jodnhvnk.optipage.io Open in urlscan Pro
78.128.81.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://winplaystation5.website/
Effective URL:
https://jodnhvnk.optipage.io/
Submission: On April 11 via manual (April 11th 2022, 10:20:54 am UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 39 HTTP transactions. The main IP is 78.128.81.63, located in Bulgaria and belongs to TELEPOINT, BG. The main domain is jodnhvnk.optipage.io.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on March 6th 2022. Valid for: a year.

This is the only time jodnhvnk.optipage.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.64.119.133 192.64.119.133	22612 (NAMECHEAP...) (NAMECHEAP-NET)
7	78.128.81.63 78.128.81.63	31083 (TELEPOINT) (TELEPOINT)
3	18.66.248.48 18.66.248.48	16509 (AMAZON-02) (AMAZON-02)
2	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:1e00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.42.231.203 52.42.231.203	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
39	17

1 192.64.119.133 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

winplaystation5.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 78.128.81.63 (Bulgaria)

ASN31083 (TELEPOINT, BG)
PTR: cloud-e81248.managed-vps.net

jodnhvnk.optipage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.248.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-48.dus51.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:1e00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.42.231.203 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-231-203.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d166 (United States)

ASN13335 (CLOUDFLARENET, US)

images.pexels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	732 KB
7	optipage.io jodnhvnk.optipage.io	587 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 1147 q.stripe.com — Cisco Umbrella Rank: 6870 m.stripe.com — Cisco Umbrella Rank: 1057	81 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 jnn-pa.googleapis.com — Cisco Umbrella Rank: 272	23 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	50 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 static.doubleclick.net — Cisco Umbrella Rank: 340	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1203	18 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	47 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 212	4 KB
1	google.com www.google.com — Cisco Umbrella Rank: 4	14 KB
1	pexels.com images.pexels.com — Cisco Umbrella Rank: 41486	33 KB
1	winplaystation5.website 1 redirects winplaystation5.website	234 B
39	12

	Domain	Requested by
9	www.youtube.com	jodnhvnk.optipage.io www.youtube.com
7	jodnhvnk.optipage.io	jodnhvnk.optipage.io
4	jnn-pa.googleapis.com	www.youtube.com
3	js.stripe.com	jodnhvnk.optipage.io js.stripe.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	jodnhvnk.optipage.io
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	images.pexels.com
1	fonts.googleapis.com	jodnhvnk.optipage.io
1	m.stripe.com	m.stripe.network
1	winplaystation5.website	1 redirects
39	17

This site contains links to these domains. Also see Links.

Domain
bit.ly

Subject Issuer	Validity	Valid
*.optipage.io AlphaSSL CA - SHA256 - G2	`2022-03-06` - `2023-04-07`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-01-26` - `2022-05-04`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2022-06-09`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-11` - `2022-05-04`	4 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://jodnhvnk.optipage.io/
Frame ID: C5BF3B04E3B09A601CC31554CDB7166D
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
Frame ID: 548622FA3D88505D184E2D6038E358B4
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 87C0AA47CD2DC11CA2251F6620041A8B
Requests: 4 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ZVuSTT0bAA8
Frame ID: 1C6166154E8A7678968E1C52F60E560B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://winplaystation5.website/ HTTP 302
https://jodnhvnk.optipage.io/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Page Statistics

39
Requests

97 %
HTTPS

71 %
IPv6

12
Domains

17
Subdomains

17
IPs

3
Countries

1588 kB
Transfer

3898 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/3O8so0n
Title: Enter The Giveaway

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://winplaystation5.website/ HTTP 302
https://jodnhvnk.optipage.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
jodnhvnk.optipage.io/
Redirect Chain

http://winplaystation5.website/
https://jodnhvnk.optipage.io/

3 KB
4 KB

402ms
319ms

Document
text/html

78.128.81.63
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://jodnhvnk.optipage.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.128.81.63 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: cloud-e81248.managed-vps.net
Software: Apache /
Resource Hash: eadb25879579c8082d2449265f4211d84088508f1268f0ac9f2909d6815fbf49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Mon, 11 Apr 2022 10:20:46 GMT
server: Apache

