urlscan.io logo urlscan.io
SecurityTrails logo

aliveafterthefall.com Open in urlscan Pro
192.241.142.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://b3801xeuozakez5zzf6zk2na15.hop.clickbank.net/
Effective URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Submission: On March 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 40 HTTP transactions. The main IP is 192.241.142.79, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is aliveafterthefall.com.
TLS certificate: Issued by R3 on January 17th 2021. Valid for: 3 months.
This is the only time aliveafterthefall.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    34.215.57.22 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-57-22.us-west-2.compute.amazonaws.com
b3801xeuozakez5zzf6zk2na15.hop.clickbank.net
8    192.241.142.79 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
aliveafterthefall.com
2    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    54.203.38.120 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-38-120.us-west-2.compute.amazonaws.com
cbtb.clickbank.net
10    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.216.162.83 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
miscx-resources.s3.amazonaws.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
static.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
4    143.204.90.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-90-126.fra50.r.cloudfront.net
prod.cbstatic.net
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
seal-boise.bbb.org
Domain Requested by
10 www.youtube.com aliveafterthefall.com
www.youtube.com
8 aliveafterthefall.com 1 redirects aliveafterthefall.com
4 prod.cbstatic.net cbtb.clickbank.net
prod.cbstatic.net
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google-analytics.com aliveafterthefall.com
www.google-analytics.com
2 maxcdn.bootstrapcdn.com aliveafterthefall.com
2 b3801xeuozakez5zzf6zk2na15.hop.clickbank.net 2 redirects
1 seal-boise.bbb.org
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 miscx-resources.s3.amazonaws.com aliveafterthefall.com
1 cbtb.clickbank.net aliveafterthefall.com
1 fonts.googleapis.com aliveafterthefall.com
1 cdnjs.cloudflare.com aliveafterthefall.com
1 ajax.googleapis.com aliveafterthefall.com
40 18

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
aatf.alivefall.pay.clickbank.net
Subject Issuer Validity Valid
aliveafterthefall.com
R3		 2021-01-17 -
2021-04-17		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.clickbank.net
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
edgestatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.cbstatic.net
Amazon		 2020-10-16 -
2021-11-15		 a year crt.sh
*.bbb.org
GeoTrust RSA CA 2018		 2020-05-15 -
2022-07-03		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Frame ID: 000F085EE41592164D2838F42CF524F3
Requests: 27 HTTP requests in this frame

Frame: https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
Frame ID: BBE5676190BB22F89D7F71D718826A42
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://b3801xeuozakez5zzf6zk2na15.hop.clickbank.net/ HTTP 301
    http://b3801xeuozakez5zzf6zk2na15.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Faliveafterthefall.com%2Ftraffic.php%3Fhop%3D31... HTTP 301
    https://aliveafterthefall.com/traffic.php?hop=314ld HTTP 302
    https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

40
Requests

100 %
HTTPS

68 %
IPv6

15
Domains

18
Subdomains

18
IPs

4
Countries

2602 kB
Transfer

3459 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://b3801xeuozakez5zzf6zk2na15.hop.clickbank.net/ HTTP 301
    http://b3801xeuozakez5zzf6zk2na15.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Faliveafterthefall.com%2Ftraffic.php%3Fhop%3D314ld&hstr=1614869168770%7C314ld%7C%7C5f91d691-908d-4c2c-b7d2-9517c48f4253%7C%7Calivefall&code=%7B7%7D&key=4B55B513&parms=&s=default&ds=2&ts=01.B47D3565DF6DBD3455A461D9D5D23E4717869971 HTTP 301
    https://aliveafterthefall.com/traffic.php?hop=314ld HTTP 302
    https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set front-ctrl.php
aliveafterthefall.com/nht_v57/
Redirect Chain
  • http://b3801xeuozakez5zzf6zk2na15.hop.clickbank.net/
  • http://b3801xeuozakez5zzf6zk2na15.hop.clickbank.net/hop/?CBRehoppp2=https%3A%2F%2Faliveafterthefall.com%2Ftraffic.php%3Fhop%3D314ld&hstr=1614869168770%7C314ld%7C%7C5f91d691-908d-4c2c-b7d2-9517c48f4...
  • https://aliveafterthefall.com/traffic.php?hop=314ld
  • https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.241.142.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
69f6d257eb0a429800304b57c6d8f36f5ffd0b6138b1d0fd9e76e4e5c8a495da

