucxfuTqZ0ZJo HTTP 302
https://r2---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1621735017&ei=CWKpYIC-KMH6kgbwqojYBQ&ip=73.35.161.200&id=o-AIHLobDX78expwWDqbk06asD5ZQuVMgJiGIeH59TH4fH&itag=18&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=nUcxQEm8OlQ7X2HnYrLObXoF&gir=yes&clen=52366300&ratebypass=yes&dur=965.973&lmt=1613721231019053&fexp=24001373,24007246&c=WEB&txp=5530422&n=13_uON6o_rWDPU77&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOxmWLYBalm5duOUITINuRRYVAwsZars5fAjcHrmWzPqAiEAtszDEleens8HkFJnApDbtECIDDMIKrbia_IqEsAkHTQ%3D&host=r2---sn-nx57ynse.googlevideo.com&rm=sn-nx5ze7l&req_id=a4a83b4fc05736e2&ipbypass=yes&redirect_counter=2&cm2rm=sn-5hnels7l&cms_redirect=yes&mh=n_&mip=2a01:4f8:192:5414::2&mm=34&mn=sn-4g5e6ns6&ms=ltu&mt=1621713157&mv=m&mvi=2&pl=50&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMBpxLIIR_aFKloM_vSJ8tWkLqv4z38lO8E-xPENjItpAiAEjhBPoJfhDAa_IEB5MAiIrZBG-VXjLMnpcjY3-lqsxA%3D%3D

64 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set watch.php Show response
yt.d0.cx/ 31 KB
8 KB 6508ms
6090ms Document
text/html 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2a3dfd343e557389e33e264fd4f82f8800734327458ea3cd32c2a6b0ccfd8672

Request headers

Host: yt.d0.cx
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 7850
Content-Type: text/html; charset=UTF-8
Date: Sat, 22 May 2021 19:56:55 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput; path=/
Vary: Accept-Encoding

GET
H/1.1 200
OK 2012.css
yt.d0.cx/css/ 297 KB
46 KB 366ms
365ms Stylesheet
text/css 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/css/2012.css
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d55c10c40da8442d19a745033d2c35c4d6385eb0adec3b6245b398ed85312a36

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4a5a2-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 46269

GET
H2 200 video-js.min.css
vjs.zencdn.net/7.6.5/ 39 KB
10 KB 22ms
6ms Stylesheet
text/css 2a04:4e42:1b::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.6.5/video-js.min.css
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:01 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2019 14:08:10 GMT
etag: "ef822e2bcbe77ffc84c312c3b62d0ba6"
x-served-by: cache-hhn4034-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 10289
x-cache-hits: 1

GET
H/1.1 200
OK vjstube.css
yt.d0.cx/css/ 13 KB
3 KB 570ms
182ms Stylesheet
text/css 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/css/vjstube.css
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9e9ff088bd66c24c311f9a84d0889f680231eaa87be42ef38c8bb738fd15da5f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "322f-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2331

GET
H/1.1 200
OK head.js Show response
yt.d0.cx/js/ 8 KB
4 KB 577ms
183ms Script
application/javascript 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/js/head.js
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: df29c10b8f22e0b3516db03e53e696001359f11a61f5bcfaf18de0db46e36cbc

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "20c2-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3477

GET
H/1.1 200
OK global.js Show response
yt.d0.cx/js/ 1 KB
1 KB 597ms
182ms Script
application/javascript 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/js/global.js
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 81cd7bfc72d48a6322e03b1194db519426a9b4eb5506684b516131856862c7e3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4f5-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 752

GET
H/1.1 200
OK pixel.gif
yt.d0.cx/img/ 43 B
325 B 194ms
194ms Image
image/gif 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yt.d0.cx/img/pixel.gif
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:02 GMT
Last-Modified: Wed, 03 Mar 2021 11:06:19 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "2b-5bc9fd72680c0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43

GET
H/1.1 200
OK watch.js Show response
yt.d0.cx/js/ 2 KB
1 KB 184ms
184ms Script
application/javascript 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/js/watch.js
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c39cfcfef753265bba757c78bd8578de0a6e6f5399dc3fd55bbb3eddfafdc4fb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "7f5-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 710

GET
H2 200 AAUvwnjyyxPI8wRupp97CZvch4lLRtHyHM_hFre_yUHq=s32-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ 1 KB
1 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjyyxPI8wRupp97CZvch4lLRtHyHM_hFre_yUHq=s32-c-k-c0x00ffffff-no-rj

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

351ad5df4587cf86c22a3e75604010b08e996165e3f563dbdea7a655fa1772f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 17:26:58 GMT
x-content-type-options: nosniff
age: 9004
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1295
x-xss-protection: 0
server: fife
etag: "v3e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 14 May 2021 05:25:33 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com//vi/MjvtZTvXXLM/ 55 KB
55 KB 19ms
16ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/MjvtZTvXXLM/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc954d5afd59cb3aac74ac127e51b5a14bb055c875f66924e04399bc651a2d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1614816568"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56160
x-xss-protection: 0
expires: Sat, 22 May 2021 21:57:02 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com//vi/mDwLAV4Ny74/ 42 KB
42 KB 20ms
17ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/mDwLAV4Ny74/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

