urlscan.io logo urlscan.io
SecurityTrails logo

lestlim.xyz Open in urlscan Pro
172.67.192.182  Public Scan

Go To Rescan Add Verdict Report
URL: http://lestlim.xyz/
Submission: On September 02 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 20 domains to perform 58 HTTP transactions. The main IP is 172.67.192.182, located in United States and belongs to CLOUDFLARENET, US. The main domain is lestlim.xyz.
This is the only time lestlim.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.192.182 13335 (CLOUDFLAR...)
5 18.66.188.100 16509 (AMAZON-02)
1 1 67.199.248.10 396982 (GOOGLE-CL...)
1 192.243.59.12 39572 (ADVANCEDH...)
1 142.250.185.74 15169 (GOOGLE)
1 142.250.181.234 15169 (GOOGLE)
2 6 146.75.120.193 54113 (FASTLY)
1 9 188.114.96.3 13335 (CLOUDFLAR...)
2 18.66.122.114 16509 (AMAZON-02)
1 157.240.0.35 32934 (FACEBOOK)
4 6 142.250.185.173 15169 (GOOGLE)
1 199.59.243.224 16509 (AMAZON-02)
1 52.59.89.39 16509 (AMAZON-02)
8 142.250.184.206 15169 (GOOGLE)
6 172.217.16.195 15169 (GOOGLE)
3 18.66.122.41 16509 (AMAZON-02)
1 173.233.137.52 7979 (SERVERS-COM)
1 2 142.250.186.66 15169 (GOOGLE)
1 216.58.212.166 15169 (GOOGLE)
4 172.217.16.138 15169 (GOOGLE)
1 142.250.186.68 15169 (GOOGLE)
1 142.250.185.246 15169 (GOOGLE)
1 142.250.186.33 15169 (GOOGLE)
1 216.58.212.131 15169 (GOOGLE)
58 24
2    172.67.192.182 (United States)

ASN13335 (CLOUDFLARENET, US)
lestlim.xyz
5    18.66.188.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-100.muc50.r.cloudfront.net
dba9ytko5p72r.cloudfront.net
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
vaccinationwear.com
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
fonts.googleapis.com
1    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
ajax.googleapis.com
6    146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
9    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
cthisismoych.com
2    18.66.122.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-114.fra60.r.cloudfront.net
eresultedinncre.info
1    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
6    142.250.185.173 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f13.1e100.net
accounts.google.com
1    199.59.243.224 (United States)

ASN16509 (AMAZON-02, US)
addresseepaper.com
1    52.59.89.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-89-39.eu-central-1.compute.amazonaws.com
professionalswebcheck.com
8    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
www.youtube.com
6    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net
fonts.gstatic.com
3    18.66.122.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-41.fra60.r.cloudfront.net
eresultedinncre.info
1    173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)
banquetunarmedgrater.com
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads.g.doubleclick.net
1    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net
static.doubleclick.net
4    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net
jnn-pa.googleapis.com
1    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
1    142.250.185.246 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f22.1e100.net
i.ytimg.com
1    142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net
yt3.ggpht.com
1    216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f3.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 83
1007 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
96 KB
7 google.com
accounts.google.com — Cisco Umbrella Rank: 34
www.google.com — Cisco Umbrella Rank: 2
18 KB
6 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7287
329 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
ajax.googleapis.com — Cisco Umbrella Rank: 368
jnn-pa.googleapis.com — Cisco Umbrella Rank: 230
66 KB
5 cthisismoych.com
cthisismoych.com
2 KB
5 eresultedinncre.info
eresultedinncre.info
7 KB
5 cloudfront.net
dba9ytko5p72r.cloudfront.net
233 KB
4 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 34013
202 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
static.doubleclick.net — Cisco Umbrella Rank: 280
1 KB
2 lestlim.xyz
lestlim.xyz
31 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 233
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
60 KB
1 banquetunarmedgrater.com
banquetunarmedgrater.com — Cisco Umbrella Rank: 21510
329 B
1 professionalswebcheck.com
professionalswebcheck.com — Cisco Umbrella Rank: 14834
297 B
1 addresseepaper.com
addresseepaper.com — Cisco Umbrella Rank: 23462
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
1 vaccinationwear.com
vaccinationwear.com
17 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6526
315 B
0 chatango.com Failed
st.chatango.com Failed
58 20
Domain Requested by
8 www.youtube.com lestlim.xyz
www.youtube.com
6 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
6 accounts.google.com 4 redirects lestlim.xyz
6 i.imgur.com 2 redirects lestlim.xyz
5 cthisismoych.com 1 redirects lestlim.xyz
5 eresultedinncre.info dba9ytko5p72r.cloudfront.net
5 dba9ytko5p72r.cloudfront.net lestlim.xyz
eresultedinncre.info
4 jnn-pa.googleapis.com www.youtube.com
4 pogothere.xyz dba9ytko5p72r.cloudfront.net
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 lestlim.xyz lestlim.xyz
1 www.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 banquetunarmedgrater.com bit.ly
1 professionalswebcheck.com bit.ly
1 addresseepaper.com bit.ly
1 www.facebook.com lestlim.xyz
1 ajax.googleapis.com lestlim.xyz
1 fonts.googleapis.com lestlim.xyz
1 vaccinationwear.com lestlim.xyz
1 bit.ly 1 redirects
0 st.chatango.com Failed lestlim.xyz
58 25

This site contains links to these domains. Also see Links.

Domain
twentiethparticipation.com
Subject Issuer Validity Valid
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-27		 a year crt.sh
eresultedinncre.info
Amazon RSA 2048 M01		 2023-08-27 -
2024-09-24		 a year crt.sh
cthisismoych.com
GTS CA 1P5		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-11 -
2023-09-09		 3 months crt.sh
professionalswebcheck.com
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://lestlim.xyz/
Frame ID: 482ABA4507B8035DD247BFFDB93758D3
Requests: 30 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BLzLBfRUVvM
Frame ID: 5F641F4018229ABF73FFBBCC7CFC24DA
Requests: 21 HTTP requests in this frame

Frame: http://eresultedinncre.info/dlJRTjkXMDIjBhdvM2hMBD5sawswd2MIXRQzaDdNHT1kPg5EIH8tVRknNShLGTwlYFcTJnR8fzAzGQRpOAc2AnElFAUqQQEwGjlRU2AXG2wSd2MMeD4iHgl9DjMbJlEmGWMbdTkDCBRgDmYdA3gGZDMmTj8ZJiYPIjplO24PawcYegYwGn9vMjMHH0o1OWh5fAwlCAZqJxsBH1YnGRQLDTcQYSlvRGY1Cwo8Cxs2cBQbYCVJIgcQBHgxCAgYCkYUCAwBFBsHC1c+JRc/e0U1FgxUGRo0CFU1CwAYTSEoEz97RTU3CUAzFjcLCDQWAwwPIRMhe3ghFB8fcVtrBAF7ETcaJXACETklVCcFYC93Pj0WKAksEDQce0AFFyFSLgYmCHEbPRkNCUcTN39SHhMpKkg0YTYefw8qNAQJMAo3H2wEExAPXiERYABoNzkUK29DMTc2TU8HFBQPMWE9LWgbPRkrewUGGhhoQBMHKgAVYWAsayEXFihSQhoyKWsBBxQMDDRhPS9qRTETLW8GGTQPCVA4IiFXBm81HnonJgcYbxUQFAE
Frame ID: 5BC90793F54A2DBAC86B6017A21BEC0E
Requests: 2 HTTP requests in this frame