Request headers

Host
aliveafterthefall.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Thu, 04 Mar 2021 14:46:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
visitor_id=DuOx1691YkFH; path=/; domain=aliveafterthefall.com
Content-Encoding
gzip

Redirect headers

Server
nginx/1.10.3 (Ubuntu)
Date
Thu, 04 Mar 2021 14:46:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19240
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:50:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586536
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Feb 2022 19:50:33 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9538
ouibounce.min.js
cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.12/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ouibounce/0.0.12/ouibounce.min.js
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4126822
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
665
cf-request-id
089f4d1d8c0000175e6984b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f3f-658"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=snrjlB14Xmw7A1CBLBjoltO5S1g25jTzT0hBBNvx8%2FxAT%2FrxEfOyZTiO5vOjVwvWNZ1OMq%2F3hV47ekI0d2PQZz5esmpmi7im%2F%2Fgqb9gzDa1hA0ll0HiYGq%2BHFtoZsONm0A%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62abe475af99175e-FRA
expires
Tue, 22 Feb 2022 14:46:09 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ab0e41b80b76060e4190899cc7463aa8f4dadaba3d84c6d8523734ee6fbf1ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 14:38:39 GMT
server
ESF
date
Thu, 04 Mar 2021 14:46:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Mar 2021 14:46:09 GMT
style.css
aliveafterthefall.com/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aliveafterthefall.com/css/style.css
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.241.142.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
db95b45954e286bc8793de56a87737a93f6edf98196acd3d50e1c63d44c5ed54

Request headers

Referer
https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 14:46:09 GMT
Last-Modified
Fri, 05 Jun 2020 11:33:45 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5eda2d99-178f"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6031
ouibounce-red.css
aliveafterthefall.com/css/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aliveafterthefall.com/css/ouibounce-red.css
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.241.142.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
99ea83af5dae2efb62eb1351067f1a970548d614f5aa0ee540f0b7e2f033a7ab

Request headers

Referer
https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 14:46:09 GMT
Last-Modified
Tue, 30 Jun 2020 13:29:19 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5efb3e2f-151c"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5404
loading1.gif
aliveafterthefall.com/nht_v57/images/ 		580 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aliveafterthefall.com/nht_v57/images/loading1.gif
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.241.142.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9e3dad9d075c73dc68d76bdfee5a2400bb8da07094c1059544b434177a8789f0

Request headers

Referer
https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 14:46:09 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
aatf-ctrl2-default.png
aliveafterthefall.com/nht_v57/images/ 		173 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aliveafterthefall.com/nht_v57/images/aatf-ctrl2-default.png
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.241.142.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e49cb95af9f60f84b606b6ff4eee2d785c5e125991a9183bfed5d76414e3dd82

Request headers

Referer
https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 14:46:09 GMT
Last-Modified
Tue, 16 Jun 2020 13:27:43 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5ee8c8cf-2b5ee"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
177646
pop-close-button.png
aliveafterthefall.com/nht_v57/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aliveafterthefall.com/nht_v57/images/pop-close-button.png
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.241.142.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d10901ea5c96ebc05e98acdf698323f5bef3dce0e0d054ae729d88fa1e675288

