it.sandsonlihosp.tk Open in urlscan Pro
172.67.141.206 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://it.sandsonlihosp.tk/
Submission: On May 25 via api (May 25th 2023, 2:55:42 pm UTC) from US — Scanned from US

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 15 domains to perform 35 HTTP transactions. The main IP is 172.67.141.206, located in United States and belongs to CLOUDFLARENET, US. The main domain is it.sandsonlihosp.tk.
TLS certificate: Issued by E1 on May 24th 2023. Valid for: 3 months.

This is the only time it.sandsonlihosp.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.141.206 172.67.141.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:806::200a	15169 (GOOGLE) (GOOGLE)
1	2620:0:861:ed... 2620:0:861:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2a04:4e42:46:... 2a04:4e42:46::159	54113 (FASTLY) (FASTLY)
2 3	2a02:26f0:9b0... 2a02:26f0:9b00:48b::2d63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	13.35.93.107 13.35.93.107	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:81d::2002	() ()
1	2607:f8b0:400... 2607:f8b0:4006:820::2006	() ()
4	2607:f8b0:400... 2607:f8b0:4006:809::200a	() ()
1	2607:f8b0:400... 2607:f8b0:4006:820::200e	() ()
1	2607:f8b0:400... 2607:f8b0:4006:80e::2016	() ()
2	2607:f8b0:400... 2607:f8b0:4006:817::2003	() ()
1	2607:f8b0:400... 2607:f8b0:4006:807::2004	() ()
35	18

1 172.67.141.206 (United States)

ASN13335 (CLOUDFLARENET, US)

it.sandsonlihosp.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:806::200a (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:861:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:46::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:9b00:48b::2d63 (Dublin, Ireland) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

m.dw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.dw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80d::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-107.jfk50.r.cloudfront.net

mybayutcdn.bayut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2002 (None, ) 1 redirects

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2006 (None, )

ASN- ()

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::200a (None, )

ASN- ()

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200e (None, )

ASN- ()

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2016 (None, )

ASN- ()

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:807::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	973 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	79 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 jnn-pa.googleapis.com	32 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
3	dw.com 2 redirects m.dw.com — Cisco Umbrella Rank: 280927 www.dw.com — Cisco Umbrella Rank: 52328 static.dw.com — Cisco Umbrella Rank: 65122	37 KB
1	google.com www.google.com	15 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	ytimg.com i.ytimg.com	24 KB
1	googlevideo.com redirector.googlevideo.com	878 B
1	bayut.com mybayutcdn.bayut.com	14 KB
1	wp.com i2.wp.com — Cisco Umbrella Rank: 8049	37 KB
1	blogspot.com 2.bp.blogspot.com — Cisco Umbrella Rank: 14109	23 KB
1	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 836	99 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2468	131 KB
1	sandsonlihosp.tk it.sandsonlihosp.tk	19 KB
35	15

	Domain	Requested by
11	www.youtube.com	it.sandsonlihosp.tk www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	www.google.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	redirector.googlevideo.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	mybayutcdn.bayut.com	it.sandsonlihosp.tk
1	i2.wp.com	it.sandsonlihosp.tk
1	2.bp.blogspot.com	it.sandsonlihosp.tk
1	static.dw.com	it.sandsonlihosp.tk
1	www.dw.com	1 redirects
1	m.dw.com	1 redirects
1	pbs.twimg.com	it.sandsonlihosp.tk
1	upload.wikimedia.org	it.sandsonlihosp.tk
1	fonts.googleapis.com	it.sandsonlihosp.tk
1	it.sandsonlihosp.tk
35	20

This site contains no links.

Subject Issuer	Validity	Valid
sandsonlihosp.tk E1	`2023-05-24` - `2023-08-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.wikipedia.org R3	`2023-04-24` - `2023-07-23`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
bayut.com Amazon RSA 2048 M01	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://it.sandsonlihosp.tk/
Frame ID: F4681CEB1C77E6F371D1C7E4F10FF695
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/L2Hhn6LO1rk
Frame ID: A243296B1D238FD71F14985E8C877F0E
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

إمارة أبوظبي

Page Statistics

35
Requests

94 %
HTTPS

82 %
IPv6

15
Domains

20
Subdomains

18
IPs

2
Countries

1488 kB
Transfer

3943 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://m.dw.com/image/47345089_401.jpg HTTP 302
https://www.dw.com/image/47345089_401.jpg HTTP 301
https://static.dw.com/image/47345089_401.jpg