Frame: http://eresultedinncre.info/ZW1yZ0cEDxEKeARQEEEyFwFPQnUjSEAhIwcMSx4zDgJHF3BXH1wEKwoYFgE1CgMGSSkAGVdVAQ8/HyEoKF0rCwMCNyQCEywkNiZyQF80AwE3DjAJHQIuChMkLikoBAMgOAYuAxZUJDU/HSAhCzUGXzMxAgkJRQMCBignDiANNTdSEC4uJAQQNzgcLiArOzBVBhwoIwMeABc/IwQJPAspIA4lKiQVAiszDAguFBkFBjNVAy13NwwWPwkKOCdXBQEARjAGM10bLBU8DzQJFVcpChAQASUoNhAnXEA+diwcNAkVVysVISMGJTgiEFYrGAMBIDwwPw0TPzRKKCEnCD4VJysrHw4SIDYwLS8HJx5zIgkqIRcyGiQNIyMrMzAEURQ2JhYyCTMxAjIKPxYLEgI8ISk3XzAAdjQhIQsOMTw0VQ00BhM/BBYHICE3VAlBAx83CjwIJFQBESUqDV4kMSAyCTo+FCY7JwkJJAU8JhYnFycLfwEJKiUPLTxHVCEJARMlHzdeJ1YCKQ4cXhMwLCBCdSdLGBQoCx1PAzEOCygyIT9aIiYfUA
Frame ID: 68683AA39D2C09B1D48E3696AE350B9D
Requests: 2 HTTP requests in this frame

Frame: http://eresultedinncre.info/VDR5WFI1Vho1bTUJG34nJlhEfWASEUseNjZVQCEmP1tMKGVmRlc7PjtBHT4gO1oNdjwxQFxqFDVlSgInMHI0PxUFdSo6FjdSOjM+JlFJEjEFBh00GhYEGwgGGng6GmpmfzwVHh5eTRMfBVw3GmABdz8aECFXLxkREmBJMwFkUysIARZ4IWkbLX4BCgYFfCxqFGV5IwgWP1I4MDUtbhIJPQVsSCIHZUw8PSgFUjgaE2x6OA4eBlk0LBM/QD4BYR5zKB0AZlc9Ch4GWTRoGiN2OgJgDnI1HhQ8Vw5tCwV8CTUAEgAvESgZVTovH2Z9K2gaFXwjIB8SGQ0QCBMFPw8UElwaaWYSfDo7JxNfDR8XE248ADozAjIaHBhmFBU5EUNJPgITRC0AFwVDMi8DFnMtAj8GdxEeCzpiIAA+JFkcaBg2YxQSYQZfDR8LLnUhGxABXDI0HDd5FAIlBWE7EAgDYT0NYgJGHGgADWYUEioABSMZMzpyNg8HIxITKz06REQ+OTFfTD0AOX0+PmsA
Frame ID: 7218399A2029F18780E9B4C649EC5D9E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Darmowy stream przez internet, bezpłatna transmisja - Lestlim.xyz

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

59 %
HTTPS

0 %
IPv6

20
Domains

25
Subdomains

24
IPs

3
Countries

2068 kB
Transfer

5156 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://bit.ly/40GRurW HTTP 301
  • https://vaccinationwear.com/f2/79/ab/f279abe142e8d5d32f3a006f34f99032.js
Request Chain 6
  • https://i.imgur.com/UWzxCe3.jpeg HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 7
  • https://i.imgur.com/XRRn9tm.jpeg HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 17
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXo7B7WU5woWUUZHaWcV9bOYRbt20rKU1zX_NryH6N26IMoLqUL9BFnEdZry_HSD_EIXxf8QTzGL HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7Vvmqc8MGhIXInPtlCHe_s9abf5b1fnYkM28fmHUXMxpyMeCB-9Cmg7Rgm9uX287sXQSFGAVQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1644817508%3A1693670512320082&theme=glif
Request Chain 18
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXo7B7VnYIOY-PUxvy1o6A7Ias2c17a5psYXhfPIjNMTmjcAqsAZbiSqRC93B7Fo651WXvIJp5Z3 HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7WNcJW_Yoqkow7lPeBhuMtKJj1jIn0ctvnU30GGQZ-XLUi-J-3MLYx6Bo1hDoe2aPOr96keww&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1476471992%3A1693670512272704&theme=glif
Request Chain 19
  • http://cthisismoych.com/popunder.gif HTTP 301
  • https://cthisismoych.com/popunder.gif
Request Chain 42
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lestlim.xyz/ 		72 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://lestlim.xyz/
Protocol
HTTP/1.1
Server
172.67.192.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3138d756a10a6a77b518cfda00d79eeb993130f41422e708a17767bbd8ff98b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
8006f952890ec008-WAW
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 02 Sep 2023 16:01:50 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5z79ZQuj5u4m5QM%2F0NSPLRQm9%2Fa7QZuFMtxKpHLXNAEF9fRdhhrjDz45oceDa%2Bv%2F1%2FS1MLW%2B69y3Ou27vcEU0ph%2FWbFV2mW8VqlUuk4VMWNn%2F6a2hzUVcos8tMEdCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
vary
Accept-Encoding
/
dba9ytko5p72r.cloudfront.net/ 		354 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
HTTP/1.1
Server
18.66.188.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-188-100.muc50.r.cloudfront.net
Software
/
Resource Hash
83b318130ed616913993536814ead3267ffd27b9d971d12c5285ba5aa592d9c8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Sep 2023 16:01:51 GMT
Content-Encoding
gzip
Via
1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
117514
X-Amz-Cf-Id
hz8p8SMQ2lo7sHJuN2RXk983Ojd_yduNIcnFktzPifT1CQt2VxzrdA==
f279abe142e8d5d32f3a006f34f99032.js
vaccinationwear.com/f2/79/ab/
Redirect Chain
  • https://bit.ly/40GRurW
  • https://vaccinationwear.com/f2/79/ab/f279abe142e8d5d32f3a006f34f99032.js
40 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaccinationwear.com/f2/79/ab/f279abe142e8d5d32f3a006f34f99032.js
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
0e7ccbb02e6b2aed947978276bf902a62e398aba84ad4c52c71c425212cfeb51
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sat, 02 Sep 2023 16:01:51 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
21845d99e2e9dcf4937698dc025559ff
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

date
Sat, 02 Sep 2023 16:01:50 GMT
content-security-policy
referrer always;
referrer-policy
unsafe-url
via
1.1 google
server
nginx
content-type
text/html; charset=utf-8
location
https://vaccinationwear.com/f2/79/ab/f279abe142e8d5d32f3a006f34f99032.js
cache-control
private, max-age=90
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
159
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css2?family=Kanit:wght@500&family=Roboto:wght@500&display=swap
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
HTTP/1.1
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
87f64771004325683532e7028bdbd018bc6a6b230504593f6896e918a74490ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sat, 02 Sep 2023 16:01:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sat, 02 Sep 2023 16:01:50 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Sat, 02 Sep 2023 16:01:50 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
HTTP/1.1
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Fri, 01 Sep 2023 08:22:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
113956
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33621
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 31 Aug 2024 08:22:34 GMT
di.js
lestlim.xyz/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://lestlim.xyz/di.js
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
HTTP/1.1
Server
172.67.192.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 02 Sep 2023 16:01:50 GMT
Content-Encoding
gzip
CF-Cache-Status
BYPASS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B14T1OqO5sIoMy%2FkY9oZW%2FQwjBdVZEvvCU0b2oqNgqLvNoGXEQeVif96AJX4m2%2Bx6Wsa4yTJ7MvfdfjSfSuyoFqECxiioOFzTEhHBgGrPb41KCFzCyQvP9bwso2afg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Vary
Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
CF-RAY
8006f95329bdc008-WAW
alt-svc
h3=":443"; ma=86400
emb.js
st.chatango.com/js/gz/ 		0
0
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/UWzxCe3.jpeg
  • https://i.imgur.com/removed.png
503 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
46080998
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220085-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1693670512.816353,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 945692

