www.genshinlife.com Open in urlscan Pro
51.89.69.149 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.genshinlife.com/generator/en/amazon-prime-video
Submission: On May 13 via manual (May 13th 2023, 6:22:31 am UTC) from CW — Scanned from GB

Summary HTTP 79 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 79 HTTP transactions. The main IP is 51.89.69.149, located in London, United Kingdom and belongs to OVH, FR. The main domain is www.genshinlife.com.
TLS certificate: Issued by R3 on April 30th 2023. Valid for: 3 months.

This is the only time www.genshinlife.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 28	51.89.69.149 51.89.69.149	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2600:9000:223... 2600:9000:223e:7c00:1c:b3e3:eb40:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:c400:4:8d81:2c00:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2600:9000:205... 2600:9000:2057:6e00:18:9670:2700:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
79	19

28 51.89.69.149 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip149.ip-51-89-69.eu

www.genshinlife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223e:7c00:1c:b3e3:eb40:21 (United States)

ASN16509 (AMAZON-02, US)

d13pxqgp3ixdbh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:c400:4:8d81:2c00:21 (United States)

ASN16509 (AMAZON-02, US)

dyodrs1kxvg6o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2057:6e00:18:9670:2700:21 (United States)

ASN16509 (AMAZON-02, US)

d3vv4txqnrv4po.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	genshinlife.com 1 redirects www.genshinlife.com	965 KB
12	cloudfront.net d13pxqgp3ixdbh.cloudfront.net dyodrs1kxvg6o.cloudfront.net d3vv4txqnrv4po.cloudfront.net	368 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	204 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	916 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385 fonts.googleapis.com — Cisco Umbrella Rank: 50 jnn-pa.googleapis.com — Cisco Umbrella Rank: 233	117 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 272	6 KB
4	gstatic.com fonts.gstatic.com	108 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	21 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7680	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	605 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	46 KB
79	12

	Domain	Requested by
28	www.genshinlife.com	1 redirects www.genshinlife.com
8	www.youtube.com	www.genshinlife.com www.youtube.com
8	pagead2.googlesyndication.com	www.genshinlife.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	d13pxqgp3ixdbh.cloudfront.net	www.genshinlife.com
5	d3vv4txqnrv4po.cloudfront.net	dyodrs1kxvg6o.cloudfront.net
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.doubleclick.net	www.youtube.com
1	fonts.googleapis.com	www.genshinlife.com
1	dyodrs1kxvg6o.cloudfront.net	www.genshinlife.com
1	ajax.googleapis.com	www.genshinlife.com
1	www.googletagmanager.com	www.genshinlife.com
79	19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com
pinterest.com

Subject Issuer	Validity	Valid
genshinlife.com R3	`2023-04-30` - `2023-07-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.genshinlife.com/generator/en/amazon-prime-video
Frame ID: 84729DFC03FBCC2CA213BD1D8FF05D29
Requests: 56 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1
Frame ID: 012E6C287B20D69698B75E608CC05005
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 360AADF7F5557FEBFCFA187B2B9933BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2159478871575713&output=html&adk=1812271804&adf=3025194257&lmt=1683958946&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fwww.genshinlife.com%2Fgenerator%2Fen%2Famazon-prime-video&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683958946359&bpp=4&bdt=718&idt=403&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=286293137813&frm=20&pv=2&ga_vid=1845816350.1683958947&ga_sid=1683958947&ga_hid=1175807838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44788441%2C44789923&oid=2&pvsid=510909792255657&tmod=1172658294&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=427
Frame ID: 009550DE39C1FC13F1A4ED5C332ABDB6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 888D6442012B9502202639BF9AD87BF3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 57B1F1C2059CE6B898EA9DC178F867ED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

⊛ AMAZON PRIME VIDEO | Gameovermania.com 2023

Detected technologies

Materialize CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

materialize(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

79
Requests

97 %
HTTPS

94 %
IPv6

12
Domains

19
Subdomains

19
IPs

3
Countries

2753 kB
Transfer

5517 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.genshinlife.com%2Fgenerator%2Fen%2Famazon-prime-video

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=https%3A%2F%2Fwww.genshinlife.com%2Fgenerator%2Fen%2Famazon-prime-video

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fwww.genshinlife.com%2Fgenerator%2Fen%2Famazon-prime-video

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/bookmarklet/?url=https%3A%2F%2Fwww.genshinlife.com%2Fgenerator%2Fen%2Famazon-prime-video

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://www.genshinlife.com/generator/en/imagestemplate/section-business.jpg HTTP 301
https://www.genshinlife.com/generator/en

Request Chain 52

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

79 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request amazon-prime-video Show response
www.genshinlife.com/generator/en/ 68 KB
68 KB 299ms
123ms Document
text/html 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 4d683e02564223b5b96563aadef8cac379da07e45e46996c8b5eb205b4c12656

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 May 2023 06:22:25 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK webfont.css
www.genshinlife.com/generator/fonts/dripicons/ 11 KB
11 KB 118ms
61ms Stylesheet
text/css 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/fonts/dripicons/webfont.css
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 0990515554465d389a925669dee5fd69ed552d13ba5636d0452e864084652fc9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:25 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:20 GMT
Server: nginx
ETag: "62e3c364-2b5f"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11103

