road.niatorsogalizeb.tk Open in urlscan Pro
2606:4700:3036::ac43:8521 Public Scan

URL:
http://road.niatorsogalizeb.tk/
Submission: On March 16 via api (March 16th 2021, 9:55:43 pm UTC) from BR

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3036::ac43:8521, located in United States and belongs to CLOUDFLARENET, US. The main domain is road.niatorsogalizeb.tk.

This is the only time road.niatorsogalizeb.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3036::ac43:8521	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:196::19fe	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
24	14

1 2606:4700:3036::ac43:8521 (United States)

ASN13335 (CLOUDFLARENET, US)

road.niatorsogalizeb.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:196::19fe (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images-americanas.b2w.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com	678 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	62 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	672 B
1	ytimg.com i.ytimg.com	51 KB
1	ggpht.com yt3.ggpht.com	4 KB
1	google.com www.google.com	6 KB
1	b2w.io images-americanas.b2w.io	91 KB
1	cloudflare.com cdnjs.cloudflare.com	18 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	niatorsogalizeb.tk road.niatorsogalizeb.tk	7 KB
24	10

	Domain	Requested by
9	www.youtube.com	road.niatorsogalizeb.tk www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	www.gstatic.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	images-americanas.b2w.io	road.niatorsogalizeb.tk
1	cdnjs.cloudflare.com	road.niatorsogalizeb.tk
1	fonts.googleapis.com	road.niatorsogalizeb.tk
1	road.niatorsogalizeb.tk
24	12

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
b2wdigital.com DigiCert SHA2 Secure Server CA	`2021-02-02` - `2022-02-06`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://road.niatorsogalizeb.tk/
Frame ID: 055A751EDE1B767BE3B2AFDB4C193435
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EHPAKqSf_g8
Frame ID: EAEEC48D91305FB472B9E1B627B31DF3
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

24
Requests

75 %
HTTPS

100 %
IPv6

10
Domains

12
Subdomains

14
IPs

2
Countries

919 kB
Transfer

2689 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css

Request Chain 13

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
road.niatorsogalizeb.tk/ 17 KB
7 KB 5328ms
5304ms Document
text/html 2606:4700:3036::ac43:8521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://road.niatorsogalizeb.tk/
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:8521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2cc343c1bd3bd3527e49548d2604ecb94c63b2e0bfd47bf9932533cc7e6c890

Request headers

Host: road.niatorsogalizeb.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 21:55:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dc1ffec99483fb44a5790a0c7e98ea5f91615931722; expires=Thu, 15-Apr-21 21:55:22 GMT; path=/; domain=.niatorsogalizeb.tk; HttpOnly; SameSite=Lax ch1c=b
CF-Cache-Status: DYNAMIC
cf-request-id: 08dea261a3000005d0a92cd000000001
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nKSHU3g8az2mSZE3NJqplyYq27tKIBfIPnbo5bxgXJkPVEa%2FiK5vCXkCfk1pRKp5We3uv5Te4L6e6K8cAHrXGY1IJx1tJ%2BmXWtVnt9AU0gXZl9qWkGc5TL2SZJLAJzgCvQ1XtA%3D%3D"}],"group":"cf-nel"}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 631139af6b3d05d0-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK css
fonts.googleapis.com/ 38 KB
2 KB 23ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i

Requested by

Host: road.niatorsogalizeb.tk
URL: http://road.niatorsogalizeb.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d32044294e568c03a11e43a06eaabc3e23a5ebbe55c4d322c907015dc97f014a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://road.niatorsogalizeb.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 21:55:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Mar 2021 21:55:27 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 16 Mar 2021 21:55:27 GMT

GET
H2

200

bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css

157 KB
18 KB

16ms
16ms

Stylesheet
text/css

2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: road.niatorsogalizeb.tk
URL: http://road.niatorsogalizeb.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://road.niatorsogalizeb.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 21:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2334766
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17550
cf-request-id: 08dea2766500004de82aaa9000000001
timing-allow-origin: *
last-modified: Thu, 06 Aug 2020 17:01:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f2c377f-2722e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pU90Q9hNGEuB3R6VsFAcngX6KmVQ2oZebP%2BRGbjOc9gmkPNORosVGAt9Jxfy3X4gqPvhG5qVzEJWXTSCKNQB4O6NES12M8gCpoBd91tIubi7UuDqNg4rO9pPioJ9vih5Dw%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 631139d0afb74de8-FRA
expires: Sun, 06 Mar 2022 21:55:27 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://road.niatorsogalizeb.tk

