bankwafro.tk Open in urlscan Pro
2606:4700:3031::ac43:b248 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bankwafro.tk/
Submission: On January 07 via automatic, source certstream-suspicious (January 7th 2022, 12:34:24 pm UTC) — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3031::ac43:b248, located in United States and belongs to CLOUDFLARENET, US. The main domain is bankwafro.tk.
TLS certificate: Issued by R3 on January 7th 2022. Valid for: 3 months.

This is the only time bankwafro.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::ac43:b248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 2	87.238.33.154 87.238.33.154	39029 (REDPILL-L...) (REDPILL-LINPRO Redpill Linpro)
1	81.0.213.148 81.0.213.148	15685 (CASABLANC...) (CASABLANCA-AS Internet & Collocation Provider)
1	46.32.242.18 46.32.242.18	20738 (GD-EMEA-D...) (GD-EMEA-DC-LD5)
9	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
25	14

1 2606:4700:3031::ac43:b248 (United States)

ASN13335 (CLOUDFLARENET, US)

bankwafro.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.238.33.154 (Oslo, Norway) 1 redirects

ASN39029 (REDPILL-LINPRO Redpill Linpro, NO)

presizely.abcmedia.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imaginary.abcmedia.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.0.213.148 (Czech Republic)

ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ)
PTR: hope.mapfactor.com

www.mapfactor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.32.242.18 (Leeds, United Kingdom)

ASN20738 (GD-EMEA-DC-LD5, DE)
PTR: whvcl46-32-242-18.whvcl.webfusion.com

www.bbk-direct.uk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	714 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	115 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 static.doubleclick.net — Cisco Umbrella Rank: 341	1 KB
2	abcmedia.no 1 redirects presizely.abcmedia.no imaginary.abcmedia.no	16 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 112	41 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 8	14 KB
1	uk.com www.bbk-direct.uk.com	1 KB
1	mapfactor.com www.mapfactor.com	1 MB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	bankwafro.tk bankwafro.tk	16 KB
25	11

	Domain	Requested by
9	www.youtube.com	bankwafro.tk www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.bbk-direct.uk.com	bankwafro.tk
1	www.mapfactor.com	bankwafro.tk
1	imaginary.abcmedia.no	bankwafro.tk
1	presizely.abcmedia.no	1 redirects
1	fonts.googleapis.com	bankwafro.tk
1	bankwafro.tk
25	14

This site contains no links.

Subject Issuer	Validity	Valid
*.bankwafro.tk R3	`2022-01-07` - `2022-04-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.mapfactor.com R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh
www.bbk-direct.uk.com Starfield Secure Certificate Authority - G2	`2021-07-25` - `2022-08-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bankwafro.tk/
Frame ID: 05D60B3D2DE2BE33E629B707BFF98B61
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BIi-S-xyI0M
Frame ID: 5CB80731F895E35950507B15FDF4A015
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

kvinne søker kvinne førde

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

25
Requests

92 %
HTTPS

77 %
IPv6

11
Domains

14
Subdomains

14
IPs

5
Countries

2142 kB
Transfer

4130 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://presizely.abcmedia.no/500x,q75,prog,sh:1.2:1.2:1.2/https://abcnyheter.drpublish.aptoma.no/out/images/article//2012/05/07/195116073/1/original/2197713.jpg HTTP 301
https://imaginary.abcmedia.no/resize?width=500&quality=75&interlace=true&url=https%3A%2F%2Fabcnyheter.drpublish.aptoma.no%2Fout%2Fimages%2Farticle%2F%2F2012%2F05%2F07%2F195116073%2F1%2Foriginal%2F2197713.jpg

Request Chain 13

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

25 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bankwafro.tk/ 41 KB
16 KB 106ms
52ms Document
text/html 2606:4700:3031::ac43:b248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bankwafro.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36858c35f80e532139ca0bd12d9df502b185bcca946d80e373352721ca23be85

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 07 Jan 2022 12:34:19 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEy7MSytL1mlLQFAY5UF%2BXrYUQmnEAuJJdk8pxNhuww8JgiEG1kmwBhYM0DCI8uHRLPjfMQsiRHbDdERLcScfb3muNdG1WSFcIF%2BiNxBzu5cu6cWQDmt9aTi6LPFDovIstW0ElzxndhQPns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c9d3838e8994e20-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 71ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter%3Aregular%2Citalic%2C700%7CPlayfair+Display%3Aregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7CEB+Garamond%3Aregular

Requested by

Host: bankwafro.tk
URL: https://bankwafro.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9dad1eab0c0d03733abfadb8cb7b2a396106768af4e3758709c87498d1509cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bankwafro.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 12:34:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Jan 2022 12:34:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jan 2022 12:34:19 GMT

GET
H2

200

resize
imaginary.abcmedia.no/
Redirect Chain

https://presizely.abcmedia.no/500x,q75,prog,sh:1.2:1.2:1.2/https://abcnyheter.drpublish.aptoma.no/out/images/article//2012/05/07/195116073/1/original/2197713.jpg
https://imaginary.abcmedia.no/resize?width=500&quality=75&interlace=true&url=https%3A%2F%2Fabcnyheter.drpublish.aptoma.no%2Fout%2Fimages%2Farticle%2F%2F2012%2F05%2F07%2F195116073%2F1%2Foriginal%2F2...

