Submitted URL: http://downrips.xyz/
Effective URL: https://downrips.xyz/
Submission: On November 06 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 24 HTTP transactions. The main IP is 2606:4700:e2::ac40:8e0b, located in United States and belongs to CLOUDFLARENET, US. The main domain is downrips.xyz.
TLS certificate: Issued by R3 on October 31st 2021. Valid for: 3 months.
This is the only time downrips.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
8 www.youtube.com downrips.xyz
www.youtube.com
7 downrips.xyz 1 redirects downrips.xyz
3 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
2 superonclick.com downrips.xyz
1 discovernative.com downrips.xyz
1 ufpcdn.com superonclick.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 pagead2.googlesyndication.com downrips.xyz
1 urgesick.com downrips.xyz
24 10

This site contains links to these domains. Also see Links.

Domain
discovernative.com
Subject Issuer Validity Valid
*.downrips.xyz
R3
2021-10-31 -
2022-01-29
3 months crt.sh
urgesick.com
R3
2021-10-25 -
2022-01-23
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.google.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-10-18 -
2022-01-10
3 months crt.sh
discovernative.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-04 -
2022-03-04
a year crt.sh

This page contains 4 frames:

Primary Page: https://downrips.xyz/
Frame ID: C84F9D021B0E56755B7D7C4FBC88BD0A
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gV4cPxiARps
Frame ID: 8B96FD190177257490FA72D065CD9865
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Frame ID: E5E33F03209675ABA71EB93A807BBB39
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 8DCF6E964A4206F460F849901FAFB803
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Embed Videos | Embed Videos Online Free

Page URL History Show full URLs

  1. http://downrips.xyz/ HTTP 301
    https://downrips.xyz/ Page URL

Page Statistics

24
Requests

96 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

799 kB
Transfer

2768 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://downrips.xyz/ HTTP 301
    https://downrips.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
downrips.xyz/
Redirect Chain
  • http://downrips.xyz/
  • https://downrips.xyz/
9 KB
4 KB
Document
General
Full URL
https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858b25a5df3d9f7fb54215d3c6ee0dca0519a9a65f84bf53629c6e67da27601e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 06 Nov 2021 16:18:31 GMT
content-type
text/html; charset=UTF-8
link
<http://downrips.xyz/index.php?rest_route=/>; rel="https://api.w.org/", <http://downrips.xyz/index.php?rest_route=/wp/v2/pages/8339>; rel="alternate"; type="application/json", <http://downrips.xyz/>; rel=shortlink
x-proxy-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oF4rP1WB6q69SnostCbXji%2BQRgMRWdaVCjVwhgGqHwmcySsqcd1xkCi1uc59u%2FEYNsxtT%2B6NoV%2BtmY%2BQQq%2B96UjRAebNoef3I9Ma1R5OXd%2F7jFLXaNk1n7YzMx0V%2BjRJ2YSt83C%2FYm5AXho%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a9fa360fff05b74-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Sat, 06 Nov 2021 16:18:31 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 06 Nov 2021 17:18:31 GMT
Location
https://downrips.xyz/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vL13ind6YhqV1BTK4uJPk%2FC0AWEWvfTCCWtRjk36%2FcM4JZJbFj2GGRdNqdYGGSyb%2BpeuWE4MrVOrw24qJE9%2FskNuBAArjHVRn7%2Bml2O2tU%2BxieBCoOSYIwUPkanOprH5kHzMBpYKwfEJP3E%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6a9fa360aa996921-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
downrips.xyz/wp-includes/css/dist/block-library/
79 KB
11 KB
Stylesheet
General
Full URL
https://downrips.xyz/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:18:31 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 20 Sep 2021 09:28:27 GMT
server
cloudflare
x-microcachable
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEOPObZKe3bIeh9QdcLLNQeIOA2eSL60Uc%2FJ6%2BvmgQpOZN37dKzGsIOJxsUb9rUDeTJlK593Sl6ZfOAEj2SlyugcqYyDlXQ0rrE465tMkWTLFfH04qujSFimlmhAIOghFa42BvB1O4pAkF8%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9fa36168e75b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
downrips.xyz/wp-content/themes/ivideo/
2 KB
1 KB
Stylesheet
General
Full URL
https://downrips.xyz/wp-content/themes/ivideo/style.css?ver=5.8.1
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28da7b11c017339be74c494cdcfe55119d5169c5eb1f473cc902c9e68c200965