Request headers

Referer
https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 14:46:09 GMT
Last-Modified
Tue, 16 Jun 2020 13:28:09 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5ee8c8e9-3bb0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15280
/
cbtb.clickbank.net/ 		937 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbtb.clickbank.net/?vendor=alivefall
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.38.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-38-120.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
65d4062ed1735ab369ee4d463a15ad345616ca58adf0c822584a1a10eb2ccd01

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:10 GMT
cache-control
max-age=900
server
Apache
content-length
937
content-type
text/javascript;charset=UTF-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7420197422531b5fa087bf4b901a11acf3c83aa6377feed425bd47ae95d12b3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
iframe_api
www.youtube.com/ 		810 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d960062424eec119eaf55c137f7dad6e793ae42360e0b5ed9f7d23f00801865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 04 Mar 2021 14:46:09 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
2613
date
Thu, 04 Mar 2021 14:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 04 Mar 2021 16:02:36 GMT
aatf_bg1.jpg
aliveafterthefall.com/nht_v50/images/ 		212 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aliveafterthefall.com/nht_v50/images/aatf_bg1.jpg
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.241.142.79 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2efb84572d761ce22cc68bd559a6360e128608e681d90e065c87866e5e70d298

Request headers

Referer
https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 14:46:09 GMT
Last-Modified
Wed, 17 Jan 2018 13:47:08 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5a5f53dc-35072"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
217202
6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18S0xR41.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18S0xR41.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b90bddaa859eeeff46ee20815774c407611aeb85de431d919cb8e50f18a4d693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://aliveafterthefall.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 25 Feb 2021 19:41:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
age
587082
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12628
x-xss-protection
0
expires
Fri, 25 Feb 2022 19:41:27 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://aliveafterthefall.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:56:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:14 GMT
server
sffe
age
85800
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13324
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:56:09 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,400italic,700italic
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://aliveafterthefall.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 14:22:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
age
519804
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12976
x-xss-protection
0
expires
Sat, 26 Feb 2022 14:22:45 GMT
www-widgetapi.js
www.youtube.com/s/player/0d54190b/www-widgetapi.vflset/ 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d54190b/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f0096bdfd5ee9660448f45c4dbe4060d184c4e0bd353b01a8f27a8ae3180b09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 04:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 01:37:23 GMT
server
sffe
age
38495
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38396
x-xss-protection
0
expires
Fri, 04 Mar 2022 04:04:34 GMT
collect
www.google-analytics.com/j/ 		2 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=212822405&t=pageview&_s=1&dl=https%3A%2F%2Faliveafterthefall.com%2Fnht_v57%2Ffront-ctrl.php%3Fparam1%3Dnht_v57%26hop%3D314ld&ul=en-us&de=UTF-8&dt=Alive%20After%20the%20Fall&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=249802025&gjid=1082398597&cid=1391015502.1614869170&tid=UA-73564542-6&_gid=471459964.1614869170&_r=1&_slc=1&z=1570804181
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Mar 2021 14:46:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aliveafterthefall.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
thumb_va.jpg
miscx-resources.s3.amazonaws.com/videos/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://miscx-resources.s3.amazonaws.com/videos/thumb_va.jpg
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.162.83 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
8d21dee492e74d8ecb27f4f91addcc18e8fd4a94533ac5a7336113935de2c8b6