453068745c8733e974df642d9bb1b204c85b61a8cb76296d6b0b16a1740a09d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1603726807"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43386
x-xss-protection: 0
expires: Sat, 22 May 2021 21:57:02 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com//vi/wvBEZ9-BjCU/ 41 KB
41 KB 88ms
86ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/wvBEZ9-BjCU/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dffbb1f44a9a4df806d373706e713c9867f356458297cb49eab88df483300e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1610082758"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41740
x-xss-protection: 0
expires: Sat, 22 May 2021 21:57:02 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com//vi/15XNZXwjMNs/ 37 KB
37 KB 19ms
17ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/15XNZXwjMNs/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58f6adec861386484f8a88358677376ec055c8c3f9a9bc2927d019cadbc5dc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1601055033"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38101
x-xss-protection: 0
expires: Sat, 22 May 2021 21:57:02 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com//vi/Y8N6Eosllmw/ 42 KB
42 KB 26ms
24ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/Y8N6Eosllmw/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47200f9df2a671bbe7417afdb75982c66ae5cdda9e5ff59d89c0a2e081342571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1621030397"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42716
x-xss-protection: 0
expires: Sat, 22 May 2021 21:57:02 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com//vi/aZPILE1itAE/ 31 KB
32 KB 25ms
23ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/aZPILE1itAE/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac5be0e7e1314bc367ebf72b4cea8da2aba62c6f26a2d7ff0f71d65ce4bec6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1614258802"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32243
x-xss-protection: 0
expires: Sat, 22 May 2021 21:57:02 GMT

GET
H3-29 200 sddefault.jpg
i.ytimg.com//vi/HJrC-gNECXw/ 50 KB
50 KB 70ms
55ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/HJrC-gNECXw/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fd31adb70fc94b3467d48f0be8ba8a29f25e046bd47c4c56c355cc9a14f5a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1579422716"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51674
x-xss-protection: 0
expires: Sat, 22 May 2021 21:57:02 GMT

GET
H3-29 200 sddefault.jpg
i.ytimg.com//vi/JJerxCkSEEs/ 60 KB
60 KB 36ms
21ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/JJerxCkSEEs/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59d57c90ffdd0192cfab1f63664df9c1d550c0a76f7f875353885251f9fa9c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1613857986"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61829
x-xss-protection: 0
expires: Sat, 22 May 2021 21:57:02 GMT

GET
H3-29 200 sddefault.jpg
i.ytimg.com//vi/W3wUpKGbJ_I/ 45 KB
45 KB 31ms
16ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/W3wUpKGbJ_I/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aabeff934a4206a4b643bef3b74121008ec59515448df2f4526fd02c45e749ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1621519838"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45826
x-xss-protection: 0
expires: Sat, 22 May 2021 20:02:02 GMT

GET
H3-29 200 sddefault.jpg
i.ytimg.com//vi/Weot_dSRrn8/ 58 KB
58 KB 37ms
22ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/Weot_dSRrn8/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

247ccff3f58e701913d20754a74a4e3e4f259a0bf87f573f621a2531924867ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1555888883"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59617
x-xss-protection: 0
expires: Sat, 22 May 2021 21:57:02 GMT

GET
H3-29 200 sddefault.jpg
i.ytimg.com//vi/avzL3WKKaVs/ 50 KB
50 KB 41ms
26ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com//vi/avzL3WKKaVs/sddefault.jpg

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c01aa207d8ab44b8ef8ac3399450b717715b90dbeb4907961d8ad1454a3275ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: sffe
etag: "1614297092"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51446
x-xss-protection: 0
expires: Sat, 22 May 2021 21:57:02 GMT

GET
H2 200 s.js Show response
waust.at/ 8 KB
4 KB 54ms
22ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/s.js
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0298a25db873588e37945ece2b90e9f573dda86bfc84ae9f3efb8c3fbdcbce84

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3249
cf-request-id: 0a3740211400001456a49aa000000001
last-modified: Mon, 03 May 2021 17:48:53 GMT
server: cloudflare
etag: W/"60903785-1ed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=euX0COu%2BtsRFlGH%2BR6j93eR5dBqgm0C49srYfiVD4AQJ7ZKL661UYivszUhGl40COynlrqs%2BAs2M0AEiI96Iucr5CTIlMY7yeTD8u%2B1Q9PIt9YwVpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 65389c7b59cd1456-FRA
expires: Sun, 23 May 2021 19:02:53 GMT

GET
H/1.1 200
OK freecounterstat.php
counter4.stat.ovh/private/ 353 B
570 B 194ms
115ms Image
image/png 37.187.129.45
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter4.stat.ovh/private/freecounterstat.php?c=2p7q8ztrb47w8xyk48bakju178zjckkn
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.129.45 , France, ASN16276 (OVH, FR),
Reverse DNS: ns316269.ip-37-187-129.eu
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / PHP/5.4.16
Resource Hash: 32fe0975a901983f1d55308d36f19e75a6acf973066fce4ef6f224620b843203

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Connection: close
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47950
x-xss-protection: 0
server: cafe
etag: 4501822382306722350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 May 2021 19:57:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111265614-2

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/js/head.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4bbec660a9e8c0c8970949fad78a929b80c4dbd621271360ace1d352f05e4928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35698
x-xss-protection: 0
last-modified: Sat, 22 May 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 May 2021 19:57:02 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 215 KB
68 KB 145ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/js/global.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: br
last-modified: Thu, 20 May 2021 19:10:33 GMT
etag: "609e8948-11068"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69736
expires: Sat, 22 May 2021 20:57:02 GMT

GET
H/1.1 200
OK cookie.js Show response
yt.d0.cx/js/ 1 KB
1 KB 181ms
181ms Script
application/javascript 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/js/cookie.js
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/js/head.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d208e9793e1ba23928419442ad12a47bbab72b5b5ed64cf59ec9a2bd2fa8c658