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:18:31 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 20 Jul 2015 15:50:54 GMT
server
cloudflare
x-microcachable
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fskpLx1eUUYfoU9QE3xNFW5ac5%2FyRgeuJ7LQb9VpUW1vH1%2BZbKsHJA7g392wr0dnQvv6XY%2Fe8S7Dd1cjXC%2BvLeoZw1p43a%2B%2Bg92e%2FMEBFR9YeGngPrB244Asxy0gdXcSjgZgEpwLRykgILI%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
text/css
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9fa36168eb5b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
invisible.js
downrips.xyz/cdn-cgi/challenge-platform/h/b/scripts/
42 KB
15 KB
Script
General
Full URL
https://downrips.xyz/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3688c8e46440eaf9f0adfb71005e5b4f4ab24ec6211a2a90a29ed2579b3f5fd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:18:31 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fupXUPmLAUfRmAGJP4I%2FpMH1bXjQSwmPX57SOaU8QEhNEGAoYj54r0wZkvyiajw5CwL2lqLRWFM65YKVn0hfxfmWUQAw%2Fy5merDnZv13n36zRCjKv1qMI4hfPtFZgmDDPsTunPhoItTMmlk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6a9fa36168ef5b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
wp-embed.min.js
downrips.xyz/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://downrips.xyz/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:18:31 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Mon, 20 Sep 2021 09:28:27 GMT
server
cloudflare
x-microcachable
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmSh6gMeCTAMC07hgtzpQU5yFOyTsobM03u3sqy3noUad3yh12%2BGGhlCM4x0rhyM2gtGNXrjTpGCIDWGLI4IixIR0XQcxldU5YGqp%2BcAzjt4ytmf7YMjca%2B0p6hl5XNomfq51p9c6cpQdG8%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a9fa36168ed5b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
6ddcac927095db08c4d682452dc28c3b.js
urgesick.com/6d/dc/ac/
0
0
Script
General
Full URL
https://urgesick.com/6d/dc/ac/6ddcac927095db08c4d682452dc28c3b.js
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 06 Nov 2021 16:18:31 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6502534ba77919f5fc51c4a7443a3ab64385df56861707db55c7d9a1f9f41e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51340
x-xss-protection
0
server
cafe
etag
17426630858327805513
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 06 Nov 2021 16:18:31 GMT
white_sand.png
downrips.xyz/wp-content/themes/ivideo/images/
21 KB
21 KB
Image
General
Full URL
https://downrips.xyz/wp-content/themes/ivideo/images/white_sand.png
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/wp-content/themes/ivideo/style.css?ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/wp-content/themes/ivideo/style.css?ver=5.8.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:18:31 GMT
cf-cache-status
BYPASS
last-modified
Mon, 20 Jul 2015 14:56:46 GMT
server
cloudflare
x-microcachable
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSGfFMZMqE2cwtc3TI97aDSxG3ihyD%2FbKHoVchsgOIWjBeTZexNGlCSwdiQ2%2Flr1tleoHf06Svw3vKXOpc6Kk3prkr9Hp7lF8qorfS8yu7VTYtRXSP6WbUj%2FPN8ghuRvCzsxLBufhD12Gcc%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
image/png
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a9fa361a9695b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21591
gV4cPxiARps
www.youtube.com/embed/ Frame 8B96
52 KB
24 KB
Document
General
Full URL
https://www.youtube.com/embed/gV4cPxiARps
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4eebe07ef4051620a7a678b8d616e1eb6dc84554f8f8249852ca531ec36b66a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 06 Nov 2021 16:18:31 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame E5E3
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 05 Nov 2021 18:38:54 GMT
expires
Fri, 19 Nov 2021 18:38:54 GMT
content-type
text/html; charset=UTF-8
etag
2948287274155451234
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4905
x-xss-protection
0
age
77977
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
native_render.js
superonclick.com/script/
4 KB
3 KB
Script
General
Full URL
https://superonclick.com/script/native_render.js
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
date
Sat, 06 Nov 2021 16:18:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2580
x-guploader-uploadid
ADPycdvoa8H_yL7lng1wpll3kZDUKdtyrMQHUfofmTSSw4FbaYvV70MglspfwFyZCZ1GC86N3MmGDqxEUa_j862MIEp3TxS09Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 10:15:50 GMT
server
cloudflare
etag
W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GV0RvSsU2dnJ6bRic1QhdI91K1YifcQ%2Fwpn6xlP21TU0kMY9xm902ZLM7VFUbowAY6dzCJrzKfjcVZTkktsKRyCfe5NR08MEknkDFRwe%2BH3JdyRDrk0m9ddHFdapLtFA56X1tgdA3vu3DYQOEWle"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1550052950916101
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
4285
cf-ray
6a9fa3626fd34abd-FRA
expires
Sat, 06 Nov 2021 15:38:02 GMT
native_server.js
superonclick.com/script/
9 KB
3 KB
Script
General
Full URL
https://superonclick.com/script/native_server.js
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash
crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
date
Sat, 06 Nov 2021 16:18:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2580
x-guploader-uploadid
ADPycdt9-0Neg4qFlc1_qS1vxIkTfSADI55e8o4DTVjsirsAtnZdG2zERZgfrvWjZCvKfo0PVKip84u1VR0PJqBrt3wCn5XggA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 13 Feb 2019 10:15:52 GMT
server
cloudflare
etag
