URL: https://postconsrytsaddbul.tk/
Submission: On November 25 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3036::6815:5e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is postconsrytsaddbul.tk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 25th 2021. Valid for: a year.
This is the only time postconsrytsaddbul.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 142.250.186.163 15169 (GOOGLE)
19 8
Domain Requested by
7 www.youtube.com postconsrytsaddbul.tk
www.youtube.com
4 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
1 www.cdc.gov postconsrytsaddbul.tk
1 espana-eunic.eu postconsrytsaddbul.tk
1 m.media-amazon.com postconsrytsaddbul.tk
1 fonts.googleapis.com postconsrytsaddbul.tk
1 postconsrytsaddbul.tk
19 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-11-25 -
2022-11-24
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2
2021-08-09 -
2022-07-24
a year crt.sh
*.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
www.cdc.gov
GeoTrust RSA CA 2018
2021-10-23 -
2022-10-25
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh

This page contains 3 frames:

Primary Page: https://postconsrytsaddbul.tk/
Frame ID: 8705B521B2C7D48225DA1E38B25C4D21
Requests: 7 HTTP requests in this frame

Frame: https://www.youtube.com/embed/w7Ljqw3UZEY
Frame ID: 3059166C2E67AF7ADD9254301C7E9443
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/291GL5NAB7g
Frame ID: 8EF21FC8F8B952E987527D659E549AD6
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Ellas son las 20 mujeres más ricas de EEUU, según Forbes

Page Statistics

19
Requests

84 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

562 kB
Transfer

1626 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
postconsrytsaddbul.tk/
66 KB
23 KB
Document
General
Full URL
https://postconsrytsaddbul.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:5e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a74e05aeb46268f72e3345533157219cefc2bf7c52aa80b09160529592768cb8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 25 Nov 2021 00:45:21 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9yF2pdsfRD%2B%2FjApsslCKyYneVVY50LH942f%2B367i4F2EjjmE%2B%2Fl0EbRdsiOi5AqMsX04bhmnfDN1OmCa7zWHgNb6%2BcpjYE4zTWZIIfcqWniJSoam05r3VVMNZg4Fe4vw93pTDsqnjWzHzWuOcMWiu2WpIo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b36da91d8666983-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Requested by
Host: postconsrytsaddbul.tk
URL: https://postconsrytsaddbul.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db65b6dc8f89c8b766feed64ee54961c71e3cf90bb653c8a2a09efa356a92d43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postconsrytsaddbul.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 23:50:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Nov 2021 00:45:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Nov 2021 00:45:21 GMT
MV5BMDU2OTJiM2UtNzhlNC00YWQzLWFhZmMtZjFjNzliYzNjZDY2XkEyXkFqcGdeQXVyMTYwMzUwMzk@._V1_UY1200_CR108,0,630,1200_AL_.jpg
m.media-amazon.com/images/M/
119 KB
119 KB
Image
General
Full URL
https://m.media-amazon.com/images/M/MV5BMDU2OTJiM2UtNzhlNC00YWQzLWFhZmMtZjFjNzliYzNjZDY2XkEyXkFqcGdeQXVyMTYwMzUwMzk@._V1_UY1200_CR108,0,630,1200_AL_.jpg
Requested by
Host: postconsrytsaddbul.tk
URL: https://postconsrytsaddbul.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4108ca9da399c97c5cd0cfe35d2fa3b7d0c3dc24fcd3772b1791ef354eadf5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postconsrytsaddbul.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 00:45:21 GMT
last-modified
Fri, 03 Mar 2017 21:28:19 GMT
age
0
x-cache
MISS from fastly, MISS from fastly
x-nginx-cache-status
HIT
access-control-allow-origin
*
expires
Sun, 17 Nov 2041 12:04:18 GMT
cache-control
max-age=630720000,public
x-amz-ir-id
a7c989b1-90cf-485d-864f-ce17a51361e0
accept-ranges
bytes
content-type
image/jpeg
content-length
121438
x-served-by
cache-dca17774-DCA, cache-hhn4054-HHN
0a0afa500597c76d41eed361060b0b07.jpg
espana-eunic.eu/wp-content/uploads/2020/08/
101 KB
102 KB
Image
General
Full URL
https://espana-eunic.eu/wp-content/uploads/2020/08/0a0afa500597c76d41eed361060b0b07.jpg
Requested by
Host: postconsrytsaddbul.tk
URL: https://postconsrytsaddbul.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1c7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
d65e9ff4af68656bfaffc8468384f2f97a74e646eb3236ce96d4d062a144d1a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postconsrytsaddbul.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 00:45:22 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Nov 2021 00:45:22 GMT
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bls4DuKiXvQuB00f98G0vzVoq2tkDiLAXmsSKb2X3ysKwF9XJl4xW3G4Hqv3bro%2FhtKljL%2BQtxRcW50mh6yKfz2GCmONw7lWgrXWhGmhfHMxm%2Bu4ncyc4MBHa8vv1rtjy%2FbuGoVgl2kWhwsoDv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b36da928aac5b2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
w7Ljqw3UZEY
www.youtube.com/embed/ Frame 3059
60 KB
25 KB
Document
General
Full URL
https://www.youtube.com/embed/w7Ljqw3UZEY
Requested by
Host: postconsrytsaddbul.tk
URL: https://postconsrytsaddbul.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50aad86615366e062e46b159d2cd7e5943801fe392c202c659d97b534fbd1fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://postconsrytsaddbul.tk/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 25 Nov 2021 00:45:21 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
291GL5NAB7g
www.youtube.com/embed/ Frame 8EF2
59 KB
25 KB
Document
General
Full URL
https://www.youtube.com/embed/291GL5NAB7g
Requested by
Host: postconsrytsaddbul.tk
URL: https://postconsrytsaddbul.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9893024c9151371b3acfd8cbb39cc38c38b7e825a6695b53ee22044144ee1433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://postconsrytsaddbul.tk/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 25 Nov 2021 00:45:21 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cdc-hiv-ethnicity-2-es-552x500.png
www.cdc.gov/hiv/spanish/images/statistics/overview/
60 KB
60 KB
Image
General
Full URL
https://www.cdc.gov/hiv/spanish/images/statistics/overview/cdc-hiv-ethnicity-2-es-552x500.png
Requested by
Host: postconsrytsaddbul.tk
URL: https://postconsrytsaddbul.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::2461 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e34fb5504eb10ba8e799c74b97dd00a3fff1d335a225827140afc8c272e7b6d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://postconsrytsaddbul.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 00:45:21 GMT
last-modified
Wed, 10 Jun 2020 18:36:29 GMT
server
Microsoft-IIS/10.0
etag
"e9b56fe563fd61:0"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
srv
3
content-length
61255
x-ua-compatible
IE=edge
www-player-webp.css
www.youtube.com/s/player/10df06bb/ Frame 8EF2
336 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/10df06bb/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/291GL5NAB7g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c55743b58d342599d6de2048f24e73a34db12343acaf87b41083cb90d35304f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/291GL5NAB7g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 16:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
117770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47200
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 23 Nov 2022 16:02:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8EF2
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/291GL5NAB7g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 17:06:41 GMT
x-content-type-options
nosniff
age
113921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/10df06bb/www-embed-player.vflset/ Frame 8EF2
92 KB
0
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/291GL5NAB7g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/291GL5NAB7g
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 12:19:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
44775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71977
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 24 Nov 2022 12:19:07 GMT
base.js
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame 8EF2
0
0