GET
H/1.1 200
OK qticons.css
www.genshinlife.com/generator/fonts/qticons/ 7 KB
7 KB 173ms
57ms Stylesheet
text/css 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/fonts/qticons/qticons.css
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 98e68f8a1457f464e29be2753c8a0c060b10e0fa1dccd70cc8c0fb08aebac642

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:25 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:20 GMT
Server: nginx
ETag: "62e3c364-1cf3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7411

GET
H/1.1 200
OK slick.css
www.genshinlife.com/generator/components/slick/ 2 KB
2 KB 178ms
60ms Stylesheet
text/css 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/slick/slick.css
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:25 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-6c1"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1729

GET
H/1.1 200
OK swipebox.min.css
www.genshinlife.com/generator/components/swipebox/src/css/ 4 KB
4 KB 180ms
60ms Stylesheet
text/css 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/swipebox/src/css/swipebox.min.css
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:25 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-10d4"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4308

GET
H/1.1 200
OK jquery.classycountdown.css
www.genshinlife.com/generator/components/countdown/css/ 491 B
721 B 181ms
60ms Stylesheet
text/css 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/countdown/css/jquery.classycountdown.css
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: f33ede834353714f601c9d7b64dfc0008953aa6d153fb32e7000952083268de5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:25 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-1eb"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 491

GET
H/1.1 200
OK qt-main.css
www.genshinlife.com/generator/css/ 189 KB
189 KB 240ms
120ms Stylesheet
text/css 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/css/qt-main.css
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 6c756b08d4588167bc0105c7551a10c04155c8514eeb9e4494caac282f75d688

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:25 GMT
Last-Modified: Mon, 01 Aug 2022 09:33:11 GMT
Server: nginx
ETag: "62e79dd7-2f50a"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 193802

GET
H/1.1 200
OK qt-typography.css
www.genshinlife.com/generator/css/ 511 B
741 B 181ms
60ms Stylesheet
text/css 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/css/qt-typography.css
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: c3a78bd5e300979ca4602922fa833aa8c5c590773924280e2026aa73966686ae

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:25 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:19 GMT
Server: nginx
ETag: "62e3c363-1ff"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 511

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 184ms
65ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-127757768-8

Requested by

Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3698b9e2ac70466edccc50647793e7a8cb2946c1c34b6e276920ba14b99d47bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46299
x-xss-protection: 0
last-modified: Sat, 13 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 May 2023 06:22:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 231ms
106ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2159478871575713

Requested by

Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5466641cdebcbda96aa52c9acad729742d92aec8e91a1f8879ff59f584c532f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.genshinlife.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47470
x-xss-protection: 0
server: cafe
etag: 3529528608876815879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 06:22:26 GMT

GET
H/1.1 200
OK 555_logo_name.png
www.genshinlife.com/generator/img/games/ 55 KB
56 KB 61ms
61ms Image
image/png 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.genshinlife.com/generator/img/games/555_logo_name.png
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: acb908d30caa4cdc40d4d68bdeb6cf17d6b4874a0c2464d0bf333fa2005d7e42

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Mon, 13 Feb 2023 10:33:10 GMT
Server: nginx
ETag: "63ea11e6-ddff"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56831

GET
H2 200 16065434239798c9df11c295fdb356956874a0d2b5.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 2 KB
2 KB 191ms
54ms Image
image/png 2600:9000:223e:7c00:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/16065434239798c9df11c295fdb356956874a0d2b5.png
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c01dbccfa0933ee99c6aae72ba100781dd054c687dfdecf77e109d3b24b20053

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Ps_6cZYWTcw9h00NXtLZtv58Cj3HsXVD
date: Fri, 12 May 2023 09:39:11 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
last-modified: Sat, 28 Nov 2020 06:03:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 74595
etag: "8ee42ab54ff982c7409bda70671f4480"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1832
x-amz-cf-id: 6cSa9zNJLab14jDn_NM6zWp4_B6q5W4vB7ybElKgmdAF5xaJv59IyA==

GET
H2 200 16065434146d775a7d23cc58e2d6b23d4d1a06d172.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 2 KB
3 KB 303ms
177ms Image
image/png 2600:9000:223e:7c00:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/16065434146d775a7d23cc58e2d6b23d4d1a06d172.png
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2012a0e775583734e958bb9c41c097d6cc66203153485faf01c1a2a505717bc

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Om0Lbw_LwKSTtMkCP0BdGltflYoEDYB_
date: Fri, 12 May 2023 09:39:11 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
last-modified: Sat, 28 Nov 2020 06:03:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 74595
etag: "8bc7064410d8c808c7685df15bd42eae"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2412
x-amz-cf-id: OAgaGaT1c6QQdAD1OnRxhb7OKMZKIA1VYkxzPJjMl3wDXUQzTeORMw==

GET
H2 200 1606543419e1b53b498577c872d6a2e5773350e156.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 2 KB
2 KB 224ms
223ms Image
image/png 2600:9000:223e:7c00:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/1606543419e1b53b498577c872d6a2e5773350e156.png
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c23da4d1ad3e321129917afa8ecb74b4b7d40fbba2495405d45bdf6293e60035

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: kuU1v7xKmebRa64cXAvuZZ_biC.Tyvp6
date: Fri, 12 May 2023 07:47:16 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
last-modified: Sat, 28 Nov 2020 06:03:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 81311
etag: "8aae3220e1847b81daf348b2d5c91b06"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1660
x-amz-cf-id: 18zk_RwZuzLEZuv-bQr3EQ_wemB1dyFNprAA8mFT1AaYYAq9fluZLw==