GET
H2 200 97708665_1_large.jpg
images-americanas.b2w.io/produtos/97708665/imagens/anti-perdidos-safe-kids-gps-tracker-sos-chamada-gsm-relogio-inteligente-telefone-para-ios-android/ 89 KB
91 KB 150ms
133ms Image
image/webp 2a02:26f0:1700:196::19fe
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-americanas.b2w.io/produtos/97708665/imagens/anti-perdidos-safe-kids-gps-tracker-sos-chamada-gsm-relogio-inteligente-telefone-para-ios-android/97708665_1_large.jpg
Requested by: Host: road.niatorsogalizeb.tk
URL: http://road.niatorsogalizeb.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:196::19fe Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: BIS /
Resource Hash: fc9d3feb3ba6600fc77c3c53be8785eee3e0fc972840af98bac277451a72c5ec

Request headers

Referer: http://road.niatorsogalizeb.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 12
date: Tue, 16 Mar 2021 21:55:27 GMT
x-edgeconnect-midmile-rtt: 79
content-disposition: inline; filename="97708665_1.webp"
content-length: 91484
x-request-id: eCHxOEeBT1WEyZbhdCZer
server: BIS
etag: 250e23ece1e0fb496bbaf9d0de9d17937ea8af86bb6d95b03f8f4d6d76ac8411
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control: public, max-age=604800
warning: 35470
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
expires: Tue, 23 Mar 2021 21:55:27 GMT

GET
H2 200 EHPAKqSf_g8 Show response
www.youtube.com/embed/ Frame EAEE 51 KB
21 KB 45ms
44ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EHPAKqSf_g8

Requested by

Host: road.niatorsogalizeb.tk
URL: http://road.niatorsogalizeb.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7accc6a31a3a05ec5b1112680ccb6755f31577891d82e4d78c9dd9d4801168be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/EHPAKqSf_g8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://road.niatorsogalizeb.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://road.niatorsogalizeb.tk/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Mar 2021 21:55:27 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=aL592vm8dAk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=rRMuW4tfSN8; Domain=.youtube.com; Expires=Sun, 12-Sep-2021 21:55:27 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+240; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Poppins%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7COpen%20Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://road.niatorsogalizeb.tk
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 10 Mar 2021 20:35:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:22 GMT
Server: sffe
Age: 523196
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14380
X-XSS-Protection: 0
Expires: Thu, 10 Mar 2022 20:35:31 GMT

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://road.niatorsogalizeb.tk
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 02:29:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Nov 2020 22:01:55 GMT
Server: sffe
Age: 415586
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 7776
X-XSS-Protection: 0
Expires: Sat, 12 Mar 2022 02:29:01 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://road.niatorsogalizeb.tk
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 19:41:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:47 GMT
Server: sffe
Age: 440041
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14880
X-XSS-Protection: 0
Expires: Fri, 11 Mar 2022 19:41:26 GMT

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://road.niatorsogalizeb.tk
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Mar 2021 03:18:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 05 Nov 2020 22:01:48 GMT
Server: sffe
Age: 499015
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 7832
X-XSS-Protection: 0
Expires: Fri, 11 Mar 2022 03:18:32 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/b2e56c01/ Frame EAEE 341 KB
51 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2e56c01/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHPAKqSf_g8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/EHPAKqSf_g8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 00:15:17 GMT
server: sffe
age: 108587
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52229
x-xss-protection: 0
expires: Tue, 15 Mar 2022 15:45:40 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/b2e56c01/www-embed-player.vflset/ Frame EAEE 161 KB
58 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2e56c01/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHPAKqSf_g8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e82bd8f567840279d47dc169ac57460b3195b6e9d8c138964534620fcbdce6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/EHPAKqSf_g8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 00:15:17 GMT
server: sffe
age: 108587
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59637
x-xss-protection: 0
expires: Tue, 15 Mar 2022 15:45:40 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/ Frame EAEE 2 MB
505 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHPAKqSf_g8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ec9dc99e8e7db9c1048749c68a76e2738e2a60ffa59dc79bad31f8f6eab5bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/EHPAKqSf_g8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 00:15:17 GMT
server: sffe
age: 108555
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 517196
x-xss-protection: 0
expires: Tue, 15 Mar 2022 15:46:12 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/b2e56c01/fetch-polyfill.vflset/ Frame EAEE 8 KB
3 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2e56c01/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHPAKqSf_g8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/EHPAKqSf_g8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:45:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 00:15:17 GMT
server: sffe
age: 108585
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Tue, 15 Mar 2022 15:45:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EAEE 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHPAKqSf_g8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 440042
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:25 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame EAEE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
321 B

39ms
39ms

XHR
application/json

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHPAKqSf_g8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e245e53e821d6f3427736fd5effd59fd62d603fcf85b5a828ed6900ef87b04f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 21:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 Mar 2021 21:55:27 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame EAEE 29 B
91 B 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 21:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 863
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 16 Mar 2021 21:56:04 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/ Frame EAEE 97 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4265eaa975ba51f71d28969829a092f38c84dd0ad29ded35534eefe503db5d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/EHPAKqSf_g8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 00:15:17 GMT
server: sffe
age: 108554
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32719
x-xss-protection: 0
expires: Tue, 15 Mar 2022 15:46:13 GMT