fetch-polyfill.js
www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/ Frame 8EF2
0
0

www-player-webp.css
www.youtube.com/s/player/10df06bb/ Frame 3059
0
0

KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3059
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/w7Ljqw3UZEY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 17:06:41 GMT
x-content-type-options
nosniff
age
113921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/10df06bb/www-embed-player.vflset/ Frame 3059
215 KB
70 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/w7Ljqw3UZEY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5241d3458a6081971613b26af579e3e5bb320d399bd699bf0b943f72f10271ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/w7Ljqw3UZEY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 12:19:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
44775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71977
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 24 Nov 2022 12:19:07 GMT
base.js
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame 3059
417 KB
0
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/w7Ljqw3UZEY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/w7Ljqw3UZEY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 16:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
117771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
535067
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 23 Nov 2022 16:02:31 GMT
fetch-polyfill.js
www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/ Frame 3059
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/w7Ljqw3UZEY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/w7Ljqw3UZEY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 12:19:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
44777
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Tue, 23 Nov 2021 14:49:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 24 Nov 2022 12:19:05 GMT
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v7/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://postconsrytsaddbul.tk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:21:57 GMT
x-content-type-options
nosniff
age
473005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27240
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:06:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 19 Nov 2022 13:21:57 GMT
jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
fonts.gstatic.com/s/librefranklin/v7/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/librefranklin/v7/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
a1bfa93165e5e460e37883ea167cdf8b99b7c618f45019b43b00fa102474ab74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://postconsrytsaddbul.tk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 14:08:17 GMT
x-content-type-options
nosniff
age
124625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30536
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:05:32 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 23 Nov 2022 14:08:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/fetch-polyfill.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/10df06bb/www-player-webp.css

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

3 Cookies

Domain/Path Name / Value
postconsrytsaddbul.tk/ Name: ch1c
Value: b
.youtube.com/ Name: YSC
Value: BhO6P4Pw3xc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: tsCxG7j8vK0