Request Chain 16

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

35 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
it.sandsonlihosp.tk/ 58 KB
19 KB 1103ms
210ms Document
text/html 172.67.141.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://it.sandsonlihosp.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.141.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fdd45348069946ac704831160848b012cdaf3b14a37978bfd90c75b4e28cea6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cce9e1049723367-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 May 2023 14:55:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS5E1sayO%2BfQbbNBOJ1aILsLHjHG0ow7KOVszx9sB5pCcFZNQyG6AKvuXAy6plnOhL9zo4K48%2Fn0tB0GOTexy5PeCjeELFnCdFZDbyJATBVUnJNwNNkN5LM5496Db4lLXezJSPuu"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 820ms
70ms Stylesheet
text/css 2607:f8b0:4006:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese

Requested by

Host: it.sandsonlihosp.tk
URL: https://it.sandsonlihosp.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200a Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7654274cd06f347d0d6bf4dff07eb8216759e1e2d4d8af6f9ff8b08fd88bc333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://it.sandsonlihosp.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 May 2023 14:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 May 2023 14:46:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 May 2023 14:55:07 GMT

GET
H2 200 Jabal_hafeet_shahin.jpg
upload.wikimedia.org/wikipedia/commons/5/55/ 130 KB
131 KB 288ms
123ms Image
image/jpeg 2620:0:861:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/5/55/Jabal_hafeet_shahin.jpg

Requested by

Host: it.sandsonlihosp.tk
URL: https://it.sandsonlihosp.tk/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:861:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

bc54b81744fa92498bfec49bce4600de5069f2e1d5b9f17c719f7c0236102cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://it.sandsonlihosp.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 12:40:23 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 8083
x-cache-status: hit-local
x-cache: cp1080 hit, cp1076 miss
server-timing: cache;desc="hit-local", host;desc="cp1076"
content-length: 132987
x-client-ip: 2001:550:1d05:1::3
x-object-meta-sha1base36: 1gw202k5s5gn1bckfeedyj9sbiwzrud
last-modified: Sat, 05 Oct 2013 07:34:36 GMT
server: ATS/9.1.4
etag: 1958f46829628764efbf6b4ee7e93d9d
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Dj1JmlGXsAE507U.jpg
pbs.twimg.com/media/ 98 KB
99 KB 1318ms
572ms Image
image/jpeg 2a04:4e42:46::159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dj1JmlGXsAE507U.jpg

Requested by

Host: it.sandsonlihosp.tk
URL: https://it.sandsonlihosp.tk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:46::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f9e61785b96c8af81520d6c3b97fa5996d19978d3f1593b510b4257093802e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://it.sandsonlihosp.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
date: Thu, 25 May 2023 14:55:07 GMT
x-content-type-options: nosniff
x-cache: MISS, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 100406
x-served-by: cache-fty21345-FTY, cache-lga21935-LGA, cache-tw-ZZZ1
last-modified: Sun, 05 Aug 2018 10:45:58 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: ebd8d3660d73de7d
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2

200

47345089_401.jpg
static.dw.com/image/
Redirect Chain

https://m.dw.com/image/47345089_401.jpg
https://www.dw.com/image/47345089_401.jpg
https://static.dw.com/image/47345089_401.jpg

37 KB
37 KB

687ms
276ms

Image
image/jpeg

2a02:26f0:9b00:48b::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/47345089_401.jpg

Requested by

Host: it.sandsonlihosp.tk
URL: https://it.sandsonlihosp.tk/

Protocol

Server

2a02:26f0:9b00:48b::2d63 Dublin, Ireland, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6a571ea99fdf0cf02219e9709a498f5d5674d7be1f89fc0ab70ee5264c7b4c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://it.sandsonlihosp.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
cache-control: max-age=3583
date: Thu, 25 May 2023 14:55:10 GMT
accept-ranges: bytes
content-length: 37486
content-type: image/jpeg;charset=UTF-8

Redirect headers

location: https://static.dw.com/image/47345089_401.jpg
strict-transport-security: max-age=31536000
date: Thu, 25 May 2023 14:55:09 GMT
content-length: 0

GET
H2 200 L2Hhn6LO1rk Show response
www.youtube.com/embed/ Frame A243 73 KB
32 KB 846ms
122ms Document
text/html 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/L2Hhn6LO1rk