15 KB
15 KB

216ms
132ms

Image
image/jpeg

87.238.33.154
REDPILL-LINPRO Re...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imaginary.abcmedia.no/resize?width=500&quality=75&interlace=true&url=https%3A%2F%2Fabcnyheter.drpublish.aptoma.no%2Fout%2Fimages%2Farticle%2F%2F2012%2F05%2F07%2F195116073%2F1%2Foriginal%2F2197713.jpg
Requested by: Host: bankwafro.tk
URL: https://bankwafro.tk/
Protocol: H2
Server: 87.238.33.154 Oslo, Norway, ASN39029 (REDPILL-LINPRO Redpill Linpro, NO),
Reverse DNS
Software: nginx /
Resource Hash: cf9c84e9f8d2ed08a6de800f2d7d0985890358a5588e8e52c6dc41404e219b51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bankwafro.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-project-route: abcn-prod:imaginary
date: Fri, 07 Jan 2022 12:34:20 GMT
via: 1.1 varnish (Varnish/6.0)
x-original-grace: 259200.000
xkey: abcn-prod:imaginary-proxy
age: 0
x-project: abcn-prod
x-ua-device: pc
x-purge-key: abcn-prod:imaginary-proxy
x-deployment: imaginary-proxy
content-length: 15107
x-pod: pod:imaginary-proxy-656198061-ck6xg:imaginary-proxy:10.131.6.250:3000
server: nginx
cache-control: public, max-age=2592000
x-varnish: 198814394
access-control-allow-origin: *
x-router: infra0.startsiden.c.bitbit.net
x-original-ttl: 2592000.000
x-ab-selection: disabled
accept-ranges: bytes
content-type: image/jpeg

Redirect headers

x-project-route: abcn-prod:presizely-abcmedia
date: Fri, 07 Jan 2022 12:34:19 GMT
content-encoding: gzip
x-original-grace: 259200.000
xkey: abcn-prod:presizely-redirect
age: 0
x-powered-by: Express
x-ua-device: pc
x-purge-key: abcn-prod:presizely-redirect
x-deployment: presizely-redirect
x-project: abcn-prod
x-pod: pod:presizely-redirect-2429124419-5gkvw:presizely-redirect:10.131.0.218:3000
access-control-allow-origin: *
x-router: infra0.startsiden.c.bitbit.net
server: nginx
location: https://imaginary.abcmedia.no/resize?width=500&quality=75&interlace=true&url=https%3A%2F%2Fabcnyheter.drpublish.aptoma.no%2Fout%2Fimages%2Farticle%2F%2F2012%2F05%2F07%2F195116073%2F1%2Foriginal%2F2197713.jpg
etag: W/"cf-j2rVbqtJc1ukvjKk2xPuzU1BIx0"
vary: Accept-Encoding
x-varnish: 2964632
via: 1.1 varnish (Varnish/6.0)
x-original-ttl: 120.000
x-ab-selection: disabled
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK tt_bergen_w1200.png
www.mapfactor.com/traveltip/ 1 MB
1 MB 156ms
50ms Image
image/png 81.0.213.148
CASABLANCA-AS Int...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mapfactor.com/traveltip/tt_bergen_w1200.png
Requested by: Host: bankwafro.tk
URL: https://bankwafro.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.0.213.148 , Czech Republic, ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ),
Reverse DNS: hope.mapfactor.com
Software: nginx/1.10.3 /
Resource Hash: 672add3d9c5622de4b86b55a51c36e2cc8d26a48dcd974ec2dd6f7c2eb3cae86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bankwafro.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 07 Jan 2022 12:34:19 GMT
Last-Modified: Tue, 06 Sep 2016 07:43:55 GMT
Server: nginx/1.10.3
ETag: "57ce73bb-130bfb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1248251

GET
H2 404 malmo-stickdown-drammen.jpg
www.bbk-direct.uk.com/64730-tm_large_default/ 1 KB
1 KB 638ms
536ms Image
image/gif 46.32.242.18
GD-EMEA-DC-LD5