GET
H2 200 160654342264764427510f05a538212014cef43e9b.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 2 KB
2 KB 225ms
224ms Image
image/png 2600:9000:223e:7c00:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/160654342264764427510f05a538212014cef43e9b.png
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09594b96530d74c536706e7fc6664bb234c856a9f847df4a5839f06189c49b8a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 9QGxTxPaQKMR8eK5YxwMBwLBW_elJswC
date: Fri, 12 May 2023 06:53:58 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
last-modified: Sat, 28 Nov 2020 06:03:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 84509
etag: "7b3b338149082356429bc9aa30b7b336"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1981
x-amz-cf-id: JAMzKVoMBYd-yc5mvZF30w4JykpRekbAzJFyezoV-Wo-PVHzqqecuA==

GET
H2 200 160654342301a40827a58875ccb9700b237a91d424.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 2 KB
3 KB 225ms
225ms Image
image/png 2600:9000:223e:7c00:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/160654342301a40827a58875ccb9700b237a91d424.png
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e24bdf8f484d4031be760aaf50ad745583c54a91558d9a6a0bd3c7f2b353909

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: RFa1.xAy_UGrcZiRPbgYzLjKkFVOFGGy
date: Fri, 12 May 2023 10:29:24 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
last-modified: Sat, 28 Nov 2020 06:03:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 71583
etag: "15a0b5874e2925206f5860ff28ce8fc0"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2357
x-amz-cf-id: Ktfl4pVgMMScDcx3Ua0sdSlZEuAUbNG6jbslTfIJejSCDojdgj6Yiw==

GET
H/1.1 200
OK account.png
www.genshinlife.com/generator/img/games/ 24 KB
24 KB 61ms
60ms Image
image/png 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.genshinlife.com/generator/img/games/account.png
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 09d0736709de4b0ee2cceb991d9ba74ad8a0dff3779c1b12292865ef7c2f4c1d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Mon, 13 Feb 2023 10:17:55 GMT
Server: nginx
ETag: "63ea0e53-5fa1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24481

GET
H/1.1 200
OK 1929_logo_name.png
www.genshinlife.com/generator/img/games/ 141 KB
141 KB 60ms
60ms Image
image/png 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.genshinlife.com/generator/img/games/1929_logo_name.png
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 0ccc85b09af76d34a194fde307a941ae671f50aa3ad9a89a212d7351f10e7224

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Mon, 13 Feb 2023 10:29:03 GMT
Server: nginx
ETag: "63ea10ef-2349f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 144543

GET
H/1.1 200
OK modernizr-2.8.3-respond-1.4.2.min.js Show response
www.genshinlife.com/generator/js/ 20 KB
20 KB 120ms
120ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/js/modernizr-2.8.3-respond-1.4.2.min.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:25 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:20 GMT
Server: nginx
ETag: "62e3c364-4e8a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20106

GET
H/1.1 200
OK jquery.js Show response
www.genshinlife.com/generator/js/ 95 KB
95 KB 60ms
60ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/js/jquery.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 132153fc8ff2cbe5c6cecc682083658bd1d0faaaa5730cb2b7598d63f8cbde13

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:20 GMT
Server: nginx
ETag: "62e3c364-17bb1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97201

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.genshinlife.com/generator/js/ 9 KB
10 KB 61ms
60ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/js/jquery-migrate.min.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: f6412288a06f5b354674ebf8b3b1c732f40567f536bed66d859ddf69a0ace4ff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:20 GMT
Server: nginx
ETag: "62e3c364-25a1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9633

GET
H/1.1 200
OK materialize.min.js Show response
www.genshinlife.com/generator/js/materializecss/bin/ 128 KB
129 KB 121ms
120ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/js/materializecss/bin/materialize.min.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 5a5d52f2441bea414b04ea62df2b340341d63756810ff2482740da7832bce964

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-201da"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131546

GET
H/1.1 200
OK slick.min.js Show response
www.genshinlife.com/generator/components/slick/ 41 KB
41 KB 123ms
120ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/slick/slick.min.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-a3e1"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41953

GET
H/1.1 200
OK skrollr.min.js Show response
www.genshinlife.com/generator/components/skrollr/ 12 KB
13 KB 63ms
61ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/skrollr/skrollr.min.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: c0d8e0c0347e22dac458f4e3aa1a4ac9b450f3d8af285e657542f65e4eaf0e7f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-3147"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12615

GET
H/1.1 200
OK ios-orientationchange-fix.js Show response
www.genshinlife.com/generator/components/swipebox/lib/ 2 KB
2 KB 60ms
57ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/swipebox/lib/ios-orientationchange-fix.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 88f5e03aac0a72f8ab5f646abb9ca27814b1ef0edbf8807c917aaede3a4966a2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-641"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1601

GET
H/1.1 200
OK jquery.swipebox.min.js Show response
www.genshinlife.com/generator/components/swipebox/src/js/ 13 KB
13 KB 114ms
114ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/swipebox/src/js/jquery.swipebox.min.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-329f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12959

GET
H/1.1 200
OK jquery.knob.js Show response
www.genshinlife.com/generator/components/countdown/js/ 11 KB
11 KB 60ms
60ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/countdown/js/jquery.knob.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: e568b89ab7a24e8ca3b48958472485a34dbae97779fa1af4f2fece2105c0fd17