Redirect headers

x-cache-hits
0, 5
date
Sat, 02 Sep 2023 16:01:51 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
39
x-timer
S1693670512.755998,VS0,VE0
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kjyo7100084-IAD, cache-fra-etou8220085-FRA
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/XRRn9tm.jpeg
  • https://i.imgur.com/removed.png
503 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
46080998
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220085-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1693670512.816357,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 945692

Redirect headers

x-cache-hits
0, 30
date
Sat, 02 Sep 2023 16:01:51 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
482
x-timer
S1693670512.756004,VS0,VE0
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kiad7000100-IAD, cache-fra-etou8220085-FRA
fxxXYy9.jpeg
i.imgur.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/fxxXYy9.jpeg
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
1aaf3d47239c846015982d1149bd8b74746833541f02718385ce9afe92711358
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
1208108
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT, HIT
content-length
20560
x-served-by
cache-iad-kcgs7200115-IAD, cache-fra-etou8220085-FRA
last-modified
Sat, 19 Aug 2023 16:23:30 GMT
server
cat factory 1.0
x-timer
S1693670512.755983,VS0,VE1
etag
"4736e06245ee40c4cb575e88b0da3450"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rA8r9KnfSqj7YqipTGX_IiOrVV77s-zN1QkcWnAMGXWD7uhmETa-Rw==
x-cache-hits
1, 1
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dba9ytko5p72r.cloudfront.net
URL: http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1643
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 02 Sep 2023 15:34:28 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
http://lestlim.xyz
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSTAb%2FMbH4455BoUado%2F%2B%2Ft7iGzo4QEPMIw3hPKRjqVWFRfEol2UYkawo9%2FHLzQWpOE4gVCBMPB2%2BBw%2BxaoFWLkNeKNZ4zL4sUhRyjylKMPNwHVHGwtBeFZTZH1ZA6LI"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8006f9584f8c3bc7-WAW
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		26 B
362 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dba9ytko5p72r.cloudfront.net
URL: http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14fdefb64a4acf54dac81a29522d96cb9733c88193858156de46a2d733964edd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0i89b7olYlypZxcJllaPDQC0ULdEXx5ON8sgmB608a8Gptn4TBZINsn%2BrCherisxegDAkqRXeft2LPybcJrmGRWb9D1cwEu2dclZ2T6oIwd%2FMbPoeDzrpanh0z9iz7hJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
http://lestlim.xyz
content-type
text/plain
access-control-allow-credentials
true
cf-ray
8006f9584f8d3bc7-WAW
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
eresultedinncre.info/ 		0
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eresultedinncre.info/utx?cb=AR0L1cc8uXjH&top=lestlim.xyz&tid=795152
Requested by
Host: dba9ytko5p72r.cloudfront.net
URL: http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-114.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Sep 2023 16:01:51 GMT
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://lestlim.xyz
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
tYKSt7SqlEo0CyXb6_YlmisB_RGjLV3G5RZbyHKTTyOwFfnTvvmtgQ==
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: dba9ytko5p72r.cloudfront.net
URL: http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1643
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 02 Sep 2023 15:34:28 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
http://lestlim.xyz
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IIp1liQZ7cf%2BHQlXaWAzusL3x3ZGJe8O0hAabIMpWPufqqOmFr0xk%2BBZUrPQHWqLRKsx2LVVaIrIvXd8o05puKXjUW37kIHa%2Fb3SmKruUoebWtwTwzSjofKAAQVulOJ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8006f9584f903bc7-WAW
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: dba9ytko5p72r.cloudfront.net
URL: http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0a197fa35f7f27c0f5e432f2b7cb5981715ed9330d84de5eafaa82e109b8b26