GET
H2 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
www.google.com/js/bg/ Frame EAEE 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 19:38:00 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 181047
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Mon, 14 Mar 2022 19:38:00 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/ Frame EAEE 23 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d61ca3e7e8a15ea0b45ae62105c7fbb784d5f89137e0d5fd411f3d603511346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/EHPAKqSf_g8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 00:15:17 GMT
server: sffe
age: 108554
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7323
x-xss-protection: 0
expires: Tue, 15 Mar 2022 15:46:13 GMT

GET
DATA 200
OK truncated
/ Frame EAEE 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwng9WURLsmpT0GAKJrojCtgz6k-pkdVdMhQYgZiG=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame EAEE 4 KB
4 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwng9WURLsmpT0GAKJrojCtgz6k-pkdVdMhQYgZiG=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHPAKqSf_g8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

de57e3c8a8ab4e961280f4b775cf1a1824f246a8c3811dec48b8d02df62c8e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 18:39:54 GMT
x-content-type-options: nosniff
age: 11733
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3869
x-xss-protection: 0
server: fife
etag: "v57"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 06 Mar 2021 08:06:21 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/EHPAKqSf_g8/ Frame EAEE 50 KB
51 KB 72ms
71ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/EHPAKqSf_g8/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EHPAKqSf_g8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3661d0705e64832f420ae274a8463e0321b4f43b3547844d2c43730c373e5a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 21:55:27 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51708
x-xss-protection: 0
expires: Tue, 16 Mar 2021 23:55:27 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame EAEE 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 21:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 16 Mar 2021 21:55:27 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame EAEE 0
36 B 6ms
5ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?f3tmVA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/EHPAKqSf_g8
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/EHPAKqSf_g8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 21:55:27 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EAEE 28 B
224 B 18ms
17ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EHPAKqSf_g8
X-YouTube-Client-Version: 1.20210314.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtyUk11VzR0ZlNOOCjP0sSCBg%3D%3D
X-YouTube-Ad-Signals: dt=1615931727564&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKoiTbtGib1fl8H4xuvxy2onGFfyo6Mii503qeqj95FS5yZVhVW85BPQVWr0LFrnjm86ol5mLSloglrlskJ5O_aekligfw

Response headers

date: Tue, 16 Mar 2021 21:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 16 Mar 2021 21:55:37 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 21:11:23	Name: VISITOR_INFO1_LIVE Value: rRMuW4tfSN8
road.niatorsogalizeb.tk/	1969-12-31 23:59:59	Name: ch1c Value: b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: aL592vm8dAk
.niatorsogalizeb.tk/	1970-01-19 17:35:23	Name: __cfduid Value: dc1ffec99483fb44a5790a0c7e98ea5f91615931722

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
images-americanas.b2w.io
road.niatorsogalizeb.tk
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2606:4700:3036::ac43:8521
2606:4700::6810:125e
2a00:1450:4001:800::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:80e::2016
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:828::2001
2a00:1450:4001:82a::200a
2a02:26f0:1700:196::19fe
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
1ec9dc99e8e7db9c1048749c68a76e2738e2a60ffa59dc79bad31f8f6eab5bba
3661d0705e64832f420ae274a8463e0321b4f43b3547844d2c43730c373e5a3e
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4265eaa975ba51f71d28969829a092f38c84dd0ad29ded35534eefe503db5d24
4e82bd8f567840279d47dc169ac57460b3195b6e9d8c138964534620fcbdce6f
4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5d61ca3e7e8a15ea0b45ae62105c7fbb784d5f89137e0d5fd411f3d603511346
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7accc6a31a3a05ec5b1112680ccb6755f31577891d82e4d78c9dd9d4801168be
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
d32044294e568c03a11e43a06eaabc3e23a5ebbe55c4d322c907015dc97f014a
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de57e3c8a8ab4e961280f4b775cf1a1824f246a8c3811dec48b8d02df62c8e11
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e245e53e821d6f3427736fd5effd59fd62d603fcf85b5a828ed6900ef87b04f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f2cc343c1bd3bd3527e49548d2604ecb94c63b2e0bfd47bf9932533cc7e6c890
fc9d3feb3ba6600fc77c3c53be8785eee3e0fc972840af98bac277451a72c5ec

road.niatorsogalizeb.tk Open in urlscan Pro 2606:4700:3036::ac43:8521 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

75 %HTTPS

100 %IPv6

10 Domains

12 Subdomains

14 IPs

2 Countries

919 kBTransfer

2689 kBSize

4 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

4 Cookies

Indicators

road.niatorsogalizeb.tk Open in urlscan Pro
2606:4700:3036::ac43:8521 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

75 %
HTTPS

100 %
IPv6

10
Domains

12
Subdomains

14
IPs

2
Countries

919 kB
Transfer

2689 kB
Size

4
Cookies

24 HTTP transactions
1 data transactions