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-2b94"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11156

GET
H/1.1 200
OK jquery.throttle.js Show response
www.genshinlife.com/generator/components/countdown/js/ 731 B
975 B 60ms
60ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/countdown/js/jquery.throttle.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-2db"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 731

GET
H/1.1 200
OK jquery.classycountdown.min.js Show response
www.genshinlife.com/generator/components/countdown/js/ 13 KB
13 KB 61ms
61ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/countdown/js/jquery.classycountdown.min.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: eeafdb1dfdd0116a0f4984f23d1d170d91628655aeba6e27596f267eafda7039

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-3228"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12840

GET
H/1.1 200
OK popup.js Show response
www.genshinlife.com/generator/components/popup/ 3 KB
3 KB 60ms
60ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/components/popup/popup.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 528f265a89f489f9be56ccadf917eddb57c2da9f77273b0ae36d0fb4cad81ea2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-ae8"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2792

GET
H/1.1 200
OK qt-main.js Show response
www.genshinlife.com/generator/js/ 23 KB
23 KB 58ms
57ms Script
application/javascript 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/js/qt-main.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: bf798eb006c4e4f58b4d3f74d29a19be29f59c89de0e5f04a49b7d3eba00f5af

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:20 GMT
Server: nginx
ETag: "62e3c364-5bb3"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23475

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
84 KB 173ms
54ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 01:56:04 GMT
x-content-type-options: nosniff
age: 102382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85578
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 01:56:04 GMT

GET
H2 200 7460f0b.js Show response
dyodrs1kxvg6o.cloudfront.net/ 24 KB
7 KB 535ms
409ms Script
application/javascript 2600:9000:214f:c400:4:8d81:2c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyodrs1kxvg6o.cloudfront.net/7460f0b.js
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:c400:4:8d81:2c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 281109dbe793324b1ec548e934b36d1c80f94095aaa2671e59c2c05867f5e808

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:59:56 GMT
content-encoding: gzip
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
last-modified: Fri, 28 Apr 2023 20:57:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1632
etag: W/"42781b5674f32f89fafd9d9af03b8afe"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-id: mQj748K5n2DyXpI12NtELRreOycNCL4ThrObvNJaoiDzvfK8D6q0Qg==

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 190ms
67ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:300,400,700

Requested by

Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/css/qt-typography.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e663b627ed2ee0d1490f6490ff944426f47e0ac8300ecbca466b802dcc980989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 06:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 06:22:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 06:22:25 GMT

GET
H2 200 EHj9OK5y6CA Show response
www.youtube.com/embed/ Frame 012E 67 KB
31 KB 233ms
110ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1

Requested by

Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc8b16749d48c5eb7771bf33c17ab0cb02eef11bdc7fa7cb7e59188bf93cc38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 06:22:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1606813703b088898ab497afe18884d41145bdeb6c.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ 326 KB
327 KB 203ms
68ms Image
image/jpg 2600:9000:223e:7c00:1c:b3e3:eb40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13pxqgp3ixdbh.cloudfront.net/uploads/1606813703b088898ab497afe18884d41145bdeb6c.jpg
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7c00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78e168319e309abc44d42f81a719ed01727cc96eb7ab97d0f41eddca759e243e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.genshinlife.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: tZkErdGwiWdt560Jr2neK0pnGGwyEtzA
date: Fri, 12 May 2023 13:31:49 GMT
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront)
last-modified: Tue, 01 Dec 2020 09:08:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 60638
etag: "33906ab100b0af3cba085be177242d83"
x-cache: Hit from cloudfront
content-type: image/jpg
accept-ranges: bytes
content-length: 333685
x-amz-cf-id: y0ubDWiLcemGjGO4T0QiGNCAdb_ilaJr01KfBmhozGtgq7yaF9T74w==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 172ms
54ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.genshinlife.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 18:31:37 GMT
x-content-type-options: nosniff
age: 561049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 18:31:37 GMT

GET
H/1.1 200
OK dripicons-v2.woff
www.genshinlife.com/generator/fonts/dripicons/fonts/ 25 KB
26 KB 85ms
60ms Font
application/font-woff 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/fonts/dripicons/fonts/dripicons-v2.woff
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/fonts/dripicons/webfont.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: e87a09cef1a17d8c6a5a1b542521889f2f409262589d8d4fb1d9112c9e144bfb

Request headers

Referer: https://www.genshinlife.com/generator/fonts/dripicons/webfont.css
Origin: https://www.genshinlife.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:23 GMT
Server: nginx
ETag: "62e3c367-6594"
Content-Type: application/font-woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26004

GET
H/1.1 200
OK qticons.woff
www.genshinlife.com/generator/fonts/qticons/ 22 KB
22 KB 96ms
61ms Font
application/font-woff 51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.genshinlife.com/generator/fonts/qticons/qticons.woff
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/fonts/qticons/qticons.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: 0da9464e3f84c914790c1f1c93ff78cb00e8439b870620ab1ffb475b6bb4bcfd

Request headers

Referer: https://www.genshinlife.com/generator/fonts/qticons/qticons.css
Origin: https://www.genshinlife.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 06:22:26 GMT
Last-Modified: Fri, 29 Jul 2022 11:24:20 GMT
Server: nginx
ETag: "62e3c364-5790"
Content-Type: application/font-woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22416