W/"51d87e9ebd831fccab6a016079a60793"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2lMm7YImH4ARIeQMQUsZXdKY1cIMq7nGp3XQ1SHy%2FYszF0mOC83JXL8aMFqgrTx8y8ikXoVWF5slyw9bR3AJVsP9f9%2F9UHHlgLbohes2wFki5Q%2B%2BaEDYih625LgeTXqYfFx0ZgOcTGSuyWEXACt"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1550052952705094
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
x-goog-stored-content-length
9260
cf-ray
6a9fa3626fd44abd-FRA
expires
Sat, 06 Nov 2021 16:15:12 GMT
www-player-webp.css
www.youtube.com/s/player/8eb5bf0c/ Frame 8B96
334 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/8eb5bf0c/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1252449fb32f8262c1457b85876d7b838639d01c9edd3b190d54652114fa226
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gV4cPxiARps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 15:52:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
260770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46960
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 00:18:20 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 03 Nov 2022 15:52:21 GMT
www-embed-player.js
www.youtube.com/s/player/8eb5bf0c/www-embed-player.vflset/ Frame 8B96
209 KB
68 KB
Script
General
Full URL
https://www.youtube.com/s/player/8eb5bf0c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63e136362820cdab64e50bd4d13cdecdc0ac621b980ff4249211a5942c546476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gV4cPxiARps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 15:52:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
260770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69827
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 00:18:20 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 03 Nov 2022 15:52:21 GMT
base.js
www.youtube.com/s/player/8eb5bf0c/player_ias.vflset/de_DE/ Frame 8B96
2 MB
515 KB
Script
General
Full URL
https://www.youtube.com/s/player/8eb5bf0c/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
197f7dd10290b2f1710d58e6344015c000237ddf122822a83f00890fa32b42e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gV4cPxiARps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 15:52:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
260770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
527250
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 00:18:20 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 03 Nov 2022 15:52:21 GMT
fetch-polyfill.js
www.youtube.com/s/player/8eb5bf0c/fetch-polyfill.vflset/ Frame 8B96
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/8eb5bf0c/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gV4cPxiARps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 15:52:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
260770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 00:18:20 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 03 Nov 2022 15:52:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8B96
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 05 Nov 2021 04:18:33 GMT
x-content-type-options
nosniff
age
129598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 05 Nov 2022 04:18:33 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 8B96
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
238 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gV4cPxiARps
Protocol
H2
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bebc7417e82677144572a0d6088c1b018c8248ff8cf2e55abea18b995278ee79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 06 Nov 2021 16:18:31 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8B96
29 B
588 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8eb5bf0c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:13:00 GMT
x-content-type-options
nosniff
age
331
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Nov 2021 16:28:00 GMT
qoe
www.youtube.com/api/stats/ Frame 8B96
0
200 B
Ping
General
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&cpn=tuqWjaU-k9ldlzMG&el=embedded&docid=gV4cPxiARps&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24090528%2C24091242%2C24101841%2C24102120%2C24115508%2C24116772&cl=407199072&seq=1&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211102.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth:0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8eb5bf0c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/gV4cPxiARps
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Nov 2021 16:18:31 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/8eb5bf0c/player_ias.vflset/de_DE/ Frame 8B96
24 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/8eb5bf0c/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8eb5bf0c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ee741e85ea02d98b16b0e33523e955225aea06cccff4631ebaaf7d77b7a3970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gV4cPxiARps
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 15:54:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
260656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7356
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 00:18:20 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 03 Nov 2022 15:54:15 GMT
truncated
/ Frame 8B96
319 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e15532983f0e76d961ddc14f26416f39cbe4cf7e8b0a4e0c962876fff03d4a2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
identify.html
ufpcdn.com/script/ Frame 8DCF
2 KB
2 KB
Document
General
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/