Requested by

Host: it.sandsonlihosp.tk
URL: https://it.sandsonlihosp.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f65433ee197c03b3dbf9d38786d75fc17723eddc004b09eb44a1071295e7b19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://it.sandsonlihosp.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 25 May 2023 14:55:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 best+free+muslim+dating+sites_37.webp
2.bp.blogspot.com/-C40dTnlewxU/XIvM49CLP-I/AAAAAAAAJMQ/tMvsUCfJF70Xu4AFpnBCMkQSC2D4kPyeQCKgBGAs/s0-rw-e90/ 23 KB
23 KB 982ms
278ms Image
image/webp 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-C40dTnlewxU/XIvM49CLP-I/AAAAAAAAJMQ/tMvsUCfJF70Xu4AFpnBCMkQSC2D4kPyeQCKgBGAs/s0-rw-e90/best+free+muslim+dating+sites_37.webp

Requested by

Host: it.sandsonlihosp.tk
URL: https://it.sandsonlihosp.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

236baabeef67c277b1f832f8ec3f17fd0c5c0768261a165bda76c7031981c0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://it.sandsonlihosp.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:55:07 GMT
x-content-type-options: nosniff
server: fife
etag: "v24c7"
vary: Origin
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
content-disposition: inline;filename="best free muslim dating sites_37.webp"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23188
x-xss-protection: 0
expires: Wed, 23 Aug 2023 14:55:07 GMT

GET
H2 200 138911.jpg
i2.wp.com/saletur.ru/galery/tfoto/big/ 37 KB
37 KB 1616ms
952ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/saletur.ru/galery/tfoto/big/138911.jpg

Requested by

Host: it.sandsonlihosp.tk
URL: https://it.sandsonlihosp.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

1edd295dc56255c124b4f50e4ce1f69537d5036a0f86463c0343b3b99c124512

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://it.sandsonlihosp.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-nc: MISS mia 2
date: Thu, 25 May 2023 14:55:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 May 2023 14:55:08 GMT
server: nginx
etag: "6e116bbd21020d8b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://saletur.ru/galery/tfoto/big/138911.jpg>; rel="canonical"
content-length: 37922
expires: Sun, 25 May 2025 02:55:08 GMT

GET
H2 200 Umm-Al-Quwain-Museum-1-14-2020-420x230.jpg
mybayutcdn.bayut.com/mybayut/wp-content/uploads/ 14 KB
14 KB 1111ms
407ms Image
image/jpeg 13.35.93.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mybayutcdn.bayut.com/mybayut/wp-content/uploads/Umm-Al-Quwain-Museum-1-14-2020-420x230.jpg
Requested by: Host: it.sandsonlihosp.tk
URL: https://it.sandsonlihosp.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-107.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75c6f6d7224ebb74d4ab3c14e0c1834036dcdc4f14bc2e0cdeeb38296318a64a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://it.sandsonlihosp.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:55:08 GMT
via: 1.1 f512c993e98a951737226d483474a2dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 Jan 2020 05:10:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
etag: "4d66153b9acc0eea7ca112a7d6accad6"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 13924
x-amz-cf-id: zp3tXI0rThakpcUXuGDCvdnZYs9b4vsIQOA5Nom3aymU0edJ2Ji0kQ==

GET
H2 200 www-player.css
www.youtube.com/s/player/41b8bed0/ Frame A243 406 KB
48 KB 169ms
168ms Stylesheet
text/css 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41b8bed0/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/L2Hhn6LO1rk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2da3463d43c823fbf9a6df6c58b0bca86f25083def66cd532f31b114b997df04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/L2Hhn6LO1rk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 16:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48702
x-xss-protection: 0
last-modified: Mon, 22 May 2023 01:46:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 May 2024 16:00:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A243 15 KB
16 KB 262ms
81ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/L2Hhn6LO1rk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:06:54 GMT
x-content-type-options: nosniff
age: 449293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 10:06:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A243 15 KB
15 KB 275ms
94ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/L2Hhn6LO1rk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:07:50 GMT
x-content-type-options: nosniff
age: 449237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 10:07:50 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 15 KB
15 KB 337ms
182ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://it.sandsonlihosp.tk
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:02:41 GMT
x-content-type-options: nosniff
age: 449546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14964
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 10:02:41 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 16 KB
16 KB 244ms
158ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed%3A300%2C500%2C700&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://it.sandsonlihosp.tk
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:58:02 GMT
x-content-type-options: nosniff
age: 446225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 10:58:02 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/41b8bed0/www-embed-player.vflset/ Frame A243 306 KB
92 KB 116ms
91ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41b8bed0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/L2Hhn6LO1rk