GET
H2 200 www-player.css
www.youtube.com/s/player/cfa9e7cb/ Frame 012E 405 KB
48 KB 55ms
54ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccf57b62dbae261e99c42c11f1d643aa66362fc72a0696be044a75466ba5202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:35:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48645
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 May 2024 05:35:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 012E 15 KB
15 KB 54ms
53ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 22:24:03 GMT
x-content-type-options: nosniff
age: 547103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 22:24:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 012E 15 KB
15 KB 64ms
63ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 06 May 2023 22:41:31 GMT
x-content-type-options: nosniff
age: 546055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 22:41:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 175ms
53ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127757768-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 May 2023 04:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6407
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 13 May 2023 06:35:39 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/cfa9e7cb/www-embed-player.vflset/ Frame 012E 338 KB
95 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48a391f29bc14459aa881d701beed00820c0b7ef72aa0a85fc08d6e21d169ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97217
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 May 2024 06:18:08 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/en_GB/ Frame 012E 2 MB
732 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2cc654198d1bbc5c086d646cb9b8007c04949061bb42a62f992c7b622e7e45c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 749108
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 May 2024 05:53:08 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/cfa9e7cb/fetch-polyfill.vflset/ Frame 012E 9 KB
3 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 03:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2604
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 May 2024 03:25:31 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 356 KB
120 KB 230ms
120ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2159478871575713&plah=www.genshinlife.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2159478871575713

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a0cbd7296919956e51d47e695c48c7f63edee47fa135fdd5c0695bc84dac87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122683
x-xss-protection: 0
server: cafe
etag: 329565105906658643
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 May 2023 06:22:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 360A 10 KB
5 KB 180ms
57ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2159478871575713

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 6703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 04:30:43 GMT
etag: 15057649708203361565
expires: Sat, 27 May 2023 04:30:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
209 B 61ms
60ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1175807838&t=pageview&_s=1&dl=https%3A%2F%2Fwww.genshinlife.com%2Fgenerator%2Fen%2Famazon-prime-video&ul=en-us&de=UTF-8&dt=%E2%8A%9B%20AMAZON%20PRIME%20VIDEO%20%7C%20Gameovermania.com%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=697843149&gjid=1514270571&cid=1845816350.1683958947&tid=UA-127757768-8&_gid=121156064.1683958947&_r=1&gtm=457e35a0&jsscut=1&z=751634504

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 May 2023 06:22:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.genshinlife.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html.1623252.8505f.0.js Show response
d3vv4txqnrv4po.cloudfront.net/public/external/v2/ 13 KB
14 KB 515ms
375ms Script
application/javascript 2600:9000:2057:6e00:18:9670:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vv4txqnrv4po.cloudfront.net/public/external/v2/html.1623252.8505f.0.js
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/7460f0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6e00:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: a927bc9179273bd29b252650819e8c2e81ddd0eebc9b41bcf5bb754083f51237

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:26 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA6-C1
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: ArYGLoLHWxODR4oWUJXXu0nJrf32Er9byBxdTjE-Gm0go5eYpljjaw==

GET
H2 200 css_front.css
d3vv4txqnrv4po.cloudfront.net/public/external/ 6 KB
7 KB 350ms
211ms Stylesheet
text/css 2600:9000:2057:6e00:18:9670:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vv4txqnrv4po.cloudfront.net/public/external/css_front.css
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/7460f0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6e00:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:26 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jun 2020 20:06:47 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA6-C1
etag: "19c4-5a8c5e62e9d0a"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 6596
x-amz-cf-id: zwCM4Vh7L1T8T4UMaVYO0oDdiAlv2B4POjg0z10yF3TGMKPpIEhC5Q==

GET
H/1.1

200
OK

en
www.genshinlife.com/generator/
Redirect Chain

https://www.genshinlife.com/generator/en/imagestemplate/section-business.jpg
https://www.genshinlife.com/generator/en

39 KB
39 KB

64ms
63ms

Image
text/html

51.89.69.149
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.genshinlife.com/generator/en
Requested by: Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video
Protocol: HTTP/1.1
Server: 51.89.69.149 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-51-89-69.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.genshinlife.com/generator/en/amazon-prime-video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 May 2023 06:22:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 May 2023 06:22:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: /generator/en
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700|Open+Sans:300,400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.genshinlife.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 2218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 05:45:28 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 012E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

64ms
64ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

968a564b2049041ed6301afe981ddb09bd2f33d0e45660e0133a7bcd03dfcc69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 13 May 2023 06:22:26 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 012E 29 B
495 B 186ms
56ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:09:24 GMT
x-content-type-options: nosniff
age: 782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 May 2023 06:24:24 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 185ms
63ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 May 2023 06:22:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 012E 68 KB
31 KB 71ms
70ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