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bbk-direct.uk.com/64730-tm_large_default/malmo-stickdown-drammen.jpg
Requested by: Host: bankwafro.tk
URL: https://bankwafro.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.32.242.18 Leeds, United Kingdom, ASN20738 (GD-EMEA-DC-LD5, DE),
Reverse DNS: whvcl46-32-242-18.whvcl.webfusion.com
Software: Apache/2.4.51 (Unix) / PHP/5.6.40
Resource Hash: ff8ab15c205231456c8c52d540836e79a1bc84c74f489989d6a8fb7c11b7ebaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bankwafro.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:34:19 GMT
server: Apache/2.4.51 (Unix)
x-powered-by: PHP/5.6.40
vary: User-Agent
x-hostname: cweb2-c7202
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
powered-by: PrestaShop
content-type: image/gif

GET
H2 200 BIi-S-xyI0M Show response
www.youtube.com/embed/ Frame 5CB8 59 KB
25 KB 131ms
89ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/BIi-S-xyI0M

Requested by

Host: bankwafro.tk
URL: https://bankwafro.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16d51597691ba88ebcc13706d91084225791c81f8f2fdc30cd09e3d0b2948782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bankwafro.tk/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 07 Jan 2022 12:34:19 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v19/ 30 KB
31 KB 60ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v19/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter%3Aregular%2Citalic%2C700%7CPlayfair+Display%3Aregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7CEB+Garamond%3Aregular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bankwafro.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:16:35 GMT
x-content-type-options: nosniff
age: 220664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30792
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 23:04:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 23:16:35 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v25/ 35 KB
35 KB 77ms
34ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v25/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bankwafro.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:36:31 GMT
x-content-type-options: nosniff
age: 21468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35948
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 07 Jan 2023 06:36:31 GMT

GET
H2 200 raxjHiqOu8IVPmn7epZnDMyKBvHf5D6c4Pz-X3By.woff2
fonts.gstatic.com/s/bitter/v19/ 16 KB
16 KB 87ms
45ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v19/raxjHiqOu8IVPmn7epZnDMyKBvHf5D6c4Pz-X3By.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05bb1af893b4164fe04fe6a49741dd582e0e9b55c22df43ef034cdade6ebff15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bankwafro.tk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 20:31:22 GMT
x-content-type-options: nosniff
age: 144177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16124
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 00:32:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 05 Jan 2023 20:31:22 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/edff9f99/ Frame 5CB8 338 KB
47 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BIi-S-xyI0M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BIi-S-xyI0M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47369
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:40:55 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/edff9f99/www-embed-player.vflset/ Frame 5CB8 227 KB
73 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BIi-S-xyI0M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BIi-S-xyI0M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:40:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75031
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:40:49 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame 5CB8 2 MB
529 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BIi-S-xyI0M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BIi-S-xyI0M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:40:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541622
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:40:49 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/ Frame 5CB8 8 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BIi-S-xyI0M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BIi-S-xyI0M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:40:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:40:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5CB8 15 KB
15 KB 34ms
34ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BIi-S-xyI0M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 263774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5CB8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

55ms
25ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BIi-S-xyI0M

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f36f5cef4aa63ba9d0e8d038e166edf0764074b76b0624ed8e7d8496d4a2b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 07 Jan 2022 12:34:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5CB8 29 B
587 B 57ms
17ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:29:19 GMT
x-content-type-options: nosniff
age: 301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jan 2022 12:44:19 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame 5CB8 94 KB
29 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd41db2e1e96f28eee9a1eec9333b8b8810b685ae4e304624b74e1a10b0167fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BIi-S-xyI0M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:41:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 157995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29833
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:41:05 GMT

GET
H2 200 Cl7PG6JefISdvQ5f5DHlM2PydHOtKzDBOwJ_tmyY6lw.js Show response
www.google.com/js/th/ Frame 5CB8 35 KB
14 KB 61ms
17ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Cl7PG6JefISdvQ5f5DHlM2PydHOtKzDBOwJ_tmyY6lw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a5ecf1ba25e7c849dbd0e5fe431e53363f27473ad2b30c13b027fb66c98ea5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 10:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13395
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 10:47:02 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/ Frame 5CB8 26 KB
7 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BIi-S-xyI0M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 16:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 158010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7633
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 01:18:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 16:40:50 GMT

GET
DATA 200
OK truncated
/ Frame 5CB8 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSoqwDfMX_7U5IneiUB_TUf1iplyuFIAe51siaK=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5CB8 5 KB
5 KB 63ms
17ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSoqwDfMX_7U5IneiUB_TUf1iplyuFIAe51siaK=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BIi-S-xyI0M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