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a033a7e296966308162fd5b76502c3ec9f0ce00808ce06d74fcf1dfbdfd117c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/L2Hhn6LO1rk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 16:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94038
x-xss-protection: 0
last-modified: Mon, 22 May 2023 01:46:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 May 2024 16:00:52 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/ Frame A243 2 MB
742 KB 117ms
91ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/L2Hhn6LO1rk

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78df93cba5d751496b2ee7a2c2b7076a842a9118319a6346715970990e793a08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/L2Hhn6LO1rk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 16:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 759594
x-xss-protection: 0
last-modified: Mon, 22 May 2023 01:46:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 May 2024 16:00:52 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/41b8bed0/fetch-polyfill.vflset/ Frame A243 9 KB
3 KB 147ms
120ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41b8bed0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/L2Hhn6LO1rk

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/L2Hhn6LO1rk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 16:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Mon, 22 May 2023 01:46:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 May 2024 16:00:52 GMT

GET
H2

200

id
googleads.g.doubleclick.net/pagead/ Frame A243
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
243 B

395ms
0ms

XHR
application/json

2607:f8b0:4006:81d::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/L2Hhn6LO1rk

Protocol

Server

2607:f8b0:4006:81d::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 25 May 2023 14:55:12 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js
static.doubleclick.net/instream/ Frame A243 29 B
496 B 937ms
0ms Script
text/javascript 2607:f8b0:4006:820::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:45:15 GMT
x-content-type-options: nosniff
age: 597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 May 2023 15:00:15 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 948ms
0ms Preflight
text/html 2607:f8b0:4006:809::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 25 May 2023 14:55:12 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 initplayback
redirector.googlevideo.com/ Frame A243 342 B
878 B 983ms
0ms XHR
text/plain 2607:f8b0:4006:820::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=2001%3A550%3A1d05%3A1%3A0%3A0%3A0%3A3&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=6379

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e -, , ASN (),

Reverse DNS

Software

ClientMapServer /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A243 68 KB
31 KB 322ms
62ms XHR
application/json+protobuf 2607:f8b0:4006:809::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 25 May 2023 14:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31739
x-xss-protection: 0

GET
H3 200 remote.js
www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/ Frame A243 116 KB
33 KB 315ms
178ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/L2Hhn6LO1rk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 16:01:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33410
x-xss-protection: 0
last-modified: Mon, 22 May 2023 01:46:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 May 2024 16:01:01 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/L2Hhn6LO1rk/ Frame A243 24 KB
24 KB 875ms
54ms Image
image/webp 2607:f8b0:4006:80e::2016

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/L2Hhn6LO1rk/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/L2Hhn6LO1rk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2016 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:55:13 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24218
x-xss-protection: 0
server: sffe
etag: "1523003359"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 25 May 2023 16:55:13 GMT

GET
H3 200 embed.js
www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/ Frame A243 29 KB
8 KB 553ms
215ms Script
text/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/L2Hhn6LO1rk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 16:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
last-modified: Mon, 22 May 2023 01:46:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 May 2024 16:00:53 GMT

GET
DATA 200
OK truncated
/ Frame A243 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqMOPY83qLYMCMBtKDmeVs7_nZeGp5pTezDEF3MA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A243 3 KB
3 KB 1207ms
67ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqMOPY83qLYMCMBtKDmeVs7_nZeGp5pTezDEF3MA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/L2Hhn6LO1rk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:55:13 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3175
x-xss-protection: 0
server: fife
etag: "v61"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 26 May 2023 14:55:13 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A243 4 KB
2 KB 979ms
55ms Script
text/javascript 2607:f8b0:4006:817::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 May 2023 14:55:13 GMT

POST
H3 200 get
www.youtube.com/youtubei/v1/att/ Frame A243 22 KB
16 KB 314ms
276ms XHR
application/json 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/att/get?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/L2Hhn6LO1rk
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230521.00.00
X-Goog-Visitor-Id: CgszQ1BvU1ZMX1VYVSjL7b2jBg%3D%3D

Response headers

date: Thu, 25 May 2023 14:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16236
x-xss-protection: 0