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 14:46:11 GMT
Last-Modified
Wed, 09 May 2018 13:08:25 GMT
Server
AmazonS3
x-amz-request-id
XMY1675K9FYQV45G
ETag
"cdb98d2ef254f3ed4fba2355b63d5659"
Content-Type
image/jpeg
x-amz-version-id
null
Accept-Ranges
bytes
Content-Length
125613
x-amz-id-2
a3BeVOZtt+rRMtPVxhHPEbXn1/1Jssv12JkvPtrgaQjUMQoRY8qr7XSGzQmdMsEQA/HeF87Jizc=
KHjNafreDX0
www.youtube.com/embed/ Frame BBE5 		51 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dae33e1cc23e47cc4ff84258a77637a84d9b9dfc2d8ca69876eba458405f698a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aliveafterthefall.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=KtPW2O-cUSY; VISITOR_INFO1_LIVE=F-MdoucWmbY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://aliveafterthefall.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 04 Mar 2021 14:46:09 GMT
strict-transport-security
max-age=31536000
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+037; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/0d54190b/ Frame BBE5 		340 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d54190b/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 11:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 01:37:23 GMT
server
sffe
age
11767
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52174
x-xss-protection
0
expires
Fri, 04 Mar 2022 11:30:02 GMT
www-embed-player.js
www.youtube.com/s/player/0d54190b/www-embed-player.vflset/ Frame BBE5 		157 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d54190b/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2545a8e726304bbcce185eec7a251329f281cdf72dc4b453031e9ba12ae94d9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 01:37:23 GMT
server
sffe
age
169223
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58559
x-xss-protection
0
expires
Wed, 02 Mar 2022 15:45:46 GMT
base.js
www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/ Frame BBE5 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5aacbe59e92cf2bbb057f91f63582dc32bdca7d3c4c182be06c69b5f4d7e0cac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 22:11:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 01:37:23 GMT
server
sffe
age
59683
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1601684
x-xss-protection
0
expires
Thu, 03 Mar 2022 22:11:26 GMT
fetch-polyfill.js
www.youtube.com/s/player/0d54190b/fetch-polyfill.vflset/ Frame BBE5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d54190b/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 01:37:23 GMT
server
sffe
age
169223
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Wed, 02 Mar 2022 15:45:46 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BBE5 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 22:24:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
58880
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10748
x-xss-protection
0
expires
Thu, 03 Mar 2022 22:24:49 GMT
id
googleads.g.doubleclick.net/pagead/ Frame BBE5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6118402283990938182f9f790af3d9a812d5d27a59e256a1002d9c85f2607e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 04 Mar 2021 14:46:10 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BBE5 		29 B
177 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:45:30 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
40
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 04 Mar 2021 15:00:30 GMT
gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js
www.google.com/js/bg/ Frame BBE5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 10:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
14746
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6234
x-xss-protection
0
expires
Fri, 04 Mar 2022 10:40:24 GMT
embed.js
www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/ Frame BBE5 		29 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4be458dd03e4695e9971cc1bd5971c418fa5921684a2654e1f855bf15cdf0bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Mar 2021 15:52:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 01:37:23 GMT
server
sffe
age
168839
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30190
x-xss-protection
0
expires
Wed, 02 Mar 2022 15:52:11 GMT
truncated
/ Frame BBE5 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnge3uphWQyfWUr7KUKfTTYXehAfgwMmdLTgBg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame BBE5 		994 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnge3uphWQyfWUr7KUKfTTYXehAfgwMmdLTgBg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
71108b4a089f8ca1ddbffd787a2177f5d6d1d7267133dccd027f3941eaf03609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:16:00 GMT
x-content-type-options
nosniff
server
fife
age
1810
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
994
x-xss-protection
0
expires
Fri, 05 Mar 2021 14:16:00 GMT
maxresdefault.jpg
i.ytimg.com/vi/KHjNafreDX0/ Frame BBE5 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/KHjNafreDX0/maxresdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae7e6d438421205652b2ede97bd748e07edc517f02f75b36b2e6e8cad934e4c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:31:43 GMT
x-content-type-options
nosniff
server
sffe
age
867
etag
"1588684656"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82825
x-xss-protection
0
expires
Thu, 04 Mar 2021 16:31:43 GMT
injectable.js
prod.cbstatic.net/dist/ 		187 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=alivefall
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-126.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:11 GMT
content-encoding
gzip
last-modified
Mon, 21 Dec 2020 21:57:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"af651c30e1a69f6f2124e9c1d094a300"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
x-amz-version-id
RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
x-amz-cf-id
5FtPEUvzYoWAXBWj2NgCxmbjqUkVjbGKIqX8niJMg6QegcSMJ4r0Wg==
generate_204
www.youtube.com/ Frame BBE5 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?uk2flg
Requested by
Host: aliveafterthefall.com
URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:10 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
app-strings-en.json
prod.cbstatic.net/dist/i18n/ 		9 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-126.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept
application/json
Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:12 GMT
via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"cdfca8b09e61ae7324e48f01984c9b34"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Miss from cloudfront
content-type
application/json
content-length
9
x-amz-cf-id
U0ipqPYAUaiL2sLJEEBmhH3IR4ozM1C1A6mzwCNEJt52k4JBIJLPqQ==
logo-header-white-en.png
prod.cbstatic.net/dist/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.cbstatic.net/dist/assets/logo-header-white-en.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-126.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
463f0ce8002a6099321101b5fba38ffd479e524467f96b1b47bf5f7f3d98be02