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8seXFogq%2F0gqNQz0yCiDFVLyg4%2FTtQNA%2BUl838vBsMaHYXXuEDSrX8PPUkwdskXOpQIJN0ZqFnGCX5nTzLVg6w7LF9cVINZKHShmsxOVyjHs%2F%2BMw6BDf2cq57TLdvlAh"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
http://lestlim.xyz
content-type
text/plain
access-control-allow-credentials
true
cf-ray
8006f9584f913bc7-WAW
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
eresultedinncre.info/ 		0
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eresultedinncre.info/utx?cb=IbzmS08iVYKp&top=lestlim.xyz&tid=925450
Requested by
Host: dba9ytko5p72r.cloudfront.net
URL: http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-114.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Sep 2023 16:01:51 GMT
via
1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://lestlim.xyz
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
4DRbob2xRatUl_TtoiwLKBtvEP-OYIXvXiGzETNJnycnWPlsNt3itQ==
bk5rRTRBcQg2CTwIA3RRBTpYJF9fBA52dhwaLgsNCgkbBmAmKU0xXQpzXHwBX3tZY0QHKlZ0Eh06CjFBHXNaY10AKAR4EhhzWmsHWmBYcRpeaB54BUg6GyRTU39NNUAaIlZ0Ald9XXIEW39adwFZ
cthisismoych.com/ 		0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cthisismoych.com/bk5rRTRBcQg2CTwIA3RRBTpYJF9fBA52dhwaLgsNCgkbBmAmKU0xXQpzXHwBX3tZY0QHKlZ0Eh06CjFBHXNaY10AKAR4EhhzWmsHWmBYcRpeaB54BUg6GyRTU39NNUAaIlZ0Ald9XXIEW39adwFZ
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUbRp0wViiszGZfeAHjXyTZ3c8zNRE1J7sioMqDOLVJbzmFc4s0JC76YoG3%2BXZpT%2FlWPM5n42875Fv0WCcilcELJ7FfvLvZSFPaPzg0Z0S02tVudiaCyGOriOBNzOnSeJRA6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8006f95a6cd33510-WAW
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AXo7B7WU5woWUUZHaWcV9bOYRbt20rKU1zX_NryH6N26IMoLqUL9BFnEdZry_HS...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7Vvmqc8MGhIXInPtlCHe_s9abf5b1fnYkM28fmHUXMxpyMeCB-9Cmg7Rgm9uX287sXQSFGAVQ&passiv...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7Vvmqc8MGhIXInPtlCHe_s9abf5b1fnYkM28fmHUXMxpyMeCB-9Cmg7Rgm9uX287sXQSFGAVQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1644817508%3A1693670512320082&theme=glif
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Server
142.250.185.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date
Sat, 02 Sep 2023 16:01:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-L1umwXseDDqPL4kmdq1rsQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7Vvmqc8MGhIXInPtlCHe_s9abf5b1fnYkM28fmHUXMxpyMeCB-9Cmg7Rgm9uX287sXQSFGAVQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1644817508%3A1693670512320082&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AXo7B7VnYIOY-PUxvy1o6A7Ias2c17a5psYXhfPIjNMTmjcAqsAZbiSqRC9...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7WNcJW_Yoqkow7lPeBhuMtKJj1jIn0ctvnU30GGQZ-XLUi-J-3MLYx6Bo1hDoe2aPOr96keww&passi...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7WNcJW_Yoqkow7lPeBhuMtKJj1jIn0ctvnU30GGQZ-XLUi-J-3MLYx6Bo1hDoe2aPOr96keww&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1476471992%3A1693670512272704&theme=glif
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Server
142.250.185.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f13.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date
Sat, 02 Sep 2023 16:01:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-oxREG1pVFUZiQNAiyzOgLg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7WNcJW_Yoqkow7lPeBhuMtKJj1jIn0ctvnU30GGQZ-XLUi-J-3MLYx6Bo1hDoe2aPOr96keww&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1476471992%3A1693670512272704&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
popunder.gif
cthisismoych.com/
Redirect Chain
  • http://cthisismoych.com/popunder.gif
  • https://cthisismoych.com/popunder.gif
35 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cthisismoych.com/popunder.gif
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Sat, 02 Sep 2023 16:01:51 GMT
cf-cache-status
HIT
last-modified
Sat, 02 Sep 2023 14:38:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4992
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FE3T9BHThXxCeLBneKd%2F5kNrn5FWJQoNtPnHFZAZxtB2DmgyYdhB2Fw%2F%2FDrlFSKsxNFgjNpOWCPLiKCum%2B9BOIGrRFz1yd%2Fgx2%2B1riskbzKSJLZStBNE8T1DCEfem77365Bz"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
8006f95a6cd53510-WAW
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Sat, 02 Sep 2023 16:01:51 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fu1HWl1%2BsjK7CK%2Bp9dzU%2BHr6UQqVs1rysvyaYuw6qLQ9jA1BpGq%2FL%2F7%2FooLNilmVrw7xGyFQxAOTx2N188Rex56mNZNJM48p0hjWTl%2FehZrtIdjtRL0tehLa2efcxlnzAZGz"}],"group":"cf-nel","max_age":604800}
Location
https://cthisismoych.com/popunder.gif
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
8006f959fc5034e6-WAW
alt-svc
h3=":443"; ma=86400
Expires
Sat, 02 Sep 2023 17:01:51 GMT
QF8Ff3lN
cthisismoych.com/dW40TU9aUVc+cicFchcrGB4EKAgFL2F+ekcPXykqEwBuORtEJxI5JhFTDX96QVsEaz8cCgl8aQYaVTk6BlMFayYbCFtwaQNTBWN8QUAHeWFFSEFwflMaRCwoSF8SPTsBAgl8eUxdAnp/ 		0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cthisismoych.com/dW40TU9aUVc+cicFchcrGB4EKAgFL2F+ekcPXykqEwBuORtEJxI5JhFTDX96QVsEaz8cCgl8aQYaVTk6BlMFayYbCFtwaQNTBWN8QUAHeWFFSEFwflMaRCwoSF8SPTsBAgl8eUxdAnp/QF8Ff3lN
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OHWvhgj7IXJQ%2B6b2Zuf%2Bn01kwTv09VuAunP4S6rMi8CQPPFH11I8zzcFlsVeotk8PXBNlL7CXM1vRLab0ildWGuZFJqEZQuv0umyW23V%2BR1d46zYtWgRuvw24ydTndpjWen"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8006f95a6cd43510-WAW
alt-svc
h3=":443"; ma=86400
MHYxekYfSVIJe2pGeAAJZSxUHyFxN1JLEAM0YAJ1aEV4PQd4LxcOL1RLCUJyAkEFXDZZEgxLfhYFRRsyRQUMS2BZGFcVexYADEtoAFgDVHIWAwxLYEQGUB17AVBBDjJcSwBMfwNABkpzAUcDTXQ
cthisismoych.com/ 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cthisismoych.com/MHYxekYfSVIJe2pGeAAJZSxUHyFxN1JLEAM0YAJ1aEV4PQd4LxcOL1RLCUJyAkEFXDZZEgxLfhYFRRsyRQUMS2BZGFcVexYADEtoAFgDVHIWAwxLYEQGUB17AVBBDjJcSwBMfwNABkpzAUcDTXQ
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUVa00YOhZc%2F2PRa7KBKF8LFtviLHVDoZufDqlhr0O2qZ1bIitDw%2FZnFtcB8%2Bci4MpdDNHLXXzHxJM3sVsMDeSJxYJGjeJy0eQV6sN7T93NrfP0td3J7kuCjEr%2FkR6oqcFs8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8006f95add313510-WAW
alt-svc
h3=":443"; ma=86400
/
dba9ytko5p72r.cloudfront.net/ 		354 KB
115 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
HTTP/1.1
Server
18.66.188.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-188-100.muc50.r.cloudfront.net
Software
/
Resource Hash
fb5a3f63874167dd1adae3497ca4d316cfd3554ad01f830ab353deae33ecd171

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Sep 2023 16:01:51 GMT
Content-Encoding
gzip
Via
1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
access-control-allow-origin
http://lestlim.xyz
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
117519
X-Amz-Cf-Id
v5aENJLw0BkIbpVxjDrg7NUL3E9l_EzZXVqXBA6oWn3WZzeB5EiCgw==
sfp.js
addresseepaper.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://addresseepaper.com/sfp.js
Requested by
Host: bit.ly
URL: https://bit.ly/40GRurW
Protocol
HTTP/1.1
Server
199.59.243.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
stats
professionalswebcheck.com/ 		40 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://professionalswebcheck.com/stats
Requested by
Host: bit.ly
URL: https://bit.ly/40GRurW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.89.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-89-39.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
a04133621370ad488848348ef32fc9a1548243670fffc9fe4cf92c7a03b5eb68

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
http://lestlim.xyz
date
Sat, 02 Sep 2023 16:01:51 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
BLzLBfRUVvM
www.youtube.com/embed/ Frame 5F64 		87 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/BLzLBfRUVvM
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
4184765f08496bcbec0381916f59f49f63e746c4c17f16794dc9ddb8b9175183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://lestlim.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 16:01:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=pl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
HwXAJLY.jpeg
i.imgur.com/ 		306 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/HwXAJLY.jpeg
Requested by
Host: lestlim.xyz
URL: http://lestlim.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
6e69b140df53d0e7f293d2174b92554932bbd123e13cb3209c77c283283f31c4
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:51 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD89-P1
age
2086120
x-cache
Miss from cloudfront, HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
313755
x-served-by
cache-iad-kiad7000085-IAD, cache-fra-etou8220085-FRA
last-modified
Sat, 21 May 2022 21:33:43 GMT
server
cat factory 1.0
x-timer
S1693670512.756014,VS0,VE2
etag
"7d2b7be356db4d7c2b8f1b3f14679811"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Mhk79_t9s6Z7Eb0q2J9rf1TuYXhtJigDIMVo1JAnkkFeJEHjbw7WUA==
x-cache-hits
19, 1
nKKU-Go6G5tXcr5mOBWnVaE.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5mOBWnVaE.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css2?family=Kanit:wght@500&family=Roboto:wght@500&display=swap
Protocol
HTTP/1.1
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
e84152f72d9c6fc90b6ff3fad4f8895d02f95e01e3181a994530801201cc4a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://lestlim.xyz
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 07:39:28 GMT
X-Content-Type-Options
nosniff
Age
202944
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
19292
X-XSS-Protection
0
Last-Modified
Thu, 20 Jul 2023 20:56:41 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 30 Aug 2024 07:39:28 GMT
nKKU-Go6G5tXcr5mOBWpVaF5NQ.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5mOBWpVaF5NQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css2?family=Kanit:wght@500&family=Roboto:wght@500&display=swap
Protocol
HTTP/1.1
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
5b5b12793c8ff1229c1a5bc6272d351a919e28497fa61c2d81b7d68485044031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://lestlim.xyz
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sat, 02 Sep 2023 16:01:52 GMT
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
19724
X-XSS-Protection
0
Last-Modified
Thu, 20 Jul 2023 20:53:51 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 01 Sep 2024 16:01:52 GMT
e0U1FgxUGRo0CFU1CwAYTSEoEz97RTU3CUAzFjcLCDQWAwwPIRMhe3ghFB8fcVtrBAF7ETcaJXACETklVCcFYC93Pj0WKAksEDQce0AFFyFSLgYmCHEbPRkNCUcTN39SHhMpKkg0YTYefw8qNAQJMAo3H2wEExAPXiERYABoNzkUK29DMTc2TU8HFBQPMWE9LWgbP...
eresultedinncre.info/dlJRTjkXMDIjBhdvM2hMBD5sawswd2MIXRQzaDdNHT1kPg5EIH8tVRknNShLGTwlYFcTJnR8fzAzGQRpOAc2AnElFAUqQQEwGjlRU2AXG2wSd2MMeD4iHgl9DjMbJlEmGWMbdTkDCBRgDmYdA3gGZDMmTj8ZJiYPIjplO24PawcYegYw... Frame 5BC9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://eresultedinncre.info/dlJRTjkXMDIjBhdvM2hMBD5sawswd2MIXRQzaDdNHT1kPg5EIH8tVRknNShLGTwlYFcTJnR8fzAzGQRpOAc2AnElFAUqQQEwGjlRU2AXG2wSd2MMeD4iHgl9DjMbJlEmGWMbdTkDCBRgDmYdA3gGZDMmTj8ZJiYPIjplO24PawcYegYwGn9vMjMHH0o1OWh5fAwlCAZqJxsBH1YnGRQLDTcQYSlvRGY1Cwo8Cxs2cBQbYCVJIgcQBHgxCAgYCkYUCAwBFBsHC1c+JRc/e0U1FgxUGRo0CFU1CwAYTSEoEz97RTU3CUAzFjcLCDQWAwwPIRMhe3ghFB8fcVtrBAF7ETcaJXACETklVCcFYC93Pj0WKAksEDQce0AFFyFSLgYmCHEbPRkNCUcTN39SHhMpKkg0YTYefw8qNAQJMAo3H2wEExAPXiERYABoNzkUK29DMTc2TU8HFBQPMWE9LWgbPRkrewUGGhhoQBMHKgAVYWAsayEXFihSQhoyKWsBBxQMDDRhPS9qRTETLW8GGTQPCVA4IiFXBm81HnonJgcYbxUQFAE
Requested by
Host: dba9ytko5p72r.cloudfront.net
URL: http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Protocol
HTTP/1.1
Server
18.66.122.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-41.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
0f3ceaa3cbbe53d0385e4ba830ebd15b4a873fa79e11898316fe11ddbe590325