POST
H3 200 log_event
www.youtube.com/youtubei/v1/ Frame A243 28 B
50 B 358ms
140ms XHR
application/json 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Goog-Request-Time: 1685026513451
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/L2Hhn6LO1rk
X-YouTube-Client-Version: 1.20230521.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszQ1BvU1ZMX1VYVSjL7b2jBg%3D%3D
X-YouTube-Ad-Signals: dt=1685026509091&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 25 May 2023 14:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 94ms
83ms Preflight
text/html 2607:f8b0:4006:809::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 25 May 2023 14:55:14 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A243 90 B
134 B 132ms
109ms XHR
application/json+protobuf 2607:f8b0:4006:809::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 25 May 2023 14:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 FLmCQnPd5ZT-YT6JBGANbUhafxNiHRvxCleld38UZjw.js
www.google.com/js/th/ Frame A243 38 KB
15 KB 346ms
81ms Script
text/javascript 2607:f8b0:4006:807::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/FLmCQnPd5ZT-YT6JBGANbUhafxNiHRvxCleld38UZjw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 05:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14930
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 May 2024 05:06:26 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/eureka/clank/113/ Frame A243 51 KB
15 KB 136ms
47ms Script
text/javascript 2607:f8b0:4006:817::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/113/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 18:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15228
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 15:06:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 25 May 2023 18:35:52 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A243 0
10 B 133ms
90ms Image
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?94aIww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/embed/L2Hhn6LO1rk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 25 May 2023 14:55:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 log_event
www.youtube.com/youtubei/v1/ Frame A243 28 B
50 B 160ms
156ms XHR
application/json 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/41b8bed0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Goog-Request-Time: 1685026516349
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/L2Hhn6LO1rk
X-YouTube-Client-Version: 1.20230521.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszQ1BvU1ZMX1VYVSjL7b2jBg%3D%3D
X-YouTube-Ad-Signals: dt=1685026509091&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 25 May 2023 14:55:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
it.sandsonlihosp.tk/	1969-12-31 23:59:59	Name: ch1c Value: b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6BW8gMTaJL0
.youtube.com/	1970-01-20 16:22:58	Name: VISITOR_INFO1_LIVE Value: 3CPoSVL_UXU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
i2.wp.com
it.sandsonlihosp.tk
jnn-pa.googleapis.com
m.dw.com
mybayutcdn.bayut.com
pbs.twimg.com
redirector.googlevideo.com
static.doubleclick.net
static.dw.com
upload.wikimedia.org
www.dw.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
13.35.93.107
172.67.141.206
192.0.77.2
2607:f8b0:4006:806::200a
2607:f8b0:4006:807::2004
2607:f8b0:4006:809::200a
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2016
2607:f8b0:4006:80f::2003
2607:f8b0:4006:817::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:820::2006
2607:f8b0:4006:820::200e
2620:0:861:ed1a::2:b
2a02:26f0:9b00:48b::2d63
2a04:4e42:46::159
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
1edd295dc56255c124b4f50e4ce1f69537d5036a0f86463c0343b3b99c124512
236baabeef67c277b1f832f8ec3f17fd0c5c0768261a165bda76c7031981c0c7
2a033a7e296966308162fd5b76502c3ec9f0ce00808ce06d74fcf1dfbdfd117c
2da3463d43c823fbf9a6df6c58b0bca86f25083def66cd532f31b114b997df04
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6a571ea99fdf0cf02219e9709a498f5d5674d7be1f89fc0ab70ee5264c7b4c6c
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
75c6f6d7224ebb74d4ab3c14e0c1834036dcdc4f14bc2e0cdeeb38296318a64a
7654274cd06f347d0d6bf4dff07eb8216759e1e2d4d8af6f9ff8b08fd88bc333
78df93cba5d751496b2ee7a2c2b7076a842a9118319a6346715970990e793a08
7fdd45348069946ac704831160848b012cdaf3b14a37978bfd90c75b4e28cea6
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
bc54b81744fa92498bfec49bce4600de5069f2e1d5b9f17c719f7c0236102cf4
f65433ee197c03b3dbf9d38786d75fc17723eddc004b09eb44a1071295e7b19b
f9e61785b96c8af81520d6c3b97fa5996d19978d3f1593b510b4257093802e78

it.sandsonlihosp.tk Open in urlscan Pro 172.67.141.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

35 Requests

94 %HTTPS

82 %IPv6

15 Domains

20 Subdomains

18 IPs

2 Countries

1488 kBTransfer

3943 kBSize

3 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

it.sandsonlihosp.tk Open in urlscan Pro
172.67.141.206 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

94 %
HTTPS

82 %
IPv6

15
Domains

20
Subdomains

18
IPs

2
Countries

1488 kB
Transfer

3943 kB
Size

3
Cookies

35 HTTP transactions
1 data transactions