Redirect headers

Connection: keep-alive
Content-Length: 51
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Apr 2022 10:20:46 GMT
Location: https://jodnhvnk.optipage.io
Server: nginx
X-Served-By: Namecheap URL Forward

GET
H2 200 template.css
jodnhvnk.optipage.io/modules/landingpage/css/ 206 KB
208 KB 400ms
400ms Stylesheet
text/css 78.128.81.63
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://jodnhvnk.optipage.io/modules/landingpage/css/template.css
Requested by: Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.128.81.63 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: cloud-e81248.managed-vps.net
Software: Apache /
Resource Hash: c52fcda204a20638e77e66e64f227b5a0b4c4d9f831756ff3e5d8e5a3ebfb9aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jodnhvnk.optipage.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:20:46 GMT
last-modified: Sun, 13 Mar 2022 17:32:19 GMT
server: Apache
accept-ranges: bytes
content-length: 211406
content-type: text/css

GET
H2 200 custom-publish.css
jodnhvnk.optipage.io/modules/landingpage/css/ 917 B
982 B 52ms
52ms Stylesheet
text/css 78.128.81.63
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://jodnhvnk.optipage.io/modules/landingpage/css/custom-publish.css
Requested by: Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.128.81.63 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: cloud-e81248.managed-vps.net
Software: Apache /
Resource Hash: 319dce06845bf225dcf6782765609e2c24d91bac666c1030dca560a461c00376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jodnhvnk.optipage.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:20:46 GMT
last-modified: Sun, 13 Mar 2022 17:32:19 GMT
server: Apache
accept-ranges: bytes
content-length: 917
content-type: text/css

GET
H2 200 / Show response
js.stripe.com/v3/ 295 KB
77 KB 82ms
23ms Script
application/javascript 18.66.248.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-48.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79f98c5859121947340e2302ca90596dc87dc0b781be068805391a15eaeb8f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jodnhvnk.optipage.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 37
x-cache: Hit from cloudfront
date: Mon, 11 Apr 2022 10:20:10 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
last-modified: Fri, 08 Apr 2022 20:09:40 GMT
server: Cloudfront
etag: W/"76ad57b2f3dc23e3076f7e665f78cafe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: DUS51-P1
timing-allow-origin: *
x-amz-cf-id: JsV5S6iO4XXe40U1MKc8swQht8lAlSCsOVpqMbyOT0xXmpal6kYSrw==

GET
H2 200 publish.js Show response
jodnhvnk.optipage.io/modules/landingpage/js/ 233 KB
235 KB 91ms
91ms Script
application/javascript 78.128.81.63
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://jodnhvnk.optipage.io/modules/landingpage/js/publish.js
Requested by: Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.128.81.63 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: cloud-e81248.managed-vps.net
Software: Apache /
Resource Hash: 21a5c2218767bdf3b1e1664a5d8a07f2452dc53a9f3350a87cdc5843c0a291c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jodnhvnk.optipage.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:20:46 GMT
last-modified: Sun, 13 Mar 2022 17:32:19 GMT
server: Apache
accept-ranges: bytes
content-length: 238666
content-type: application/javascript

GET
H2 200 main-page.js Show response
jodnhvnk.optipage.io/modules/landingpage/js/ 7 KB
7 KB 399ms
399ms Script
application/javascript 78.128.81.63
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://jodnhvnk.optipage.io/modules/landingpage/js/main-page.js
Requested by: Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.128.81.63 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: cloud-e81248.managed-vps.net
Software: Apache /
Resource Hash: 5efd344cd236de4998b779fd3fecd63384300693f9954832d217029546280908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jodnhvnk.optipage.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:20:46 GMT
last-modified: Sun, 13 Mar 2022 17:32:19 GMT
server: Apache
accept-ranges: bytes
content-length: 6957
content-type: application/javascript