946f2a50c5129c95ac522dde2244fd4e000bf54c9f1502cbd4a1ae26d91b3c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 May 2023 06:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31623
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 012E 0
19 B 62ms
62ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=KmbpwJ1S3yj9R4l4&el=embedded&ns=yt&fexp=23848224%2C23858057%2C23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24208764%2C24219382%2C24255165%2C24405913%2C24415864%2C24416290%2C24439361%2C24468691%2C24470752%2C24532854%2C24556992%2C24559644%2C39323074&cl=530756126&seq=1&event=streamingstats&docid=EHj9OK5y6CA&qclc=ChBLbWJwd0oxUzN5ajlSNGw0EAE&cbr=Chrome&cbrver=113.0.5672.92&c=WEB_EMBEDDED_PLAYER&cver=1.20230509.02.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1
X-YouTube-Client-Version: 1.20230509.02.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZN0Z1aEl3Vm9vbyii2fyiBg%3D%3D
X-YouTube-Ad-Signals: dt=1683958946601&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C676%2C380&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Sat, 13 May 2023 06:22:26 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/en_GB/ Frame 012E 29 KB
8 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dff45b01d21870bb06e88fdc39b8e4c957b7e388d48f089ec69bd45a96c69d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 15:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8242
x-xss-protection: 0
last-modified: Wed, 10 May 2023 01:29:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 May 2024 15:52:53 GMT

GET
DATA 200
OK truncated
/ Frame 012E 323 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c309517c2282c442d9010ca4a79d8eda7b374efbbc6bb049471179739d4e93ac

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
605 B 178ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.genshinlife.com&callback=_gfp_s_&client=ca-pub-2159478871575713

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2159478871575713&plah=www.genshinlife.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66b224b388a7f711f2808d28225059a9de12e5be6d9438b6b33794491816f758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 184ms
62ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.genshinlife.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 178ms
62ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.genshinlife.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=drag-target&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 06:22:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
87ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=drag-target&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.genshinlife.com
URL: https://www.genshinlife.com/generator/en/amazon-prime-video

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 May 2023 06:22:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0095 603 B
67 B 92ms
92ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2159478871575713&output=html&adk=1812271804&adf=3025194257&lmt=1683958946&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fwww.genshinlife.com%2Fgenerator%2Fen%2Famazon-prime-video&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683958946359&bpp=4&bdt=718&idt=403&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=286293137813&frm=20&pv=2&ga_vid=1845816350.1683958947&ga_sid=1683958947&ga_hid=1175807838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44788441%2C44789923&oid=2&pvsid=510909792255657&tmod=1172658294&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=427

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 06:22:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 012E 90 B
134 B 68ms
67ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6e84159614ae36b9ea3f7ef59f4d3c4fc86715570d9d40333d6d83b5ea39585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 May 2023 06:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 64ms
64ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 May 2023 06:22:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 css.css
d3vv4txqnrv4po.cloudfront.net/public/clockers/CustomButton/ 1010 B
1 KB 360ms
359ms Stylesheet
text/css 2600:9000:2057:6e00:18:9670:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vv4txqnrv4po.cloudfront.net/public/clockers/CustomButton/css.css
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/7460f0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6e00:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:27 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 22:29:00 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA6-C1
etag: "3f2-5a2f7428ae907"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1010
x-amz-cf-id: c79R9GLtaE41VgMoC3fAsrJcgsMP_TidDxJOItqgmZ0Iz0t1ss37Kg==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 105ms
105ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3f5e80c2423c35fc3970de370a34ff03a3992824e3b4961436e87eb24c13f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11283
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 200ms
83ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 May 2023 06:22:27 GMT

GET
H2 200 guid Show response
d3vv4txqnrv4po.cloudfront.net/public/ 0
276 B 361ms
360ms Script
text/html 2600:9000:2057:6e00:18:9670:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vv4txqnrv4po.cloudfront.net/public/guid?cpguid=466dfu2xb&e=ll&t=1683958947575
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/7460f0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6e00:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:27 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA6-C1
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-length: 0
x-amz-cf-id: 8GsLjIoh-3DNxcLeK0QvjdOuXq0XFH-aXaU2Ge_NjRipU2RARzkRWQ==