Response headers

date
Sat, 06 Nov 2021 16:18:31 GMT
content-type
text/html
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PY97rWRoIqiiK36KAAqFCmNSyL2CfHpzKY8p%2Fz3rhtgKko%2B8QrZOp3XtGkwrsLpfOwBWBrpC4fiSec6qMPn7yYVYt5G3ODOl7ekU2fM4plEak0BkBXS4dueKlGBv0uaUUxygW7EaE6EW"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a9fa36438a54345-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
native.php
discovernative.com/script/
0
71 B
Script
General
Full URL
https://discovernative.com/script/native.php?nwpsv=1&r=4910275&cbrandom=0.940649736650593&cbWidth=1600&cbHeight=1200&cbtitle=Embed%20Videos%20%7C%20Embed%20Videos%20Online%20Free&cbref=&cbdescription=&cbkeywords=&cbiframe=0&&ufp=17346964371611232211600643401&callback=jsonp836811
Requested by
Host: downrips.xyz
URL: https://downrips.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.31.211.130.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://downrips.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 06 Nov 2021 16:18:31 GMT
via
1.1 google
server
openresty
alt-svc
clear
log_event
www.youtube.com/youtubei/v1/ Frame 8B96
28 B
320 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8eb5bf0c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/gV4cPxiARps
X-YouTube-Client-Version
1.20211102.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgswaFpkYXlraXpMZyjX1ZqMBg%3D%3D
X-YouTube-Ad-Signals
dt=1636215511106&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C980%2C400&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 06 Nov 2021 16:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 06 Nov 2021 16:18:33 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers object| wp function| __cf_worker_run_after_load function| __cf_run_after_load object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach boolean| wait function| native_request object| __CF$cv$params string| zone object| adcashUfp function| jsonp836811

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 39O15HRFMuk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 0hZdaykizLg
.ufpcdn.com/ Name: __cf_bm
Value: kS8suc1RKkx05BdsbEI5D3eOtnac5e.kZEO7jDyWR50-1636215511-0-AXxx7Sn5L61Tg24suQ8orG6RXaJKKqnH2Tfu4cjH3pibJ8Y58hR1+CHc/CQtNaogko5MFRfeMm/pWeym9rDzAWk=
downrips.xyz/ Name: adcashufpv3
Value: 17346964371611232211600643401

1 Console Messages

Source Level URL
Text
network error URL: https://urgesick.com/6d/dc/ac/6ddcac927095db08c4d682452dc28c3b.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

discovernative.com
downrips.xyz
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
static.doubleclick.net
superonclick.com
ufpcdn.com
urgesick.com
www.youtube.com
130.211.31.231
192.243.59.12
2606:4700:3030::6815:2ed2
2606:4700:3037::ac43:bd78
2606:4700:e2::ac40:8e0b
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f
197f7dd10290b2f1710d58e6344015c000237ddf122822a83f00890fa32b42e5
28da7b11c017339be74c494cdcfe55119d5169c5eb1f473cc902c9e68c200965
3688c8e46440eaf9f0adfb71005e5b4f4ab24ec6211a2a90a29ed2579b3f5fd6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee741e85ea02d98b16b0e33523e955225aea06cccff4631ebaaf7d77b7a3970
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
63e136362820cdab64e50bd4d13cdecdc0ac621b980ff4249211a5942c546476
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
858b25a5df3d9f7fb54215d3c6ee0dca0519a9a65f84bf53629c6e67da27601e
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
a1252449fb32f8262c1457b85876d7b838639d01c9edd3b190d54652114fa226
b6502534ba77919f5fc51c4a7443a3ab64385df56861707db55c7d9a1f9f41e6
bebc7417e82677144572a0d6088c1b018c8248ff8cf2e55abea18b995278ee79
c4eebe07ef4051620a7a678b8d616e1eb6dc84554f8f8249852ca531ec36b66a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e15532983f0e76d961ddc14f26416f39cbe4cf7e8b0a4e0c962876fff03d4a2c
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a