POST
H2 200 fab33650-b72a-11ec-a11e-02004e80513f Show response
jodnhvnk.optipage.io/get-page-json/ 54 KB
56 KB 278ms
278ms XHR
application/json 78.128.81.63
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://jodnhvnk.optipage.io/get-page-json/fab33650-b72a-11ec-a11e-02004e80513f
Requested by: Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/modules/landingpage/js/publish.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.128.81.63 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: cloud-e81248.managed-vps.net
Software: Apache /
Resource Hash: 97b39e881bd7b1e9cd6d8456c407ea73d45cebb758b60a8adfb610b876f6ee77

Request headers

Accept: */*
Referer: https://jodnhvnk.optipage.io/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 11 Apr 2022 10:20:48 GMT
cache-control: no-cache, private
server: Apache
content-type: application/json

GET
H2 200 m-outer-23335cd0c833d03926d94e8fb5cb0381.html Show response
js.stripe.com/v3/ Frame 5486 240 B
981 B 11ms
10ms Document
text/html 18.66.248.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-48.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jodnhvnk.optipage.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2097
cache-control: max-age=31536000
content-length: 240
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 09:45:51 GMT
etag: "23335cd0c833d03926d94e8fb5cb0381"
last-modified: Tue, 05 Apr 2022 17:50:14 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-amz-cf-id: pOe8NVQ4Vj5ucUrU6L2UkBRICwmTmIXFDr2g2LiaP0JRRUAf2Njhlg==
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 5486 0
346 B 467ms
156ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 11 Apr 2022 10:20:49 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 m-outer-8828f6fcad654313f23d9a7d1f1eb715.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5486 1 KB
1 KB 15ms
15ms Script
application/javascript 18.66.248.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-48.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Mon, 11 Apr 2022 10:20:03 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
last-modified: Tue, 05 Apr 2022 17:50:29 GMT
server: Cloudfront
etag: W/"d0c7e21ec457b6a134a496f107c3ca93"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: DUS51-P1
timing-allow-origin: *
x-amz-cf-id: MtSNs6fxJJ0YbGJFQB9XS00ltqLxZ6df0GnApjBULZKDRvF0IdNckA==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 87C0 930 B
2 KB 27ms
8ms Document
text/html 2600:9000:2156:1e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Apr 2022 10:19:54 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
x-amz-cf-id: mgAchUf6N6TSiKOPG5MJZKk2_nJlqiwxDn_O7JYuSsXi24PvB4EJUw==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 87C0 0
121 B 414ms
155ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 11 Apr 2022 10:20:49 GMT
x-envoy-upstream-service-time: 0
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 87C0 86 KB
16 KB 15ms
14ms Script
text/javascript 2600:9000:2156:1e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:1e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 278
x-cache: Hit from cloudfront
date: Mon, 11 Apr 2022 10:16:18 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: Seqj4wOpUqgQvROoFZmdR-DQllJF_momEbIotYD0EE9PRz6yc9VgIA==

POST
H2 200 6 Show response
m.stripe.com/ Frame 87C0 156 B
523 B 477ms
161ms XHR
application/json 52.42.231.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.42.231.203 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-42-231-203.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

389f36f4f75bea48da002d98e24ff86de4be7358165373d4e420306b486dff24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 11 Apr 2022 10:20:49 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 ZVuSTT0bAA8 Show response
www.youtube.com/embed/ Frame 1C61 60 KB
26 KB 99ms
76ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ZVuSTT0bAA8?

Requested by

Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/modules/landingpage/js/publish.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a45e3339652d6517c4e9966f1f6bd0612ef547cea12892f869201745b14afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jodnhvnk.optipage.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Mon, 11 Apr 2022 10:20:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans&display=swap

Requested by

Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/modules/landingpage/js/publish.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce820ddde3b57db396b814b8bbd40e27edef6f5eab951b2053e934dd47e9e1c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jodnhvnk.optipage.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 08:33:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Apr 2022 10:20:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Apr 2022 10:20:49 GMT

GET
H2 200 pexels-photo-5961216.jpeg
images.pexels.com/photos/5961216/ 32 KB
33 KB 102ms
58ms Image
image/jpeg 2606:4700::6811:d166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.pexels.com/photos/5961216/pexels-photo-5961216.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49e58c30b0f39823682a407370b82139b9bf9965f23d9bbf096fa40d6e186581