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 888D 13 KB
5 KB 56ms
54ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 29320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 May 2023 22:13:47 GMT
expires: Sat, 11 May 2024 22:13:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 57B1 783 B
1 KB 186ms
63ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a47e7e82b0a55d6a7e5049ddbaa37626674042ed59a24a9682829d867938c9f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dBGV3BhasZDI4X496S03dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-dBGV3BhasZDI4X496S03dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 06:22:27 GMT
expires: Sat, 13 May 2023 06:22:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 888D 37 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 04:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 04:30:43 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 888D 0
10 B 57ms
57ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8-MTXQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 57B1 0
0 88ms
87ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=510909792255657&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=510909792255657&bg=!-Pul-6_NAAYldGN0BXQ7ADkAdvg8Wk6Dpmy1df0OyO8tGswytp64yKcjDaW0ob8IF-cQ4Hczhi5tcNrzYF2uAU_E8Z5EYW1LwtQCAAAAUFIAAAAEaAEHCgCLFKdxT1svgg5lfoq5UpmgxPchpwqX9xqIXyePV3f1kTi1PUFAAL694krIxL1nSzEJb1GC_REBV7i9_YW-hFTzO7LQ1UXUJ95162Lnf0UnZksP8Uc5ml5O-XqNZkoLBkbAviznRKvlUDqthx72Z8cJQuyteDdxA171WXYjQN2ox2bnacPwoXoLbpKDlJkCpxpfYhTzFSEW7_lAFEF57FBJ-aLdnVTl7SeUEbUyuK03Adt_DkOqY-ZP5SDiI9pNLVW8EuR7lGD6RAsR4ELC6dvWX-dAtPoInJZjAPueKM26qCsw-ztv3QAhDX-RK-E1i3Sfn1cLkFGV7PJ5mZ8_dzFqJjJ6URLHfAyER466eXwUWGIkBoe4IUdbgXRyp4u-0UQEdXH3en12pC-jXhlE6sT1MwhisioZdwLL6h2Q33S9AehIWKINukF9pz763xhqL_4ozR5oy5bXKCAmPv6g0pBV-JaI7n2d8TiR-F9Lvhtr54DRCejJHnqOOv46Nf6ukSnqevtwlUcahDTK52BOmqpS1AIFfsAt24Giqidrjhvzc8zOZKA200G5lRwIdhn0pnVwwxHeG-dYNcKzRGIkOs6ShDo3Wwq3tuBrhmyeS3i9Rv6izohnkQZkbBg-PhNgUMlcfNKieKWWbKe4XfXSQZXhjk4fE1m2DLla_pNjrpEQpwJMl_aWLo2E04qv-XWkGl3yr8VPheWI2JYmBbWgZ9Xbo8fERj2zwcWiworaQgA67uKLt94zwzTwH3VuiDVNmg1b81uCkeyv5GwuxllmkNkGKi4WdcrWVH-f492VFn1kumnkDuXGFrQQlIHdRwex8qE5X0O5iyKg6KDfOIahwFwckI2iA2Arf_-3ftp-H7CSEjywOBT6uz_o_2CwdpOmg5brtjoNvmF6KDOvSOYk-e8w2Cda1FdNl-VlEcK3xArVH0P18p5ugxM0vp95nz2iqPZNzYXe2J2wS_f9vf7Q8712ydsiRPJJDupr6dfDSo_QncDo9YXmRjzuuzf7lzVGD5e2WaEjDQYixQlITX-SgOCJoa6rsmS3pWo74TmpwSUWcbv8lPx2BfiRR5MX-mrZYZYmiwQJnUY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 012E 28 B
54 B 68ms
66ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cfa9e7cb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
X-Goog-Request-Time: 1683958948655
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EHj9OK5y6CA?autoplay=1&mute=1
X-YouTube-Client-Version: 1.20230509.02.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtZN0Z1aEl3Vm9vbyii2fyiBg%3D%3D
X-YouTube-Ad-Signals: dt=1683958946450&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C676%2C380&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 13 May 2023 06:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 13 May 2023 06:22:28 GMT

GET
H2 200 check.php Show response
d3vv4txqnrv4po.cloudfront.net/public/external/ 78 B
371 B 359ms
359ms Script
application/javascript 2600:9000:2057:6e00:18:9670:2700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3vv4txqnrv4po.cloudfront.net/public/external/check.php?it=1623252&time=1683958949094
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/7460f0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6e00:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:29 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA6-C1
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 78
x-amz-cf-id: v1WSuWEWV2vQ6GmGTo5vT402cTf7HA_C4YrHs4N7K6GfgANFrR-2fw==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.genshinlife.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: frfidsgck1f5go48m82q3nlchk
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 9bKSCEtvBrM
.youtube.com/	1970-01-20 16:05:10	Name: VISITOR_INFO1_LIVE Value: Y7FuhIwVooo
.genshinlife.com/	1970-01-20 21:21:58	Name: _ga Value: GA1.2.1845816350.1683958947
.genshinlife.com/	1970-01-20 11:47:25	Name: _gid Value: GA1.2.121156064.1683958947
.genshinlife.com/	1970-01-20 11:45:59	Name: _gat_gtag_UA_127757768_8 Value: 1
www.genshinlife.com/	1970-01-20 12:00:22	Name: _cpguid Value: 466dfu2xb
.doubleclick.net/	1970-01-20 11:45:59	Name: test_cookie Value: CheckForPermission
.genshinlife.com/	1970-01-20 21:07:34	Name: __gads Value: ID=f926f36ad4df680a-2203f985cfdd003f:T=1683958946:RT=1683958946:S=ALNI_MbRbfImRHOzBkMMKV5pdFJO448mLA
.genshinlife.com/	1970-01-20 21:07:34	Name: __gpi Value: UID=00000bf9c90fbf4f:T=1683958946:RT=1683958946:S=ALNI_MbmPuhmsf_eDBqO8Gy2Mw3SSbde7Q