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:12 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"c5cd3bf3708ca18dc29907bca5361917"
x-cache
Miss from cloudfront
x-amz-version-id
MDOIjhR_M6jNbjX8RkIPq2C7ONOX6nUv
content-type
image/png
content-length
3010
x-amz-cf-id
R1FHpX4XK6Dq5e2ye4bFbH4pbUrBv7O2Fw1gTZmLL3kfRzabmJsT0Q==
logo-tab-white-en.png
prod.cbstatic.net/dist/assets/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.cbstatic.net/dist/assets/logo-tab-white-en.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.90.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-90-126.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2480b0e815e72badeae95b3ea9bc8f83d9c08391fafbe6b87ea756b7f26448ac

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:11 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"dc81e32fb5cefc7eb584522b0e2b6c2f"
x-cache
Miss from cloudfront
x-amz-version-id
cNeRH7m7.WywkvAuxfTwU5dXD8BBTjq_
content-type
image/png
content-length
3779
x-amz-cf-id
UNHSksEvgKOTn238UuhFjYPCYMoQNOdXLsLavZQFnPAZGnA28ht7QA==
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / ASP.NET
Resource Hash
2fb7599780471e8352d1be9de3310547427d5e0d7807aab7e22228601c9044c0

Request headers

Referer
https://aliveafterthefall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:46:10 GMT
last-modified
Mon, 01 Mar 2021 09:09:54 GMT
server
keycdn-engine
x-aspnet-version
4.0.30319
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-shield
active
content-length
4284
expires
Thu, 04 Mar 2021 18:46:10 GMT
log_event
www.youtube.com/youtubei/v1/ Frame BBE5 		28 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0d54190b/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/KHjNafreDX0?html5=1&enablejsapi=1&autoplay=0&controls=0&fs=0&rel=0&showinfo=0&modestbranding=1&origin=https%3A%2F%2Faliveafterthefall.com&widgetid=1
X-YouTube-Client-Version
1.20210301.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtGLU1kb3VjV21iWSix5YOCBg%3D%3D
X-YouTube-Ad-Signals
dt=1614869169962&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C850%2C598&vis=1&wgl=true&ca_type=image&bid=ANyPxKpvEDFkhM8XLBWk1OblwVzniTc3FrrP1SeBoQ7lBQ_1NSckXe7frtjOErygJ4wSA2LwD6vvVNDR7axNraEv6aANaOEQ5w

Response headers

date
Thu, 04 Mar 2021 14:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 04 Mar 2021 14:46:20 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| jQuery1111047081285207767376 function| ouibounce string| control_val object| player function| downloadYTAPI function| onYouTubeIframeAPIReady function| onPlayerReady function| onPlayerStateChange function| resizeVideo function| checkmouseout function| hideThumbnail function| showThumbnail function| playerMouseOver function| playerMouseOut function| cname function| elementID function| clickThumbnail undefined| vplayer object| _ouibounce function| show_buy_button function| register_click function| hasClass function| alert_user string| GoogleAnalyticsObject function| ga string| scriptUrl object| YT object| YTConfig function| onYTReady object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey undefined| Handlebars object| JSON3 undefined| returnExports function| cbtb