Request headers

Referer
http://lestlim.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
Connection
keep-alive
Content-Length
1249
Content-Type
text/html
Date
Sat, 02 Sep 2023 16:01:51 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
zRTpRSrdI6v3EDWLMotQTxec47APJLLO-pppxyELoATw1lbL8fesMQ==
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
BBYHICE3VAlBAx83CjwIJFQBESUqDV4kMSAyCTo+FCY7JwkJJAU8JhYnFycLfwEJKiUPLTxHVCEJARMlHzdeJ1YCKQ4cXhMwLCBCdSdLGBQoCx1PAzEOCygyIT9aIiYfUA
eresultedinncre.info/ZW1yZ0cEDxEKeARQEEEyFwFPQnUjSEAhIwcMSx4zDgJHF3BXH1wEKwoYFgE1CgMGSSkAGVdVAQ8/HyEoKF0rCwMCNyQCEywkNiZyQF80AwE3DjAJHQIuChMkLikoBAMgOAYuAxZUJDU/HSAhCzUGXzMxAgkJRQMCBignDiANNTdSEC4u... Frame 6868 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://eresultedinncre.info/ZW1yZ0cEDxEKeARQEEEyFwFPQnUjSEAhIwcMSx4zDgJHF3BXH1wEKwoYFgE1CgMGSSkAGVdVAQ8/HyEoKF0rCwMCNyQCEywkNiZyQF80AwE3DjAJHQIuChMkLikoBAMgOAYuAxZUJDU/HSAhCzUGXzMxAgkJRQMCBignDiANNTdSEC4uJAQQNzgcLiArOzBVBhwoIwMeABc/IwQJPAspIA4lKiQVAiszDAguFBkFBjNVAy13NwwWPwkKOCdXBQEARjAGM10bLBU8DzQJFVcpChAQASUoNhAnXEA+diwcNAkVVysVISMGJTgiEFYrGAMBIDwwPw0TPzRKKCEnCD4VJysrHw4SIDYwLS8HJx5zIgkqIRcyGiQNIyMrMzAEURQ2JhYyCTMxAjIKPxYLEgI8ISk3XzAAdjQhIQsOMTw0VQ00BhM/BBYHICE3VAlBAx83CjwIJFQBESUqDV4kMSAyCTo+FCY7JwkJJAU8JhYnFycLfwEJKiUPLTxHVCEJARMlHzdeJ1YCKQ4cXhMwLCBCdSdLGBQoCx1PAzEOCygyIT9aIiYfUA
Requested by
Host: dba9ytko5p72r.cloudfront.net
URL: http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Protocol
HTTP/1.1
Server
18.66.122.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-41.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
8134751edfa3444773ad14b2a2ffa856a21c255ce0fc88b51d00b392091dc34a

Request headers

Referer
http://lestlim.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
Connection
keep-alive
Content-Length
1255
Content-Type
text/html
Date
Sat, 02 Sep 2023 16:01:51 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
X-Amz-Cf-Id
lm7-d0bvvNXBnIgQ-HQ5ac7jNidvgvVg7b31SIcVvYMj6lID2ZaCxA==
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
QD4BYR5zKB0AZlc9Ch4GWTRoGiN2OgJgDnI1HhQ8Vw5tCwV8CTUAEgAvESgZVTovH2Z9K2gaFXwjIB8SGQ0QCBMFPw8UElwaaWYSfDo7JxNfDR8XE248ADozAjIaHBhmFBU5EUNJPgITRC0AFwVDMi8DFnMtAj8GdxEeCzpiIAA+JFkcaBg2YxQSYQZfDR8LLnUhG...
eresultedinncre.info/VDR5WFI1Vho1bTUJG34nJlhEfWASEUseNjZVQCEmP1tMKGVmRlc7PjtBHT4gO1oNdjwxQFxqFDVlSgInMHI0PxUFdSo6FjdSOjM+JlFJEjEFBh00GhYEGwgGGng6GmpmfzwVHh5eTRMfBVw3GmABdz8aECFXLxkREmBJMwFkUysIARZ4... Frame 7218 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://eresultedinncre.info/VDR5WFI1Vho1bTUJG34nJlhEfWASEUseNjZVQCEmP1tMKGVmRlc7PjtBHT4gO1oNdjwxQFxqFDVlSgInMHI0PxUFdSo6FjdSOjM+JlFJEjEFBh00GhYEGwgGGng6GmpmfzwVHh5eTRMfBVw3GmABdz8aECFXLxkREmBJMwFkUysIARZ4IWkbLX4BCgYFfCxqFGV5IwgWP1I4MDUtbhIJPQVsSCIHZUw8PSgFUjgaE2x6OA4eBlk0LBM/QD4BYR5zKB0AZlc9Ch4GWTRoGiN2OgJgDnI1HhQ8Vw5tCwV8CTUAEgAvESgZVTovH2Z9K2gaFXwjIB8SGQ0QCBMFPw8UElwaaWYSfDo7JxNfDR8XE248ADozAjIaHBhmFBU5EUNJPgITRC0AFwVDMi8DFnMtAj8GdxEeCzpiIAA+JFkcaBg2YxQSYQZfDR8LLnUhGxABXDI0HDd5FAIlBWE7EAgDYT0NYgJGHGgADWYUEioABSMZMzpyNg8HIxITKz06REQ+OTFfTD0AOX0+PmsA
Requested by
Host: dba9ytko5p72r.cloudfront.net
URL: http://dba9ytko5p72r.cloudfront.net/?tyabd=795152
Protocol
HTTP/1.1
Server
18.66.122.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-41.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
515c16ca7d2fbc8eacdb5936effcdabbb860f236a859648db0754d28e7cfb2cc