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jodnhvnk.optipage.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:20:49 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
x-imgix-id: 9915c1b2383b513e91453f3179153ccb95cfc8bf
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32758
x-served-by: cache-sjc10044-SJC, cache-mxp6968-MXP
last-modified: Wed, 06 Apr 2022 19:47:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6fa2fde9ef7183b8-MXP
cross-origin-resource-policy: cross-origin
expires: Tue, 11 Apr 2023 10:20:49 GMT

GET
H2 200 fa-brands-400.woff2
jodnhvnk.optipage.io/modules/landingpage/webfonts/ 77 KB
77 KB 121ms
120ms Font
font/woff2 78.128.81.63
TELEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://jodnhvnk.optipage.io/modules/landingpage/webfonts/fa-brands-400.woff2
Requested by: Host: jodnhvnk.optipage.io
URL: https://jodnhvnk.optipage.io/modules/landingpage/css/template.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.128.81.63 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS: cloud-e81248.managed-vps.net
Software: Apache /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer: https://jodnhvnk.optipage.io/modules/landingpage/css/template.css
Origin: https://jodnhvnk.optipage.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:20:48 GMT
last-modified: Sun, 13 Mar 2022 17:32:19 GMT
server: Apache
accept-ranges: bytes
content-length: 78460
content-type: font/woff2

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 16 KB
17 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://jodnhvnk.optipage.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 22:45:44 GMT
x-content-type-options: nosniff
age: 473705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:06:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Apr 2023 22:45:44 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/3b5d5649/ Frame 1C61 346 KB
47 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZVuSTT0bAA8?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZVuSTT0bAA8?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 09:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47442
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 09:56:55 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/ Frame 1C61 278 KB
86 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZVuSTT0bAA8?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZVuSTT0bAA8?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 08:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87898
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 08:47:28 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame 1C61 2 MB
526 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZVuSTT0bAA8?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9363ffc9759572b04d38ac4b5e6d94efbbe7133544786d73713c8cf418c9c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZVuSTT0bAA8?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 537836
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:08 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/ Frame 1C61 9 KB
3 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZVuSTT0bAA8?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZVuSTT0bAA8?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 05:05:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 05:05:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C61 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZVuSTT0bAA8?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 514964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1C61
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

31ms
16ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZVuSTT0bAA8?

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

664616425e4e18d5c58347c76b075cc255e80b92701491131596bf6dd0f9199b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Apr 2022 10:20:49 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1C61 29 B
588 B 115ms
7ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:14:42 GMT
x-content-type-options: nosniff
age: 367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Apr 2022 10:29:42 GMT

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1C61 45 KB
22 KB 38ms
23ms XHR
application/json+protobuf 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78cd0c17cda6e53811c3d9e2ba010c1efdb0d16a9026c716b145fad1cbda4d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 11 Apr 2022 10:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22375
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame 1C61 119 KB
37 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50567eb16170b863f6626d29ebf15403f08cbc50f93c04f3af3ac323f15ef3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZVuSTT0bAA8?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37727
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:09 GMT

GET
H2 200 o-wDB4cz7rv9MqHhXDjjQEUhhhc2Is8u0oux7jSuMUM.js Show response
www.google.com/js/th/ Frame 1C61 35 KB
14 KB 279ms
6ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/o-wDB4cz7rv9MqHhXDjjQEUhhhc2Is8u0oux7jSuMUM.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ec03078733eebbfd32a1e15c38e340452186173622cf2ed28bb1ee34ae3143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 06:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 272694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13688
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Apr 2023 06:35:56 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/ Frame 1C61 27 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67f17eeade38d7f9bd48afd980b628ce3cdd925ae32599b594f6206f630e0a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZVuSTT0bAA8?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8162
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 07 Apr 2023 14:56:09 GMT

GET
DATA 200
OK truncated
/ Frame 1C61 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 H_---ano_f27DOCejDhUdBMtBcxcv32MoXmFKQc_mBcxYSH4HPZTGuBUdm7UgI5VlutMOVX2=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 1C61 3 KB
4 KB 57ms
8ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/H_---ano_f27DOCejDhUdBMtBcxcv32MoXmFKQc_mBcxYSH4HPZTGuBUdm7UgI5VlutMOVX2=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZVuSTT0bAA8?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