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5c5-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 759

GET
H2 200 ytd0cx.js Show response
cdn4.buysellads.net/pub/ 719 KB
233 KB 47ms
13ms Script
application/javascript 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/ytd0cx.js?1621713000000
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 92d3aa7792d28ba45da14f716190770c5843bb98aea3a97c21f7889b262b7d80

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: gzip
last-modified: Sat, 22 May 2021 19:48:11 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 4JBQRSXTB4TSTAMB
etag: W/"4fe4f3032e5896d6c1e2c6cc5f21b380"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: V4PISsioPQxa6vgpbiRUhlg05mmNTHQ+E0mt+MjYSNJU13H50rAQmZvEpDHGlxYjqaiZRRn+fBY=
expires: Tue, 17 May 2022 19:57:02 GMT

GET
H/1.1 200
OK sheet.png
yt.d0.cx/img/ 45 KB
45 KB 181ms
181ms Image
image/png 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yt.d0.cx/img/sheet.png
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/css/2012.css
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: db4b9b8b2b7835cbd5208e7ebfce7911d4a608e2560b0187c384dc284a7caf0d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://yt.d0.cx/css/2012.css
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput
Connection: keep-alive
Referer: https://yt.d0.cx/css/2012.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:02 GMT
Last-Modified: Wed, 03 Mar 2021 11:06:19 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "b35b-5bc9fd72680c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 45915

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111265614-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5410
date: Sat, 22 May 2021 18:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 22 May 2021 20:26:52 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=486035312&t=pageview&_s=1&dl=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&ul=en-us&de=UTF-8&dt=GBA%20SP%20Metal%20Shell%20Without%20The%20Hinge!%20%7C%20Boxy%20Pixel%20Unhinged%20SP%20%7C%20Install%20Tutorial%20%2B%20Review%20-%20LiteTube&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1491160195&gjid=231939219&cid=795395444.1621713423&tid=UA-111265614-2&_gid=199123202.1621713423&_r=1&gtm=2ou5c1&z=537972536

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://yt.d0.cx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
83 B 35ms
34ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-111265614-2&cid=795395444.1621713423&jid=1491160195&gjid=231939219&_gid=199123202.1621713423&_u=YEBAAUAAAAAAAC~&z=1114870062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 22 May 2021 19:57:02 GMT
content-type: text/plain
access-control-allow-origin: https://yt.d0.cx
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/ytd0cx.js?1621713000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10387f0414c11fdfa08d42eafd4d6898bbac48731d7199d0f0b1890a2fcea432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "880 / 562 of 1000 / last-modified: 1621635003"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21322
x-xss-protection: 0
expires: Sat, 22 May 2021 19:57:02 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
367 B 202ms
201ms Image
image/gif 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=2.77291450720899
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 072E0FWY8NTBHAPE
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: vznZGqqd5akZ6Rxu7nvCmfu+0utBZhC2E8EDST4xin52r0zjrhwQ5cHqMQ6X4Nx/K61JRI8RKik=
expires: Tue, 17 May 2022 19:57:02 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
366 B 194ms
194ms Image
image/gif 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=2.77291450720899
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 0726TN5GWTB1PAGR
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: K8888SjQe7ORpFDD3C4FG/ppbSqVoxiEIB6Zssc9W6V1RF4RpW2cTWkmyfQVzWxY3TuoNycR48Y=
expires: Tue, 17 May 2022 19:57:02 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-111265614-2&cid=795395444.1621713423&jid=1491160195&_u=YEBAAUAAAAAAAC~&z=924242417

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-111265614-2&cid=795395444.1621713423&jid=1491160195&_u=YEBAAUAAAAAAAC~&z=924242417

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 19:57:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vjs.js Show response
yt.d0.cx/js/ 469 KB
130 KB 199ms
198ms Script
application/javascript 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/js/vjs.js
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/js/head.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 51539e357068db8a1ad6ebdf60b171aee88ebef6e1f060cf0decfb0bcd749d4a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput; _ga=GA1.2.795395444.1621713423; _gid=GA1.2.199123202.1621713423; _gat_gtag_UA_111265614_2=1
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "75489-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2 200 pubads_impl_2021051801.js Show response
securepubads.g.doubleclick.net/gpt/ 308 KB
109 KB 74ms
27ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051801.js?31061259

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

77e7ad71599b73f06bcaea11c25e128d50c80f6e7fb0cc10f317779fc285d954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 08:37:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110938
x-xss-protection: 0
expires: Sat, 22 May 2021 19:57:02 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 231 KB
85 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7366935910744567&plah=yt.d0.cx&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 May 2021 19:57:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame E567 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yt.d0.cx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://yt.d0.cx/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 22 May 2021 01:00:52 GMT
expires: Sat, 05 Jun 2021 01:00:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 68170
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
whos.amung.us/pingjs/ 30 B
146 B 315ms
107ms Script
text/javascript 67.202.94.86
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=5v1chan2qb&t=GBA%20SP%20Metal%20Shell%20Without%20The%20Hinge!%20%7C%20Boxy%20Pixel%20Unhinged%20SP%20%7C%20Install%20Tutoria&c=s&x=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&y=&a=0&d=7.305&v=27&r=395
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.86 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 76ff020dfb1057e6c49576b17e91bcc28bbf1c5f97c9acb467947050413f5431