Request headers

Referer
http://lestlim.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
Connection
keep-alive
Content-Length
1236
Content-Type
text/html
Date
Sat, 02 Sep 2023 16:01:51 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
IYFQ4tvRhynMW2Ube6Ko78kyt6bRqm-hryBwmu2QkxPJepV1EV4SYw==
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
advertisers.js
banquetunarmedgrater.com/ 		0
329 B 		Script
General
Check archive.org
Download Go to
Full URL
http://banquetunarmedgrater.com/advertisers.js
Requested by
Host: bit.ly
URL: https://bit.ly/40GRurW
Protocol
HTTP/1.1
Server
173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://lestlim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sat, 02 Sep 2023 16:01:52 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
f1850346d923e3dd9e4970e1f6bc980d
Expires
Thu, 01 Jan 1970 00:00:01 GMT
UUd+AHpOGDxaJhhPK2ULOQYZYx4LMAp6bhwIKwh6Th4uWy9VVCpbK1VDaVQsCk97EzwYHSQIPQoQKEE4AB0gV24dE3JYJxIbI1kpTUAJAGZYV30FYB8bIVEnHwFqB3gGBmoHeFlCYQVtWzBqB3gfGyEDfE1BDRB6WAp5AWFNQH-9UOBgeKkItChkmQW1aNHoGf0ZB...
dba9ytko5p72r.cloudfront.net/FaHJPNUgLHSFTdxwbKwh/ Frame 5BC9 		808 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dba9ytko5p72r.cloudfront.net/FaHJPNUgLHSFTdxwbKwh/UUd+AHpOGDxaJhhPK2ULOQYZYx4LMAp6bhwIKwh6Th4uWy9VVCpbK1VDaVQsCk97EzwYHSQIPQoQKEE4AB0gV24dE3JYJxIbI1kpTUAJAGZYV30FYB8bIVEnHwFqB3gGBmoHeFlCYQVtWzBqB3gfGyEDfE1BDRB6WAp5AWFNQH-9UOBgeKkItChkmQW1aNHoGf0ZBeRB6WFokXTwFHmoHC01Af1khAxdqB3gPFyxeJ0FXfQUrAAAgWC1NQAkEeV5cfxt9UEZ6G3lcQmoHeBsTKVQ6AVd9c31bRWEGfk4HcgRwUEB5B3laS3cBcVpKeA0
Requested by
Host: eresultedinncre.info
URL: http://eresultedinncre.info/dlJRTjkXMDIjBhdvM2hMBD5sawswd2MIXRQzaDdNHT1kPg5EIH8tVRknNShLGTwlYFcTJnR8fzAzGQRpOAc2AnElFAUqQQEwGjlRU2AXG2wSd2MMeD4iHgl9DjMbJlEmGWMbdTkDCBRgDmYdA3gGZDMmTj8ZJiYPIjplO24PawcYegYwGn9vMjMHH0o1OWh5fAwlCAZqJxsBH1YnGRQLDTcQYSlvRGY1Cwo8Cxs2cBQbYCVJIgcQBHgxCAgYCkYUCAwBFBsHC1c+JRc/e0U1FgxUGRo0CFU1CwAYTSEoEz97RTU3CUAzFjcLCDQWAwwPIRMhe3ghFB8fcVtrBAF7ETcaJXACETklVCcFYC93Pj0WKAksEDQce0AFFyFSLgYmCHEbPRkNCUcTN39SHhMpKkg0YTYefw8qNAQJMAo3H2wEExAPXiERYABoNzkUK29DMTc2TU8HFBQPMWE9LWgbPRkrewUGGhhoQBMHKgAVYWAsayEXFihSQhoyKWsBBxQMDDRhPS9qRTETLW8GGTQPCVA4IiFXBm81HnonJgcYbxUQFAE
Protocol
HTTP/1.1
Server
18.66.188.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-188-100.muc50.r.cloudfront.net
Software
/
Resource Hash
9e6c906d57472a058105232ba65d777304d3f55036dd256a7a68ace453b94d32