507c1f17fb4bca986ff4f7797d6145e56b89c4c620b3f4d649a25f9eef80ceaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 07:56:55 GMT
x-content-type-options: nosniff
age: 8634
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3373
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 11 Apr 2022 03:56:53 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/ZVuSTT0bAA8/ Frame 1C61 46 KB
47 KB 56ms
7ms Image
image/jpeg 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ZVuSTT0bAA8/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ZVuSTT0bAA8?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d4d596ef2e76715eff36b9f5ca83b74b531f17a85d9f996e1781c560112dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:20:41 GMT
x-content-type-options: nosniff
age: 8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47369
x-xss-protection: 0
server: sffe
etag: "1605206022"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Apr 2022 12:20:41 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 111ms
23ms Preflight
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 11 Apr 2022 10:20:49 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1C61 4 KB
3 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Apr 2022 10:20:49 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 11 Apr 2022 10:20:50 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1C61 98 B
142 B 17ms
16ms XHR
application/json+protobuf 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cd93705268c3bebfe259d4f9999f61aa855d8b7b23849257450f808da2eac80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 11 Apr 2022 10:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 1C61 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?z9lykg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ZVuSTT0bAA8?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ZVuSTT0bAA8?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:20:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/100/ Frame 1C61 52 KB
15 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/100/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 16:10:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15463
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 16:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 11 Apr 2022 16:10:55 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1C61 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/3b5d5649/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ZVuSTT0bAA8?
X-YouTube-Client-Version: 1.20220406.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt5ekhsdEg5aWszSSiBgtCSBg%3D%3D
X-YouTube-Ad-Signals: dt=1649672449691&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C540%2C304&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 11 Apr 2022 10:20:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:20:52 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
jodnhvnk.optipage.io/	1970-01-20 02:14:39	Name: XSRF-TOKEN Value: eyJpdiI6InZQb0lmTEdESCs5M2dTZiswZzFBRHc9PSIsInZhbHVlIjoibFhZQnlVRFpDT3NwUG9BMlpoend2WEd3K1lkUjdpdVFZZmd3bUhwbkx1RVpOcER3Q0ZObFVWWmlPcTFYZzVHTjBqajBORTkxZUVneDU5dTM0VUhiSlFYT1JzUWVNcE91d1FMVGpFVjFNeHBmYjFsOHROT09HZHo1ekRaaVlQdk8iLCJtYWMiOiJlZjMxYWM5MTc0ZWJiNjRjMzEzMjYxNDVlODNhZDg5NjdkNDEyMWY3ZmYwYzBkMTM5NTE0ZGQ2MmJiMmIwMWQ2In0%3D
jodnhvnk.optipage.io/	1970-01-20 02:14:39	Name: zillapage_session Value: eyJpdiI6IjlLb3FYKzB0T24wWmJsVE1MMzUyM2c9PSIsInZhbHVlIjoiYlJDSmJMZ2YzNkhZVWRtVnNFV1lXa2F6TFRMQS84ckFqV3ZxeVZhK2l2cHFRcVB5UlNYWmo4dWVvTGRIWDVEb3VoMmkrR0JDVHpaVmYxb0s5NU5sZDY5Wm9hVEtnaEttNUtYWmU2aXd5cGxiU0JjdGFsQmM1S2N1TnpLR0N3dG8iLCJtYWMiOiJhYTM2MTRmZDMwOTFmYWNiOGNiYmEzYmJkYzdhMmVlM2Y1YmZlNThlNmUwZWNjOTkwYWNiYjFlNzJhYzkxZjMzIn0%3D