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:03 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9281.l2JjW-UOb5s-f4ZFJRTStDey4tdP6GCinlxVL1km5ocd_ZMOgePJx6jn_nzHAy6P.mQVXQUt5MEgHLiDUfbIFrvp7nfE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9281.4FOOVBNuI8f1i9sBxJbIp29ucScUfRNMbY-0CY2IYx3FGNPDNiVe3S0DvpXsuKdcBFW11Slp6On5i_H3e_lUHA%2C%2C.IK-M_0W2ORQj8H3ScaVhYO15ibU%2C

75 B
75 B

51ms
51ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9281.4FOOVBNuI8f1i9sBxJbIp29ucScUfRNMbY-0CY2IYx3FGNPDNiVe3S0DvpXsuKdcBFW11Slp6On5i_H3e_lUHA%2C%2C.IK-M_0W2ORQj8H3ScaVhYO15ibU%2C

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:03 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9281.4FOOVBNuI8f1i9sBxJbIp29ucScUfRNMbY-0CY2IYx3FGNPDNiVe3S0DvpXsuKdcBFW11Slp6On5i_H3e_lUHA%2C%2C.IK-M_0W2ORQj8H3ScaVhYO15ibU%2C
date: Sat, 22 May 2021 19:57:02 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 48ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
last-modified: Thu, 20 May 2021 19:10:33 GMT
etag: "609e8948-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 22 May 2021 20:57:02 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 195 B
255 B 27ms
27ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=yt.d0.cx&callback=_gfp_s_&client=ca-pub-7366935910744567

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7366935910744567&plah=yt.d0.cx&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e52eaea630d70ff263c5a30d92ecdbd4ce014d34b567fd881220384155b97fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=yt.d0.cx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=yt.d0.cx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B447 0
19 B 112ms
111ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7366935910744567&output=html&adk=4165189433&adf=250190938&lmt=1621713422&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621713422805&bpp=3&bdt=834&idt=84&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6273312928422&frm=20&pv=2&ga_vid=795395444.1621713423&ga_sid=1621713423&ga_hid=486035312&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060710%2C31060839&oid=3&pvsid=2204690759307021&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=101

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7366935910744567&output=html&adk=4165189433&adf=250190938&lmt=1621713422&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621713422805&bpp=3&bdt=834&idt=84&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6273312928422&frm=20&pv=2&ga_vid=795395444.1621713423&ga_sid=1621713423&ga_hid=486035312&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060710%2C31060839&oid=3&pvsid=2204690759307021&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=101
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yt.d0.cx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://yt.d0.cx/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 22 May 2021 19:57:03 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 22-May-2021 20:12:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 22 May 2021 19:57:03 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621597303326658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Sat, 22 May 2021 19:57:02 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4257 405 B
229 B 167ms
166ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7366935910744567&output=html&h=600&slotname=8611129712&adk=1485576906&adf=2229769918&pi=t.ma~as.8611129712&w=300&fwrn=4&fwrnh=100&lmt=1621713422&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621713422808&bpp=2&bdt=836&idt=101&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6273312928422&frm=20&pv=1&ga_vid=795395444.1621713423&ga_sid=1621713423&ga_hid=486035312&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=965&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060710%2C31060839&oid=3&pvsid=2204690759307021&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eR9gDCZyDM&p=https%3A//yt.d0.cx&dtd=107

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abed4b208db67292b13eca5cd2409709c8fcb213e81013b24a66927bd43b1a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7366935910744567&output=html&h=600&slotname=8611129712&adk=1485576906&adf=2229769918&pi=t.ma~as.8611129712&w=300&fwrn=4&fwrnh=100&lmt=1621713422&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621713422808&bpp=2&bdt=836&idt=101&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6273312928422&frm=20&pv=1&ga_vid=795395444.1621713423&ga_sid=1621713423&ga_hid=486035312&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=965&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060710%2C31060839&oid=3&pvsid=2204690759307021&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=eR9gDCZyDM&p=https%3A//yt.d0.cx&dtd=107
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yt.d0.cx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://yt.d0.cx/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 22 May 2021 19:57:03 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 22-May-2021 20:12:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 22 May 2021 19:57:03 GMT
cache-control: private

GET
H2

200

1 Show response
mc.yandex.com/watch/55927615/
Redirect Chain

https://mc.yandex.com/watch/55927615?wmode=7&page-url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A7130%3Afu%3A0...
https://mc.yandex.com/watch/55927615/1?wmode=7&page-url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A7130%3Afu%3...

203 B
284 B

51ms
51ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/55927615/1?wmode=7&page-url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A7130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A663511456049%3Ahid%3A433366493%3Az%3A120%3Ai%3A20210522215702%3Aet%3A1621713423%3Ac%3A1%3Arn%3A778872795%3Au%3A1621713423753260599%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621713415461%3Ads%3A15%2C403%2C6089%2C1%2C0%2C0%2C%2C794%2C0%2C%2C%2C%2C7305%3Adsn%3A16%2C402%2C6090%2C0%2C0%2C0%2C%2C796%2C1%2C%2C%2C%2C7305%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621713423%3At%3AGBA%20SP%20Metal%20Shell%20Without%20The%20Hinge%21%20%7C%20Boxy%20Pixel%20Unhinged%20SP%20%7C%20Install%20Tutorial%20%2B%20Review%20-%20LiteTube