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://eresultedinncre.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sat, 02 Sep 2023 16:01:52 GMT
Content-Encoding
gzip
Via
1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
579
X-Amz-Cf-Id
Nvp7s80ERRmNQvdveZndE5q71ctSBusklRb0ZzUUlbD0IIxX1-zzAw==
dFRcBnZgCxtcKDZcDEUtIDs9VRxxMSlrc2AVEld7dEcEUighXE5WKCVcWRUnIgNVB2AyEQdYezMDClQyNgkHXCRgFAkOKykbAV8qJ0RadXNoUU0Bdm4WAV0iKRYbFnR2DxwWdHZQWB12Y1IqFnR2FgFdcHJEW3FjdFEQBXJvRF-oDJzYRBFYxIwMDWjJjUy4GdXFP...
dba9ytko5p72r.cloudfront.net/jRmFoM0YlDgZVeTIIDA5/ Frame 6868 		849 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dba9ytko5p72r.cloudfront.net/jRmFoM0YlDgZVeTIIDA5/dFRcBnZgCxtcKDZcDEUtIDs9VRxxMSlrc2AVEld7dEcEUighXE5WKCVcWRUnIgNVB2AyEQdYezMDClQyNgkHXCRgFAkOKykbAV8qJ0RadXNoUU0Bdm4WAV0iKRYbFnR2DxwWdHZQWB12Y1IqFnR2FgFdcHJEW3FjdFEQBXJvRF-oDJzYRBFYxIwMDWjJjUy4GdXFPWwVjdFFAWC4yDAQWdAVEWgMqLwoNFnR2Bg1QLSlITQF2JQkaXCsjRFp1d3dXRgNoc1lcBmh3VVgWdHYSCVUnNAhNAQBzUl8ddXBHHQ53fllaBXR3U1ELcn9TUAR+
Requested by
Host: eresultedinncre.info
URL: http://eresultedinncre.info/ZW1yZ0cEDxEKeARQEEEyFwFPQnUjSEAhIwcMSx4zDgJHF3BXH1wEKwoYFgE1CgMGSSkAGVdVAQ8/HyEoKF0rCwMCNyQCEywkNiZyQF80AwE3DjAJHQIuChMkLikoBAMgOAYuAxZUJDU/HSAhCzUGXzMxAgkJRQMCBignDiANNTdSEC4uJAQQNzgcLiArOzBVBhwoIwMeABc/IwQJPAspIA4lKiQVAiszDAguFBkFBjNVAy13NwwWPwkKOCdXBQEARjAGM10bLBU8DzQJFVcpChAQASUoNhAnXEA+diwcNAkVVysVISMGJTgiEFYrGAMBIDwwPw0TPzRKKCEnCD4VJysrHw4SIDYwLS8HJx5zIgkqIRcyGiQNIyMrMzAEURQ2JhYyCTMxAjIKPxYLEgI8ISk3XzAAdjQhIQsOMTw0VQ00BhM/BBYHICE3VAlBAx83CjwIJFQBESUqDV4kMSAyCTo+FCY7JwkJJAU8JhYnFycLfwEJKiUPLTxHVCEJARMlHzdeJ1YCKQ4cXhMwLCBCdSdLGBQoCx1PAzEOCygyIT9aIiYfUA
Protocol
HTTP/1.1
Server
18.66.188.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-188-100.muc50.r.cloudfront.net
Software
/
Resource Hash
3080c11aca1d59495e49cdde620dbf017aebcf8ce6c51507e7f68ebd03476f9f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://eresultedinncre.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sat, 02 Sep 2023 16:01:52 GMT
Content-Encoding
gzip
Via
1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
604
X-Amz-Cf-Id
tttmvA7YEs7Y7uNR8wq-y_k55f7eY9WSOnzRpOI48QHdOPEDnZ3IWA==
aQ3ZudFMgGQASbDcfCklre0JcQ2dlHB0bPTNLCB82KEMLJj4KMQhNB2UCFBBucVACFT0kS0gRPSBLX1IyJxRTQHU2F1MZPDkfAhgyZkQoQX1zU1xEezQfABA8NAVLRmMtAktGY3JGQER2cDRLRmM0HwBCZ2ZFLFFhcw5YQHpmRF4VIzMaCwM2IR0HAHZxMF-tHZG1...
dba9ytko5p72r.cloudfront.net/ Frame 7218 		201 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dba9ytko5p72r.cloudfront.net/aQ3ZudFMgGQASbDcfCklre0JcQ2dlHB0bPTNLCB82KEMLJj4KMQhNB2UCFBBucVACFT0kS0gRPSBLX1IyJxRTQHU2F1MZPDkfAhgyZkQoQX1zU1xEezQfABA8NAVLRmMtAktGY3JGQER2cDRLRmM0HwBCZ2ZFLFFhcw5YQHpmRF4VIzMaCwM2IR0HAHZxMF-tHZG1FWFFhc14FHCcuGktGEGZEXhg6KBNLRmMkEw0fPGpTXEQwKwQBGTZmRChFYnVYXlpme0JbWmJ3RktGYzAXCBUhKlNcMmZwQUBHZWUDU0Vre0RYRmJxT1ZAanFOWUw
Requested by
Host: eresultedinncre.info
URL: http://eresultedinncre.info/VDR5WFI1Vho1bTUJG34nJlhEfWASEUseNjZVQCEmP1tMKGVmRlc7PjtBHT4gO1oNdjwxQFxqFDVlSgInMHI0PxUFdSo6FjdSOjM+JlFJEjEFBh00GhYEGwgGGng6GmpmfzwVHh5eTRMfBVw3GmABdz8aECFXLxkREmBJMwFkUysIARZ4IWkbLX4BCgYFfCxqFGV5IwgWP1I4MDUtbhIJPQVsSCIHZUw8PSgFUjgaE2x6OA4eBlk0LBM/QD4BYR5zKB0AZlc9Ch4GWTRoGiN2OgJgDnI1HhQ8Vw5tCwV8CTUAEgAvESgZVTovH2Z9K2gaFXwjIB8SGQ0QCBMFPw8UElwaaWYSfDo7JxNfDR8XE248ADozAjIaHBhmFBU5EUNJPgITRC0AFwVDMi8DFnMtAj8GdxEeCzpiIAA+JFkcaBg2YxQSYQZfDR8LLnUhGxABXDI0HDd5FAIlBWE7EAgDYT0NYgJGHGgADWYUEioABSMZMzpyNg8HIxITKz06REQ+OTFfTD0AOX0+PmsA
Protocol
HTTP/1.1
Server
18.66.188.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-188-100.muc50.r.cloudfront.net
Software
/
Resource Hash
8da445a3e2664e8b8fe55d015d4b2b09762bab325395f902e84f6da08c625ae5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://eresultedinncre.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sat, 02 Sep 2023 16:01:52 GMT
Content-Encoding
gzip
Via
1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
194
X-Amz-Cf-Id
83aJAkX5bFvbbUlbNTZyjwpOVg2hnCoGOHQ5LFJSahO_pWVje1nYKA==
www-player.css
www.youtube.com/s/player/0a835141/ Frame 5F64 		383 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0a835141/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
9069993468a7c49cf9e9d0e93ec4ab9b8890843a0c69d414596b02dd96f180ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/embed/BLzLBfRUVvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:23:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49307
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 01:54:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 01 Sep 2024 15:23:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F64 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 08:35:58 GMT
x-content-type-options
nosniff
age
26754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 08:35:58 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F64 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 17:41:40 GMT
x-content-type-options
nosniff
age
339612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Aug 2024 17:41:40 GMT
embed.js
www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/ Frame 5F64 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
95002e5ddf7ccd0371fbcddecf8a6751e705dbc86dc494857eb4364400372400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/embed/BLzLBfRUVvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 07:33:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
289717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15292
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 01:54:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Aug 2024 07:33:15 GMT
www-embed-player.js
www.youtube.com/s/player/0a835141/www-embed-player.vflset/ Frame 5F64 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0a835141/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
57e1a11bbbf309d5c4ebac06ba9f26224d32f9253f5a7aab19b93280b1de4ab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/embed/BLzLBfRUVvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:14:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
2818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97433
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 01:54:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 01 Sep 2024 15:14:54 GMT
base.js
www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/ Frame 5F64 		2 MB
777 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
a179cbb9443a24dbfdac2974173e1aa05584bdbd068a23f8c6d479691710ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/embed/BLzLBfRUVvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 07:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
289717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795086
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 01:54:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Aug 2024 07:33:15 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 5F64
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b8748dbc7e76b96896cbbc96ff19dc64b44a87c1ab5cfb57b3d36c6999c781a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 02 Sep 2023 16:01:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 5F64 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0a835141/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:59:24 GMT
x-content-type-options
nosniff
age
149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 16:14:24 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 02 Sep 2023 16:01:53 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5F64 		68 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
ESF /
Resource Hash
b12d6089c9ba3a9432ec23d31bd9190be8472c85518ef390c6465f4277d39104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 02 Sep 2023 16:01:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31656
x-xss-protection
0
remote.js
www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/ Frame 5F64 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
308b53b49d2b04116a858640f11acf54ef665cc016c73c600a154d3ae6d62fd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/embed/BLzLBfRUVvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 07:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
289620
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33683
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 01:54:43 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Aug 2024 07:34:52 GMT
fVV-MN6RwrQ4B-VMAlqKh_6wLqAJCU5xhilRORsdIR0.js
www.google.com/js/th/ Frame 5F64 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/fVV-MN6RwrQ4B-VMAlqKh_6wLqAJCU5xhilRORsdIR0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
sffe /
Resource Hash
7d557e30de91c2b43807e54c025a8a87feb02ea009094e71862951391b1d211d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 07:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
115553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14634
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 31 Aug 2024 07:56:00 GMT
maxresdefault.jpg
i.ytimg.com/vi/BLzLBfRUVvM/ Frame 5F64 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/BLzLBfRUVvM/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEAgZSgzMA8=&rs=AOn4CLAzl-ipeYlGloOJ0Ns4UgyCkZQzxA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.246 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f22.1e100.net
Software
sffe /
Resource Hash
81ea274017a7e151b954fb5c793e28287166c3926ebaebfdd9559419e32f15ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:14:27 GMT
x-content-type-options
nosniff
age
2846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60768
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 02 Sep 2023 17:14:27 GMT
truncated
/ Frame 5F64 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
pmpvviA9rrC0JzZ9hADQ-MRMp0s426X2gJOuub9iMT83IR5DH-UwlAs2nTkQWy6jmQngQ-zk=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 5F64 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/pmpvviA9rrC0JzZ9hADQ-MRMp0s426X2gJOuub9iMT83IR5DH-UwlAs2nTkQWy6jmQngQ-zk=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
fife /
Resource Hash
2598cfae08c9d144921720a66b60272b5b177815491ccb5e4321a8ca5970f28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:11:29 GMT
x-content-type-options
nosniff
age
3024
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2883
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 03 Sep 2023 15:11:29 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F64 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7566a2f09ff8534334b7a44f72a1afaba6bdbb782209be8804636ee8b963c75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 21:19:58 GMT
x-content-type-options
nosniff
age
153714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11804
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Aug 2024 21:19:58 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F64 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 22:13:13 GMT
x-content-type-options
nosniff
age
323319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Aug 2024 22:13:13 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5F64 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Sep 2023 16:01:53 GMT
generate_204
www.youtube.com/ Frame 5F64 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?XWfdMQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/BLzLBfRUVvM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.youtube.com/embed/BLzLBfRUVvM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:01:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 02 Sep 2023 16:01:53 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5F64 		90 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0a835141/player_ias.vflset/pl_PL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
ESF /
Resource Hash
d72b65ef7e69d335be166d507db2e7c8b103f071a1cd1f154556b4707f8f8bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 02 Sep 2023 16:01:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 5F64 		28 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0a835141/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
X-Goog-Request-Time
1693670515356
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/BLzLBfRUVvM
X-YouTube-Client-Version
1.20230829.01.00
X-YouTube-Time-Zone
Europe/Warsaw
X-Goog-Visitor-Id
CgtKd1pQMWVQZi1hMCjwuM2nBjIGCgJQTBIA
X-YouTube-Ad-Signals
dt=1693670512390&flash=0&frm=2&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C860%2C484&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 02 Sep 2023 16:01:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sat, 02 Sep 2023 16:01:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
st.chatango.com
URL
http://st.chatango.com/js/gz/emb.js