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld(Line 192)
Message:
READY!
console-api log URL: https://aliveafterthefall.com/nht_v57/front-ctrl.php?param1=nht_v57&hop=314ld(Line 263)
Message:
5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
aliveafterthefall.com
b3801xeuozakez5zzf6zk2na15.hop.clickbank.net
cbtb.clickbank.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
maxcdn.bootstrapcdn.com
miscx-resources.s3.amazonaws.com
prod.cbstatic.net
seal-boise.bbb.org
static.doubleclick.net
www.google-analytics.com
www.google.com
www.youtube.com
yt3.ggpht.com
142.250.185.70
143.204.90.126
192.241.142.79
2001:4de0:ac19::1:b:3b
2606:4700::6810:135e
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a0b:4d07:101::1
34.215.57.22
52.216.162.83
54.203.38.120
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
0ab0e41b80b76060e4190899cc7463aa8f4dadaba3d84c6d8523734ee6fbf1ea
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1d960062424eec119eaf55c137f7dad6e793ae42360e0b5ed9f7d23f00801865
2480b0e815e72badeae95b3ea9bc8f83d9c08391fafbe6b87ea756b7f26448ac
2545a8e726304bbcce185eec7a251329f281cdf72dc4b453031e9ba12ae94d9b
2efb84572d761ce22cc68bd559a6360e128608e681d90e065c87866e5e70d298
2fb7599780471e8352d1be9de3310547427d5e0d7807aab7e22228601c9044c0
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
463f0ce8002a6099321101b5fba38ffd479e524467f96b1b47bf5f7f3d98be02
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
4be458dd03e4695e9971cc1bd5971c418fa5921684a2654e1f855bf15cdf0bed
4f0096bdfd5ee9660448f45c4dbe4060d184c4e0bd353b01a8f27a8ae3180b09
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5aacbe59e92cf2bbb057f91f63582dc32bdca7d3c4c182be06c69b5f4d7e0cac
6118402283990938182f9f790af3d9a812d5d27a59e256a1002d9c85f2607e85
65d4062ed1735ab369ee4d463a15ad345616ca58adf0c822584a1a10eb2ccd01
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69f6d257eb0a429800304b57c6d8f36f5ffd0b6138b1d0fd9e76e4e5c8a495da
71108b4a089f8ca1ddbffd787a2177f5d6d1d7267133dccd027f3941eaf03609
8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7
8d21dee492e74d8ecb27f4f91addcc18e8fd4a94533ac5a7336113935de2c8b6
99ea83af5dae2efb62eb1351067f1a970548d614f5aa0ee540f0b7e2f033a7ab
9e3dad9d075c73dc68d76bdfee5a2400bb8da07094c1059544b434177a8789f0
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ae7e6d438421205652b2ede97bd748e07edc517f02f75b36b2e6e8cad934e4c9
b74c3b8c5f786bcc4aa29f55ca0b178a0e2b5fcc6da3057a121bececc1b572ea
b90bddaa859eeeff46ee20815774c407611aeb85de431d919cb8e50f18a4d693
c7420197422531b5fa087bf4b901a11acf3c83aa6377feed425bd47ae95d12b3
cbe0caad9e694346ebc2e2cc991047f92dd8ae4fb06c87e4d002ea6c3b9a27bb
d10901ea5c96ebc05e98acdf698323f5bef3dce0e0d054ae729d88fa1e675288
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dae33e1cc23e47cc4ff84258a77637a84d9b9dfc2d8ca69876eba458405f698a
db95b45954e286bc8793de56a87737a93f6edf98196acd3d50e1c63d44c5ed54
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49cb95af9f60f84b606b6ff4eee2d785c5e125991a9183bfed5d76414e3dd82
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f