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3324924c6db74eee233591372372b06fe36d0882763335329fbf768a0b7e3b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 19:57:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 22-May-2021 19:57:03 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yt.d0.cx
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Sat, 22-May-2021 19:57:03 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 May 2021 19:57:03 GMT
last-modified: Sat, 22-May-2021 19:57:03 GMT
location: /watch/55927615/1?wmode=7&page-url=https%3A%2F%2Fyt.d0.cx%2Fwatch.php%3Fv%3Dn3sJBIPn-wo&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A7130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A663511456049%3Ahid%3A433366493%3Az%3A120%3Ai%3A20210522215702%3Aet%3A1621713423%3Ac%3A1%3Arn%3A778872795%3Au%3A1621713423753260599%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621713415461%3Ads%3A15%2C403%2C6089%2C1%2C0%2C0%2C%2C794%2C0%2C%2C%2C%2C7305%3Adsn%3A16%2C402%2C6090%2C0%2C0%2C0%2C%2C796%2C1%2C%2C%2C%2C7305%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621713423%3At%3AGBA%20SP%20Metal%20Shell%20Without%20The%20Hinge%21%20%7C%20Boxy%20Pixel%20Unhinged%20SP%20%7C%20Install%20Tutorial%20%2B%20Review%20-%20LiteTube
strict-transport-security: max-age=31536000
access-control-allow-origin: https://yt.d0.cx
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 22-May-2021 19:57:03 GMT

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK vjsplaylist.js Show response
yt.d0.cx/js/ 5 KB
2 KB 187ms
186ms Script
application/javascript 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/js/vjsplaylist.js
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/js/head.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: bf1280d6eca9806fd1f99501282b74cb02e1e6a11f938eb38fdc101f4bb060d6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput; _ga=GA1.2.795395444.1621713423; _gid=GA1.2.199123202.1621713423; _gat_gtag_UA_111265614_2=1; _ym_uid=1621713423753260599; _ym_d=1621713423; _ym_isad=2; __gads=ID=0ce78651f87082ae-2271775648c800c6:T=1621713422:RT=1621713422:S=ALNI_Mamj4uhG-rxwYk9aw7kua3avHB1JA
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1464-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1869

GET
H/1.1 200
OK vjsseek.js Show response
yt.d0.cx/js/ 2 KB
1 KB 181ms
180ms Script
application/javascript 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/js/vjsseek.js
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/js/head.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 4b2d365460e547d870287d69cb5c3d05445a88d22c9e8f363720d095e8776e12

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput; _ga=GA1.2.795395444.1621713423; _gid=GA1.2.199123202.1621713423; _gat_gtag_UA_111265614_2=1; _ym_uid=1621713423753260599; _ym_d=1621713423; _ym_isad=2; __gads=ID=0ce78651f87082ae-2271775648c800c6:T=1621713422:RT=1621713422:S=ALNI_Mamj4uhG-rxwYk9aw7kua3avHB1JA
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "77f-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 794

GET
H/1.1 200
OK vjssrc.js Show response
yt.d0.cx/js/ 21 KB
7 KB 187ms
186ms Script
application/javascript 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/js/vjssrc.js
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/js/head.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 2b17f02db63529b2ba6fe67c320b69ff803b775b7bd6c70ce4809c5c660ab30b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput; _ga=GA1.2.795395444.1621713423; _gid=GA1.2.199123202.1621713423; _gat_gtag_UA_111265614_2=1; _ym_uid=1621713423753260599; _ym_d=1621713423; _ym_isad=2; __gads=ID=0ce78651f87082ae-2271775648c800c6:T=1621713422:RT=1621713422:S=ALNI_Mamj4uhG-rxwYk9aw7kua3avHB1JA
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5329-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7318

GET
H/1.1 200
OK vjsdl.js Show response
yt.d0.cx/js/ 3 KB
2 KB 180ms
180ms Script
application/javascript 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/js/vjsdl.js
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/js/head.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 46d4f3b601e58ee98ee028ffa541a0e362ff9c481f93b8e0138023619fad09c4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput; _ga=GA1.2.795395444.1621713423; _gid=GA1.2.199123202.1621713423; _gat_gtag_UA_111265614_2=1; _ym_uid=1621713423753260599; _ym_d=1621713423; _ym_isad=2; __gads=ID=0ce78651f87082ae-2271775648c800c6:T=1621713422:RT=1621713422:S=ALNI_Mamj4uhG-rxwYk9aw7kua3avHB1JA
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2021 11:06:15 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "c0e-5bc9fd6e977c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1371

GET
BLOB 200
OK d0370246-8505-4ca0-bf6e-a226c67d3e7a
https://yt.d0.cx/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://yt.d0.cx/d0370246-8505-4ca0-bf6e-a226c67d3e7a
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 404
Not Found sddefault.jpg
yt.d0.cx/vi/n3sJBIPn-wo/ 270 B
270 B 180ms
180ms Image
text/html 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yt.d0.cx/vi/n3sJBIPn-wo/sddefault.jpg
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ae67c699e5564f5463a75775797b473c495b8e8331a55a4bd1274d7f06290697

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput; _ga=GA1.2.795395444.1621713423; _gid=GA1.2.199123202.1621713423; _gat_gtag_UA_111265614_2=1; _ym_uid=1621713423753260599; _ym_d=1621713423; _ym_isad=2; __gads=ID=0ce78651f87082ae-2271775648c800c6:T=1621713422:RT=1621713422:S=ALNI_Mamj4uhG-rxwYk9aw7kua3avHB1JA
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:04 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 270
Content-Type: text/html; charset=iso-8859-1

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://yt.d0.cx
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET videoplayback
r2---sn-nx57ynse.googlevideo.com/ 0
0

GET
H/1.1

206
Partial Content

videoplayback
r2---sn-4g5e6ns6.googlevideo.com/
Redirect Chain

https://r2---sn-nx57ynse.googlevideo.com/videoplayback?expire=1621735017&ei=CWKpYIC-KMH6kgbwqojYBQ&ip=73.35.161.200&id=o-AIHLobDX78expwWDqbk06asD5ZQuVMgJiGIeH59TH4fH&itag=18&source=youtube&requires...
https://r2---sn-5hnekn7z.googlevideo.com/videoplayback?expire=1621735017&ei=CWKpYIC-KMH6kgbwqojYBQ&ip=73.35.161.200&id=o-AIHLobDX78expwWDqbk06asD5ZQuVMgJiGIeH59TH4fH&itag=18&source=youtube&requires...
https://r2---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1621735017&ei=CWKpYIC-KMH6kgbwqojYBQ&ip=73.35.161.200&id=o-AIHLobDX78expwWDqbk06asD5ZQuVMgJiGIeH59TH4fH&itag=18&source=youtube&requires...