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| LAST_CORRECT_EVENT_TIME object| utr_795152 number| userTrackingInterval number| _3367110136 object| utr_925450 number| _1840117342 function| s3ii function| P7Q boolean| DEBUG_MODE boolean| ENABLE_LOGS boolean| ENABLE_ONLINE_DEBUGGER boolean| SUPPORT_IE8 boolean| MOBILE_VERSION boolean| EXTERNAL_POLYFILL boolean| SEND_PIXELS boolean| IS_POP_COIN boolean| PIXEL_LOG_LEVEL_INFO boolean| PIXEL_LOG_LEVEL_DEBUG boolean| PIXEL_LOG_LEVEL_WARNING boolean| PIXEL_LOG_LEVEL_ERROR boolean| PIXEL_LOG_LEVEL_METRICS function| G2tt function| a0b function| a0a object| LieDetector object| AaDetector object| mm function| $ function| jQuery function| gtag object| dataLayer number| iinf

6 Cookies

Domain/Path Name / Value
pogothere.xyz/ Name: csu
Value: 1882621298492878@1@1693670511
professionalswebcheck.com/ Name: uid_id2
Value: 8490cc77-625d-493f-bdc5-cabba6ca7fae:1:1
lestlim.xyz/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 8490cc77-625d-493f-bdc5-cabba6ca7fae%3A1%3A1
.youtube.com/ Name: YSC
Value: -4we898TK_g
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: JwZP1ePf-a0
lestlim.xyz/ Name: ppu_main_f279abe142e8d5d32f3a006f34f99032
Value: 1

6 Console Messages

Source Level URL
Text
network error URL: http://lestlim.xyz/di.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://addresseepaper.com/sfp.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7WNcJW_Yoqkow7lPeBhuMtKJj1jIn0ctvnU30GGQZ-XLUi-J-3MLYx6Bo1hDoe2aPOr96keww&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1476471992%3A1693670512272704&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AXo7B7Vvmqc8MGhIXInPtlCHe_s9abf5b1fnYkM28fmHUXMxpyMeCB-9Cmg7Rgm9uX287sXQSFGAVQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1644817508%3A1693670512320082&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: http://st.chatango.com/js/gz/emb.js
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
addresseepaper.com
ajax.googleapis.com
banquetunarmedgrater.com
bit.ly
cthisismoych.com
dba9ytko5p72r.cloudfront.net
eresultedinncre.info
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.imgur.com
i.ytimg.com
jnn-pa.googleapis.com
lestlim.xyz
pogothere.xyz
professionalswebcheck.com
st.chatango.com
static.doubleclick.net
vaccinationwear.com
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
st.chatango.com
142.250.181.234
142.250.184.206
142.250.185.173
142.250.185.246
142.250.185.74
142.250.186.33
142.250.186.66
142.250.186.68
146.75.120.193
157.240.0.35
172.217.16.138
172.217.16.195
172.67.192.182
173.233.137.52
18.66.122.114
18.66.122.41
18.66.188.100
188.114.96.3
192.243.59.12
199.59.243.224
216.58.212.131
216.58.212.166
52.59.89.39
67.199.248.10
0e7ccbb02e6b2aed947978276bf902a62e398aba84ad4c52c71c425212cfeb51
0f3ceaa3cbbe53d0385e4ba830ebd15b4a873fa79e11898316fe11ddbe590325
14fdefb64a4acf54dac81a29522d96cb9733c88193858156de46a2d733964edd
1aaf3d47239c846015982d1149bd8b74746833541f02718385ce9afe92711358
2598cfae08c9d144921720a66b60272b5b177815491ccb5e4321a8ca5970f28e
3080c11aca1d59495e49cdde620dbf017aebcf8ce6c51507e7f68ebd03476f9f
308b53b49d2b04116a858640f11acf54ef665cc016c73c600a154d3ae6d62fd8
3138d756a10a6a77b518cfda00d79eeb993130f41422e708a17767bbd8ff98b1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4184765f08496bcbec0381916f59f49f63e746c4c17f16794dc9ddb8b9175183
515c16ca7d2fbc8eacdb5936effcdabbb860f236a859648db0754d28e7cfb2cc
57e1a11bbbf309d5c4ebac06ba9f26224d32f9253f5a7aab19b93280b1de4ab1
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b5b12793c8ff1229c1a5bc6272d351a919e28497fa61c2d81b7d68485044031
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e69b140df53d0e7f293d2174b92554932bbd123e13cb3209c77c283283f31c4
7566a2f09ff8534334b7a44f72a1afaba6bdbb782209be8804636ee8b963c75f
7d557e30de91c2b43807e54c025a8a87feb02ea009094e71862951391b1d211d
8134751edfa3444773ad14b2a2ffa856a21c255ce0fc88b51d00b392091dc34a
81ea274017a7e151b954fb5c793e28287166c3926ebaebfdd9559419e32f15ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b318130ed616913993536814ead3267ffd27b9d971d12c5285ba5aa592d9c8
87f64771004325683532e7028bdbd018bc6a6b230504593f6896e918a74490ab
8da445a3e2664e8b8fe55d015d4b2b09762bab325395f902e84f6da08c625ae5
9069993468a7c49cf9e9d0e93ec4ab9b8890843a0c69d414596b02dd96f180ea
95002e5ddf7ccd0371fbcddecf8a6751e705dbc86dc494857eb4364400372400
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
9e6c906d57472a058105232ba65d777304d3f55036dd256a7a68ace453b94d32
a04133621370ad488848348ef32fc9a1548243670fffc9fe4cf92c7a03b5eb68
a179cbb9443a24dbfdac2974173e1aa05584bdbd068a23f8c6d479691710ed4d
b12d6089c9ba3a9432ec23d31bd9190be8472c85518ef390c6465f4277d39104
b8748dbc7e76b96896cbbc96ff19dc64b44a87c1ab5cfb57b3d36c6999c781a4
d0a197fa35f7f27c0f5e432f2b7cb5981715ed9330d84de5eafaa82e109b8b26
d72b65ef7e69d335be166d507db2e7c8b103f071a1cd1f154556b4707f8f8bb3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84152f72d9c6fc90b6ff3fad4f8895d02f95e01e3181a994530801201cc4a28
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fb5a3f63874167dd1adae3497ca4d316cfd3554ad01f830ab353deae33ecd171