m.stripe.com/	1970-01-20 19:45:44	Name: m Value: cd25a778-0607-4283-a873-a91f18c5bb781bb739
.jodnhvnk.optipage.io/	1970-01-20 11:00:08	Name: __stripe_mid Value: 34262da9-c58f-4c99-971b-ee98fa32f7a1bf1b85
.jodnhvnk.optipage.io/	1970-01-20 02:14:34	Name: __stripe_sid Value: 85c31b63-53f5-4cd2-b273-77b09b9eb3a273fb87
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: oXZLyMceFEw
.youtube.com/	1970-01-20 06:33:44	Name: VISITOR_INFO1_LIVE Value: yzHltH9ik3I
.pexels.com/	1970-01-20 02:14:34	Name: __cf_bm Value: euS0TLUy2TrUHcjQtBv3WyyDBeXLPMBrKtKD5bBjozs-1649672449-0-ATexCroJVk2mVmBI5UfbrMbRdepKpo2pinJ0UP0Ty97RylK73HuZdSAgpyw/bC3wNlbr7RusFjqu8I+gm4GYDco=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
images.pexels.com
jnn-pa.googleapis.com
jodnhvnk.optipage.io
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
static.doubleclick.net
winplaystation5.website
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
18.66.248.48
192.64.119.133
2600:9000:2156:1e00:19:7d10:bd80:93a1
2606:4700::6811:d166
2a00:1450:4001:808::2016
2a00:1450:4001:80f::2006
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2004
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
52.42.231.203
54.187.159.182
78.128.81.63
1d4d596ef2e76715eff36b9f5ca83b74b531f17a85d9f996e1781c560112dbc7
21a5c2218767bdf3b1e1664a5d8a07f2452dc53a9f3350a87cdc5843c0a291c9
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
319dce06845bf225dcf6782765609e2c24d91bac666c1030dca560a461c00376
389f36f4f75bea48da002d98e24ff86de4be7358165373d4e420306b486dff24
3a45e3339652d6517c4e9966f1f6bd0612ef547cea12892f869201745b14afe4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49e58c30b0f39823682a407370b82139b9bf9965f23d9bbf096fa40d6e186581
50567eb16170b863f6626d29ebf15403f08cbc50f93c04f3af3ac323f15ef3b8
507c1f17fb4bca986ff4f7797d6145e56b89c4c620b3f4d649a25f9eef80ceaf
5efd344cd236de4998b779fd3fecd63384300693f9954832d217029546280908
664616425e4e18d5c58347c76b075cc255e80b92701491131596bf6dd0f9199b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f17eeade38d7f9bd48afd980b628ce3cdd925ae32599b594f6206f630e0a02
6cd93705268c3bebfe259d4f9999f61aa855d8b7b23849257450f808da2eac80
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
78cd0c17cda6e53811c3d9e2ba010c1efdb0d16a9026c716b145fad1cbda4d20
79f98c5859121947340e2302ca90596dc87dc0b781be068805391a15eaeb8f95
924d56b948a5e7b6dbec58c81f4b620607ddbd7a5c7ea1243bd38a4b3246b2b0
97b39e881bd7b1e9cd6d8456c407ea73d45cebb758b60a8adfb610b876f6ee77
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67
a3ec03078733eebbfd32a1e15c38e340452186173622cf2ed28bb1ee34ae3143
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
c52fcda204a20638e77e66e64f227b5a0b4c4d9f831756ff3e5d8e5a3ebfb9aa
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ce820ddde3b57db396b814b8bbd40e27edef6f5eab951b2053e934dd47e9e1c2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e0f9f4c769334f1972f3d7a07b826c6a393a6ba78975e27bb7d9215349eea97b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eadb25879579c8082d2449265f4211d84088508f1268f0ac9f2909d6815fbf49
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f9363ffc9759572b04d38ac4b5e6d94efbbe7133544786d73713c8cf418c9c1c

jodnhvnk.optipage.io Open in urlscan Pro 78.128.81.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

71 %IPv6

12 Domains

17 Subdomains

17 IPs

3 Countries

1588 kBTransfer

3898 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jodnhvnk.optipage.io Open in urlscan Pro
78.128.81.63 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

71 %
IPv6

12
Domains

17
Subdomains

17
IPs

3
Countries

1588 kB
Transfer

3898 kB
Size

8
Cookies

39 HTTP transactions
1 data transactions