702c241894facba8fbbfa51b074d5cbd792eee7d58076c103397c9adced6970d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 10:34:03 GMT
x-content-type-options: nosniff
age: 7217
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4987
x-xss-protection: 0
server: fife
etag: "v1a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 16 Nov 2021 21:18:15 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/BIi-S-xyI0M/ Frame 5CB8 41 KB
41 KB 114ms
67ms Image
image/webp 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/BIi-S-xyI0M/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BIi-S-xyI0M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acb5b3d2bdc3d35e3a3929580502b81fa48bcd06764dd6b4bb81129924955881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:34:20 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41548
x-xss-protection: 0
server: sffe
etag: "1408206287"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Jan 2022 14:34:20 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5CB8 4 KB
3 KB 82ms
38ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jan 2022 12:34:20 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 5CB8 0
9 B 17ms
16ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?br6OhA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/BIi-S-xyI0M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/BIi-S-xyI0M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:34:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/97/ Frame 5CB8 53 KB
15 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/97/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 21:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15488
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 15:04:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Fri, 07 Jan 2022 21:38:54 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5CB8 28 B
54 B 31ms
31ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/edff9f99/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/BIi-S-xyI0M
X-YouTube-Client-Version: 1.20220104.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgthYURHUXhBMXpoWSjL5uCOBg%3D%3D
X-YouTube-Ad-Signals: dt=1641558859961&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 07 Jan 2022 12:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 07 Jan 2022 12:34:22 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bankwafro.tk/	1969-12-31 23:59:59	Name: ch1c Value: b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Qvd9WhZPCB0
.youtube.com/	1970-01-20 04:18:30	Name: VISITOR_INFO1_LIVE Value: aaDGQxA1zhY

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bbk-direct.uk.com/64730-tm_large_default/malmo-stickdown-drammen.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankwafro.tk
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
imaginary.abcmedia.no
presizely.abcmedia.no
static.doubleclick.net
www.bbk-direct.uk.com
www.google.com
www.gstatic.com
www.mapfactor.com
www.youtube.com
yt3.ggpht.com
2606:4700:3031::ac43:b248
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:810::2016
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:830::2001
46.32.242.18
81.0.213.148
87.238.33.154
05bb1af893b4164fe04fe6a49741dd582e0e9b55c22df43ef034cdade6ebff15
0a5ecf1ba25e7c849dbd0e5fe431e53363f27473ad2b30c13b027fb66c98ea5c
16d51597691ba88ebcc13706d91084225791c81f8f2fdc30cd09e3d0b2948782
36858c35f80e532139ca0bd12d9df502b185bcca946d80e373352721ca23be85
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5f36f5cef4aa63ba9d0e8d038e166edf0764074b76b0624ed8e7d8496d4a2b81
672add3d9c5622de4b86b55a51c36e2cc8d26a48dcd974ec2dd6f7c2eb3cae86
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
702c241894facba8fbbfa51b074d5cbd792eee7d58076c103397c9adced6970d
93a8cc54b517a35c22648e5a2b1694dac62247ad174386f1791d1c4d0c6edd8c
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
aaab4ae2a2dfdfa746dd72cead3ebc53cb1b10081ebb32e755f98efebaeab965
acb5b3d2bdc3d35e3a3929580502b81fa48bcd06764dd6b4bb81129924955881
b14e416f4af207200a176b8075f45d8b78b20940bbb5083f471cf83d3830eb9d
b1e059aebb69545ec4e01b00c44d9e7e49181a019a6f87c9df5a7aec4e4e5a47
bd41db2e1e96f28eee9a1eec9333b8b8810b685ae4e304624b74e1a10b0167fa
c9dad1eab0c0d03733abfadb8cb7b2a396106768af4e3758709c87498d1509cd
cf9c84e9f8d2ed08a6de800f2d7d0985890358a5588e8e52c6dc41404e219b51
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f03fc73b13c16798d248b1260135461dab13eb93299a19d712a4682954d0ae48
ff8ab15c205231456c8c52d540836e79a1bc84c74f489989d6a8fb7c11b7ebaa

bankwafro.tk Open in urlscan Pro 2606:4700:3031::ac43:b248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

92 %HTTPS

77 %IPv6

11 Domains

14 Subdomains

14 IPs

5 Countries

2142 kBTransfer

4130 kBSize

3 Cookies

0 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

bankwafro.tk Open in urlscan Pro
2606:4700:3031::ac43:b248 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

92 %
HTTPS

77 %
IPv6

11
Domains

14
Subdomains

14
IPs

5
Countries

2142 kB
Transfer

4130 kB
Size

3
Cookies

25 HTTP transactions
1 data transactions