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2159478871575713&output=html&adk=1812271804&adf=3025194257&lmt=1683958946&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fwww.genshinlife.com%2Fgenerator%2Fen%2Famazon-prime-video&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1683958946359&bpp=4&bdt=718&idt=403&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=286293137813&frm=20&pv=2&ga_vid=1845816350.1683958947&ga_sid=1683958947&ga_hid=1175807838&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C44788441%2C44789923&oid=2&pvsid=510909792255657&tmod=1172658294&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=427 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
d13pxqgp3ixdbh.cloudfront.net
d3vv4txqnrv4po.cloudfront.net
dyodrs1kxvg6o.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.doubleclick.net
tpc.googlesyndication.com
www.genshinlife.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.youtube.com
2600:9000:2057:6e00:18:9670:2700:21
2600:9000:214f:c400:4:8d81:2c00:21
2600:9000:223e:7c00:1c:b3e3:eb40:21
2a00:1450:4001:806::2002
2a00:1450:4001:806::2006
2a00:1450:4001:809::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
51.89.69.149
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09594b96530d74c536706e7fc6664bb234c856a9f847df4a5839f06189c49b8a
0990515554465d389a925669dee5fd69ed552d13ba5636d0452e864084652fc9
09d0736709de4b0ee2cceb991d9ba74ad8a0dff3779c1b12292865ef7c2f4c1d
0ccc85b09af76d34a194fde307a941ae671f50aa3ad9a89a212d7351f10e7224
0da9464e3f84c914790c1f1c93ff78cb00e8439b870620ab1ffb475b6bb4bcfd
132153fc8ff2cbe5c6cecc682083658bd1d0faaaa5730cb2b7598d63f8cbde13
1e24bdf8f484d4031be760aaf50ad745583c54a91558d9a6a0bd3c7f2b353909
281109dbe793324b1ec548e934b36d1c80f94095aaa2671e59c2c05867f5e808
3698b9e2ac70466edccc50647793e7a8cb2946c1c34b6e276920ba14b99d47bc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
48a391f29bc14459aa881d701beed00820c0b7ef72aa0a85fc08d6e21d169ec1
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4d683e02564223b5b96563aadef8cac379da07e45e46996c8b5eb205b4c12656
528f265a89f489f9be56ccadf917eddb57c2da9f77273b0ae36d0fb4cad81ea2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5d52f2441bea414b04ea62df2b340341d63756810ff2482740da7832bce964
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cf86c139e55b3a6e43a82b0ca393ebb500f1dd4ce05c77dc990da97dca7b9d
66b224b388a7f711f2808d28225059a9de12e5be6d9438b6b33794491816f758
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c756b08d4588167bc0105c7551a10c04155c8514eeb9e4494caac282f75d688
78e168319e309abc44d42f81a719ed01727cc96eb7ab97d0f41eddca759e243e
7a0cbd7296919956e51d47e695c48c7f63edee47fa135fdd5c0695bc84dac87b
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7dff45b01d21870bb06e88fdc39b8e4c957b7e388d48f089ec69bd45a96c69d2
88f5e03aac0a72f8ab5f646abb9ca27814b1ef0edbf8807c917aaede3a4966a2
946f2a50c5129c95ac522dde2244fd4e000bf54c9f1502cbd4a1ae26d91b3c84
968a564b2049041ed6301afe981ddb09bd2f33d0e45660e0133a7bcd03dfcc69
98e68f8a1457f464e29be2753c8a0c060b10e0fa1dccd70cc8c0fb08aebac642
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a2cc654198d1bbc5c086d646cb9b8007c04949061bb42a62f992c7b622e7e45c
a47e7e82b0a55d6a7e5049ddbaa37626674042ed59a24a9682829d867938c9f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
a927bc9179273bd29b252650819e8c2e81ddd0eebc9b41bcf5bb754083f51237
acb908d30caa4cdc40d4d68bdeb6cf17d6b4874a0c2464d0bf333fa2005d7e42
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
bf798eb006c4e4f58b4d3f74d29a19be29f59c89de0e5f04a49b7d3eba00f5af
c01dbccfa0933ee99c6aae72ba100781dd054c687dfdecf77e109d3b24b20053
c0d8e0c0347e22dac458f4e3aa1a4ac9b450f3d8af285e657542f65e4eaf0e7f
c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c
c23da4d1ad3e321129917afa8ecb74b4b7d40fbba2495405d45bdf6293e60035
c309517c2282c442d9010ca4a79d8eda7b374efbbc6bb049471179739d4e93ac
c3a78bd5e300979ca4602922fa833aa8c5c590773924280e2026aa73966686ae
c3f5e80c2423c35fc3970de370a34ff03a3992824e3b4961436e87eb24c13f7f
cc8b16749d48c5eb7771bf33c17ab0cb02eef11bdc7fa7cb7e59188bf93cc38a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a465b7796cdf1572bb416feccea1bc31f4c020ea1eb6b29a3881b4e0216595
e5466641cdebcbda96aa52c9acad729742d92aec8e91a1f8879ff59f584c532f
e568b89ab7a24e8ca3b48958472485a34dbae97779fa1af4f2fece2105c0fd17
e663b627ed2ee0d1490f6490ff944426f47e0ac8300ecbca466b802dcc980989
e6e84159614ae36b9ea3f7ef59f4d3c4fc86715570d9d40333d6d83b5ea39585
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e87a09cef1a17d8c6a5a1b542521889f2f409262589d8d4fb1d9112c9e144bfb
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eccf57b62dbae261e99c42c11f1d643aa66362fc72a0696be044a75466ba5202
eeafdb1dfdd0116a0f4984f23d1d170d91628655aeba6e27596f267eafda7039
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f2012a0e775583734e958bb9c41c097d6cc66203153485faf01c1a2a505717bc
f33ede834353714f601c9d7b64dfc0008953aa6d153fb32e7000952083268de5
f6412288a06f5b354674ebf8b3b1c732f40567f536bed66d859ddf69a0ace4ff
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

www.genshinlife.com Open in urlscan Pro 51.89.69.149 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

97 %HTTPS

94 %IPv6

12 Domains

19 Subdomains

19 IPs

3 Countries

2753 kBTransfer

5517 kBSize

10 Cookies

4 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.genshinlife.com Open in urlscan Pro
51.89.69.149 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

97 %
HTTPS

94 %
IPv6

12
Domains

19
Subdomains

19
IPs

3
Countries

2753 kB
Transfer

5517 kB
Size

10
Cookies

79 HTTP transactions
1 data transactions