3 MB
0

70ms
56ms

Media
video/mp4

2a00:1450:4001:60::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1621735017&ei=CWKpYIC-KMH6kgbwqojYBQ&ip=73.35.161.200&id=o-AIHLobDX78expwWDqbk06asD5ZQuVMgJiGIeH59TH4fH&itag=18&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=nUcxQEm8OlQ7X2HnYrLObXoF&gir=yes&clen=52366300&ratebypass=yes&dur=965.973&lmt=1613721231019053&fexp=24001373,24007246&c=WEB&txp=5530422&n=13_uON6o_rWDPU77&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOxmWLYBalm5duOUITINuRRYVAwsZars5fAjcHrmWzPqAiEAtszDEleens8HkFJnApDbtECIDDMIKrbia_IqEsAkHTQ%3D&host=r2---sn-nx57ynse.googlevideo.com&rm=sn-nx5ze7l&req_id=a4a83b4fc05736e2&ipbypass=yes&redirect_counter=2&cm2rm=sn-5hnels7l&cms_redirect=yes&mh=n_&mip=2a01:4f8:192:5414::2&mm=34&mn=sn-4g5e6ns6&ms=ltu&mt=1621713157&mv=m&mvi=2&pl=50&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMBpxLIIR_aFKloM_vSJ8tWkLqv4z38lO8E-xPENjItpAiAEjhBPoJfhDAa_IEB5MAiIrZBG-VXjLMnpcjY3-lqsxA%3D%3D

Requested by

Host: yt.d0.cx
URL: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:60::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Feb 2021 07:53:51 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-52366299/52366300
Cache-Control: private, max-age=21293
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 52366300
Expires: Sat, 22 May 2021 19:57:04 GMT

Redirect headers

Date: Sat, 22 May 2021 19:57:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r2---sn-4g5e6ns6.googlevideo.com/videoplayback?expire=1621735017&ei=CWKpYIC-KMH6kgbwqojYBQ&ip=73.35.161.200&id=o-AIHLobDX78expwWDqbk06asD5ZQuVMgJiGIeH59TH4fH&itag=18&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=nUcxQEm8OlQ7X2HnYrLObXoF&gir=yes&clen=52366300&ratebypass=yes&dur=965.973&lmt=1613721231019053&fexp=24001373,24007246&c=WEB&txp=5530422&n=13_uON6o_rWDPU77&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOxmWLYBalm5duOUITINuRRYVAwsZars5fAjcHrmWzPqAiEAtszDEleens8HkFJnApDbtECIDDMIKrbia_IqEsAkHTQ%3D&host=r2---sn-nx57ynse.googlevideo.com&rm=sn-nx5ze7l&req_id=a4a83b4fc05736e2&ipbypass=yes&redirect_counter=2&cm2rm=sn-5hnels7l&cms_redirect=yes&mh=n_&mip=2a01:4f8:192:5414::2&mm=34&mn=sn-4g5e6ns6&ms=ltu&mt=1621713157&mv=m&mvi=2&pl=50&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMBpxLIIR_aFKloM_vSJ8tWkLqv4z38lO8E-xPENjItpAiAEjhBPoJfhDAa_IEB5MAiIrZBG-VXjLMnpcjY3-lqsxA%3D%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Sat, 22 May 2021 19:57:04 GMT

GET
H/1.1 200
OK captions.php Show response
yt.d0.cx/ 3 KB
3 KB 1727ms
1727ms XHR
text/vtt 73.35.161.200
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL: https://yt.d0.cx/captions.php?v=n3sJBIPn-wo&l=English%20(auto-generated)
Requested by: Host: yt.d0.cx
URL: https://yt.d0.cx/js/vjs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 73.35.161.200 Mercer Island, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS: c-73-35-161-200.hsd1.wa.comcast.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d99b0b512d24c3114d6eb294ca1c43231c215ea9ccb8caef1d88836ef0090022

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: yt.d0.cx
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
Cookie: PHPSESSID=ehfhrt0n3oejqcr1bdkqkgcput; _ga=GA1.2.795395444.1621713423; _gid=GA1.2.199123202.1621713423; _gat_gtag_UA_111265614_2=1; _ym_uid=1621713423753260599; _ym_d=1621713423; _ym_isad=2; __gads=ID=0ce78651f87082ae-2271775648c800c6:T=1621713422:RT=1621713422:S=ALNI_Mamj4uhG-rxwYk9aw7kua3avHB1JA
Connection: keep-alive
Referer: https://yt.d0.cx/watch.php?v=n3sJBIPn-wo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 22 May 2021 19:57:04 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 2617
Content-Type: text/vtt; charset=UTF-8

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 43ms
42ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

135db392a3e0b9f8cbc447235f845484a71198ffdc6d229840c4ee4dd8417ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 22 May 2021 19:57:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7608
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 19:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 22 May 2021 19:57:05 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1E28 12 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yt.d0.cx/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://yt.d0.cx/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 22 May 2021 17:51:01 GMT
expires: Sun, 22 May 2022 17:51:01 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7564
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E28 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 12:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 25401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5773
x-xss-protection: 0
expires: Sun, 22 May 2022 12:53:44 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=2204690759307021&bg=!-_il-LzNAAZ7hX_Ue4U7ACkAdvg8WqkF8ocVPRtINsV-73EPmm2j-byAq-LJl13pisrWaxdr8hCsSgIAAABwUgAAAA1oAQeZAjOFqz7U7fY2xmqwe62zq3L3nbiVms6WZplcK4FnaATm9pn774xai5JUOvIGs3m127msp1BT0O4lSVxLvKKCkDssqlyyfh3xjUxHLzmIyMMmfwbYOVBzAeU-kx-0s6Ekd8Su-t5fOt_TxLErKFDXytmPMsJ-Fs0kb1_litMIFVKK8Pv0wpDeePHQC1FJl7yCWEeE-brSTYtJ_m9VH0yRjSkYonMPDo3NhkW3hwXaSJ9FMEf7geXXt9PKs7zxjOXZEZ7IxV2C6mPk7GXnDZMAQj9pRcmZrQ8_yk03YRqYl0euJixJwjUsBEPGiVkpycigJ7F6inp0KDHnjpCGuHeLL_aC7Q6_ucd26rRSIcTMHQ-4_osqdY51PwEUr7PHzKHmNjQLR42fODqDWfw_VdOL660MG5NadRs3egdtSXyY1z1dW7yqPGGosfYplEt0Ke7qDN60njoCBYBuaoamMODgQ6DPcIAbzK95sIzjkejnqwhkUcLHpilCDEQKjIv77JJ3neBVYx1Q6frac3jWKxV1n0wVZF0MJB_ADS6bxUCkAl9NcrGu5HC_5z0ewSSQaqDLtGz-gnR7X8wU58LkCbZEsDE3NNXtTwjnTNTBENyyGKza9WnpYI9iqZn9CJvQvf-qwtCz6AHihgdG1pKp2MfgN6qwnwbdIhBfeU7eP3CXYoO8qVFwXT4dZlQGYwU2kmQl1Z2nEYdamdWanoIWCY9LBq91g1WF18JA1V9cLpws6OsL4XJLIg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yt.d0.cx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 May 2021 19:57:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r2---sn-nx57ynse.googlevideo.com
URL: https://r2---sn-nx57ynse.googlevideo.com/videoplayback?expire=1621735017&ei=CWKpYIC-KMH6kgbwqojYBQ&ip=73.35.161.200&id=o-AIHLobDX78expwWDqbk06asD5ZQuVMgJiGIeH59TH4fH&itag=18&source=youtube&requiressl=yes&mh=n_&mm=31%2C26&mn=sn-nx57ynse%2Csn-vgqskn7e&ms=au%2Conr&mv=m&mvi=2&pl=23&initcwndbps=1936250&vprv=1&mime=video%2Fmp4&ns=nUcxQEm8OlQ7X2HnYrLObXoF&gir=yes&clen=52366300&ratebypass=yes&dur=965.973&lmt=1613721231019053&mt=1621713175&fvip=6&fexp=24001373%2C24007246&c=WEB&txp=5530422&n=13_uON6o_rWDPU77&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cratebypass%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOxmWLYBalm5duOUITINuRRYVAwsZars5fAjcHrmWzPqAiEAtszDEleens8HkFJnApDbtECIDDMIKrbia_IqEsAkHTQ%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAO_YNR-3ECurJz2kZ-LxNEBA2lAayv9rxg6T69CaIikxAiAlsFZyVrTT6hrAUiAG9GfQ60GlpMsD2G9SHQO90yK5rQ%3D%3D&host=r2---sn-nx57ynse.googlevideo.com

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.d0.cx/	1970-01-20 03:50:09	Name: __gads Value: ID=0ce78651f87082ae-2271775648c800c6:T=1621713422:RT=1621713422:S=ALNI_Mamj4uhG-rxwYk9aw7kua3avHB1JA
.d0.cx/	1970-01-19 18:29:45	Name: _ym_isad Value: 2
.d0.cx/	1970-01-20 03:14:09	Name: _ym_d Value: 1621713423
.doubleclick.net/	1970-01-19 18:28:34	Name: test_cookie Value: CheckForPermission
.d0.cx/	1970-01-20 03:14:09	Name: _ym_uid Value: 1621713423753260599
yt.d0.cx/	1969-12-31 23:59:59	Name: PHPSESSID Value: ehfhrt0n3oejqcr1bdkqkgcput
.d0.cx/	1970-01-19 18:29:59	Name: _gid Value: GA1.2.199123202.1621713423
.d0.cx/	1970-01-20 11:59:45	Name: _ga Value: GA1.2.795395444.1621713423
.d0.cx/	1970-01-19 18:28:33	Name: _gat_gtag_UA_111265614_2 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://yt.d0.cx/js/vjs.js(Line 12) Message: Text Track parsing errors for /captions.php?v=n3sJBIPn-wo&l=English (auto-generated)
console-api	error	URL: https://yt.d0.cx/js/vjs.js(Line 12) Message: VIDEOJS: ERROR: [object Object]
console-api	log	URL: https://yt.d0.cx/js/vjs.js(Line 12) Message: console.groupEnd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn4.buysellads.net
counter4.stat.ovh
googleads.g.doubleclick.net
i.ytimg.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5e6ns6.googlevideo.com
r2---sn-5hnekn7z.googlevideo.com
r2---sn-nx57ynse.googlevideo.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
vjs.zencdn.net
waust.at
whos.amung.us
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
yt.d0.cx
yt3.ggpht.com
r2---sn-nx57ynse.googlevideo.com
172.217.23.98
2606:4700:20::ac43:4739
2607:f8b0:400a:6::7
2a00:1450:4001:60::7
2a00:1450:4001:803::2001
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2016
2a00:1450:400c:c04::9c
2a00:1450:400e:4d::7
2a02:6b8::1:119
2a04:4e42:1b::729
37.187.129.45
67.202.94.86
73.35.161.200
94.31.29.32
0298a25db873588e37945ece2b90e9f573dda86bfc84ae9f3efb8c3fbdcbce84
10387f0414c11fdfa08d42eafd4d6898bbac48731d7199d0f0b1890a2fcea432
1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25
135db392a3e0b9f8cbc447235f845484a71198ffdc6d229840c4ee4dd8417ecd
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
247ccff3f58e701913d20754a74a4e3e4f259a0bf87f573f621a2531924867ff
2a3dfd343e557389e33e264fd4f82f8800734327458ea3cd32c2a6b0ccfd8672
2b17f02db63529b2ba6fe67c320b69ff803b775b7bd6c70ce4809c5c660ab30b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
32fe0975a901983f1d55308d36f19e75a6acf973066fce4ef6f224620b843203
3324924c6db74eee233591372372b06fe36d0882763335329fbf768a0b7e3b57
351ad5df4587cf86c22a3e75604010b08e996165e3f563dbdea7a655fa1772f8
453068745c8733e974df642d9bb1b204c85b61a8cb76296d6b0b16a1740a09d1
46d4f3b601e58ee98ee028ffa541a0e362ff9c481f93b8e0138023619fad09c4
47200f9df2a671bbe7417afdb75982c66ae5cdda9e5ff59d89c0a2e081342571
4b2d365460e547d870287d69cb5c3d05445a88d22c9e8f363720d095e8776e12
4bbec660a9e8c0c8970949fad78a929b80c4dbd621271360ace1d352f05e4928
4df2fd5c8b3681147087fa7506cef9c982c18edf99729a4412e41af2f98fe0b3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd31adb70fc94b3467d48f0be8ba8a29f25e046bd47c4c56c355cc9a14f5a8b
51539e357068db8a1ad6ebdf60b171aee88ebef6e1f060cf0decfb0bcd749d4a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58f6adec861386484f8a88358677376ec055c8c3f9a9bc2927d019cadbc5dc87
59d57c90ffdd0192cfab1f63664df9c1d550c0a76f7f875353885251f9fa9c70
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
76ff020dfb1057e6c49576b17e91bcc28bbf1c5f97c9acb467947050413f5431
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77e7ad71599b73f06bcaea11c25e128d50c80f6e7fb0cc10f317779fc285d954
81cd7bfc72d48a6322e03b1194db519426a9b4eb5506684b516131856862c7e3
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
92d3aa7792d28ba45da14f716190770c5843bb98aea3a97c21f7889b262b7d80
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
9e9ff088bd66c24c311f9a84d0889f680231eaa87be42ef38c8bb738fd15da5f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aabeff934a4206a4b643bef3b74121008ec59515448df2f4526fd02c45e749ec
abed4b208db67292b13eca5cd2409709c8fcb213e81013b24a66927bd43b1a92
ac5be0e7e1314bc367ebf72b4cea8da2aba62c6f26a2d7ff0f71d65ce4bec6ff
ae67c699e5564f5463a75775797b473c495b8e8331a55a4bd1274d7f06290697
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
bf1280d6eca9806fd1f99501282b74cb02e1e6a11f938eb38fdc101f4bb060d6
c01aa207d8ab44b8ef8ac3399450b717715b90dbeb4907961d8ad1454a3275ce
c39cfcfef753265bba757c78bd8578de0a6e6f5399dc3fd55bbb3eddfafdc4fb
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32
d208e9793e1ba23928419442ad12a47bbab72b5b5ed64cf59ec9a2bd2fa8c658
d55c10c40da8442d19a745033d2c35c4d6385eb0adec3b6245b398ed85312a36
d99b0b512d24c3114d6eb294ca1c43231c215ea9ccb8caef1d88836ef0090022
db4b9b8b2b7835cbd5208e7ebfce7911d4a608e2560b0187c384dc284a7caf0d
dc954d5afd59cb3aac74ac127e51b5a14bb055c875f66924e04399bc651a2d5f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df29c10b8f22e0b3516db03e53e696001359f11a61f5bcfaf18de0db46e36cbc
dffbb1f44a9a4df806d373706e713c9867f356458297cb49eab88df483300e6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52eaea630d70ff263c5a30d92ecdbd4ce014d34b567fd881220384155b97fcf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

yt.d0.cx Open in urlscan Pro 73.35.161.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

78 %IPv6

19 Domains

26 Subdomains

22 IPs

7 Countries

1463 kBTransfer

6912 kBSize

9 Cookies

39 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

yt.d0.cx Open in urlscan Pro
73.35.161.200 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

78 %
IPv6

19
Domains

26
Subdomains

22
IPs

7
Countries

1463 kB
Transfer

6912 kB
Size

9
Cookies

64 HTTP transactions
2 data transactions