uzi.tguzi.com Open in urlscan Pro
67.212.173.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bbcnews-lzbcsl.videosusa0.xyz/
Effective URL:
https://uzi.tguzi.com/proc.php?1b2bba095a748cbc79fec28734564b8938be30d1
Submission: On January 18 via api (January 18th 2024, 2:50:59 pm UTC) from US — Scanned from DE

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 20 domains to perform 38 HTTP transactions. The main IP is 67.212.173.76, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is uzi.tguzi.com.
TLS certificate: Issued by R3 on January 18th 2024. Valid for: 3 months.

This is the only time uzi.tguzi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	154.12.254.12 154.12.254.12	40021 (NL-811-40021) (NL-811-40021)
1	209.126.85.168 209.126.85.168	40021 (NL-811-40021) (NL-811-40021)
2	154.53.45.45 154.53.45.45	40021 (NL-811-40021) (NL-811-40021)
7	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.219.84.192 52.219.84.192	16509 (AMAZON-02) (AMAZON-02)
1 1	64.227.23.114 64.227.23.114	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	67.212.184.147 67.212.184.147	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 3	51.68.81.31 51.68.81.31	16276 (OVH) (OVH)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:1362	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	67.212.173.76 67.212.173.76	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
38	20

2 154.12.254.12 (New York, United States) 1 redirects

ASN40021 (NL-811-40021, US)
PTR: vmi1579699.contaboserver.net

bbcnews-lzbcsl.videosusa0.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.126.85.168 (United States)

ASN40021 (NL-811-40021, US)
PTR: vmi964601.contaboserver.net

lacabrahd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.53.45.45 (St Louis, United States)

ASN40021 (NL-811-40021, US)
PTR: vmi1503034.contaboserver.net

links-api.lat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
corbatica.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.84.192 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

asdfdgf.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.23.114 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

cchcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.212.184.147 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

my.contentrightnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.81.31 (France) 2 redirects

ASN16276 (OVH, FR)

www.cimentbuilder.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

yfuh.ningutengo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:1362 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.212.173.76 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

uzi.tguzi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	3 MB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 220	40 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
3	cimentbuilder.one 2 redirects www.cimentbuilder.one	5 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 263	1 KB
2	tguzi.com uzi.tguzi.com	4 KB
2	contentrightnow.com my.contentrightnow.com	4 KB
2	videosusa0.xyz 1 redirects bbcnews-lzbcsl.videosusa0.xyz	2 KB
1	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 467436	1 KB
1	ningutengo.com yfuh.ningutengo.com	1 KB
1	cchcontent.com 1 redirects cchcontent.com — Cisco Umbrella Rank: 638811	292 B
1	corbatica.vip corbatica.vip	437 B
1	amazonaws.com asdfdgf.s3.us-east-2.amazonaws.com	1 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 16645	29 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	5 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	74 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2 play.google.com Failed	20 KB
1	links-api.lat links-api.lat	168 B
1	lacabrahd.com lacabrahd.com — Cisco Umbrella Rank: 815104	2 KB
0	qeh8.com Failed v111304.qeh8.com Failed
38	20

	Domain	Requested by
7	www.youtube.com	bbcnews-lzbcsl.videosusa0.xyz www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	www.cimentbuilder.one	2 redirects my.contentrightnow.com
2	uzi.tguzi.com	yfuh.ningutengo.com uzi.tguzi.com
2	my.contentrightnow.com	corbatica.vip my.contentrightnow.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	bbcnews-lzbcsl.videosusa0.xyz	1 redirects
1	cdn.addlnk.com	yfuh.ningutengo.com
1	yfuh.ningutengo.com	www.cimentbuilder.one
1	cchcontent.com	1 redirects
1	corbatica.vip	asdfdgf.s3.us-east-2.amazonaws.com
1	asdfdgf.s3.us-east-2.amazonaws.com	bbcnews-lzbcsl.videosusa0.xyz
1	whos.amung.us
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	links-api.lat	bbcnews-lzbcsl.videosusa0.xyz
1	lacabrahd.com	bbcnews-lzbcsl.videosusa0.xyz
0	v111304.qeh8.com Failed	uzi.tguzi.com
0	play.google.com Failed	www.youtube.com
38	23

This site contains no links.

Subject Issuer	Validity	Valid
*.videosusa0.xyz R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh
lacabrahd.com cPanel, Inc. Certification Authority	`2023-11-06` - `2024-02-04`	3 months	crt.sh
webdisk.links-api.lat R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-09`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-09-17`	a year	crt.sh
www.corbatica.vip R3	`2023-12-05` - `2024-03-04`	3 months	crt.sh
my.contentrightnow.com R3	`2023-12-10` - `2024-03-09`	3 months	crt.sh
www.cimentbuilder.one R3	`2024-01-15` - `2024-04-14`	3 months	crt.sh
ningutengo.com GTS CA 1P5	`2023-12-06` - `2024-03-05`	3 months	crt.sh
addlnk.com GTS CA 1P5	`2023-12-07` - `2024-03-06`	3 months	crt.sh
uzi.tguzi.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh

This page contains 2 frames:

Frame: https://v111304.qeh8.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7325450946824110095&pub=20961&pid=20961-45b4929d-c0fb8912&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DE+WiFi&a=0
Frame ID: 0BC5D7A68F0EA17D7B111FA70DC81F7E
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Frame ID: C04B48E052E5CDF96AB7ACE38621E92A
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bbcnews-lzbcsl.videosusa0.xyz/ HTTP 301
https://bbcnews-lzbcsl.videosusa0.xyz/ Page URL
https://asdfdgf.s3.us-east-2.amazonaws.com/videos.html Page URL
https://cchcontent.com/?k=2d61d8a312a2d3dede0092b7e7ba2924&type=mainstream&subtype=global&data1=JEL... HTTP 302
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
https://my.contentrightnow.com/proc.php?6f02f19ce605c531f7d4b7ebfaeecf2199696674 Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website... Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website... HTTP 302
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website... HTTP 302
https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=9077643309794633874 Page URL
https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream... Page URL
https://uzi.tguzi.com/proc.php?1b2bba095a748cbc79fec28734564b8938be30d1 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

38
Requests

84 %
HTTPS

60 %
IPv6

20
Domains

23
Subdomains

20
IPs

3
Countries

2868 kB
Transfer

3698 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bbcnews-lzbcsl.videosusa0.xyz/ HTTP 301
https://bbcnews-lzbcsl.videosusa0.xyz/ Page URL
https://asdfdgf.s3.us-east-2.amazonaws.com/videos.html Page URL
https://cchcontent.com/?k=2d61d8a312a2d3dede0092b7e7ba2924&type=mainstream&subtype=global&data1=JELTAXPC HTTP 302
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb Page URL
https://my.contentrightnow.com/proc.php?6f02f19ce605c531f7d4b7ebfaeecf2199696674 Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400 Page URL
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400&eyeg=a81bf5bf86ea12d07ac9d868ea5ca1b2&eyer=0.9854701644046537&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400&eyeg=3&eyer=0.9854701644046537&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=9077643309794633874 Page URL
https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=c7594bbb&cid=pubef41f4df526d4b1f96d265c765931bad&2=pubid Page URL
https://uzi.tguzi.com/proc.php?1b2bba095a748cbc79fec28734564b8938be30d1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bbcnews-lzbcsl.videosusa0.xyz/ HTTP 301
https://bbcnews-lzbcsl.videosusa0.xyz/

Request Chain 10

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 31

https://cchcontent.com/?k=2d61d8a312a2d3dede0092b7e7ba2924&type=mainstream&subtype=global&data1=JELTAXPC HTTP 302
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

Request Chain 34

https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400&eyeg=a81bf5bf86ea12d07ac9d868ea5ca1b2&eyer=0.9854701644046537&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400&eyeg=3&eyer=0.9854701644046537&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=my.contentrightnow.com HTTP 302
https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=9077643309794633874

38 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
bbcnews-lzbcsl.videosusa0.xyz/
Redirect Chain

http://bbcnews-lzbcsl.videosusa0.xyz/
https://bbcnews-lzbcsl.videosusa0.xyz/

1 KB
1 KB

350ms
116ms

Document
text/html

154.12.254.12
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://bbcnews-lzbcsl.videosusa0.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 154.12.254.12 New York, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1579699.contaboserver.net
Software: nginx/1.24.0 / PHP/8.2.12
Resource Hash: 125f5d905fb1b5680e48815b8ce371370200f42f4ff4437c8129c33329d160f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 1188
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Jan 2024 14:50:54 GMT
Server: nginx/1.24.0
X-Powered-By: PHP/8.2.12

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Thu, 18 Jan 2024 14:50:54 GMT
Location: https://bbcnews-lzbcsl.videosusa0.xyz/
Server: nginx/1.24.0

GET
H/1.1 200
OK fbmultiplepais Show response
lacabrahd.com/api/scripts/ 2 KB
2 KB 535ms
226ms Script
application/javascript 209.126.85.168
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://lacabrahd.com:3069/api/scripts/fbmultiplepais?contador=ogprovenza&owner=corbatica&isbot=false&before=true&selectedcountry=
Requested by: Host: bbcnews-lzbcsl.videosusa0.xyz
URL: https://bbcnews-lzbcsl.videosusa0.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.85.168 , United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi964601.contaboserver.net
Software: / Express
Resource Hash: b5bd78b5b3645f9c790484f240ed5a17885bc3fc4c6583b32882e4f43f2572d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bbcnews-lzbcsl.videosusa0.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 18 Jan 2024 14:50:55 GMT
Connection: keep-alive
X-Powered-By: Express
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK data.php Show response
links-api.lat/src/ 0
168 B 418ms
140ms Script
text/html 154.53.45.45
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://links-api.lat/src/data.php
Requested by: Host: bbcnews-lzbcsl.videosusa0.xyz
URL: https://bbcnews-lzbcsl.videosusa0.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 154.53.45.45 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1503034.contaboserver.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bbcnews-lzbcsl.videosusa0.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 14:50:55 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 mwKJfNYwvm8 Show response
www.youtube.com/embed/ Frame C04B 92 KB
42 KB 148ms
100ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen

Requested by

Host: bbcnews-lzbcsl.videosusa0.xyz
URL: https://bbcnews-lzbcsl.videosusa0.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b66593560d537065add41c948774351ec294a253dfee531b12c3870344741db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bbcnews-lzbcsl.videosusa0.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 14:50:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/787e9b63/ Frame C04B 359 KB
47 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:22:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47506
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Jan 2025 02:22:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C04B 15 KB
15 KB 29ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 23:26:56 GMT
x-content-type-options: nosniff
age: 573838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C04B 15 KB
16 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 20:17:31 GMT
x-content-type-options: nosniff
age: 239603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 20:17:31 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/ Frame C04B 52 KB
16 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65faef556bfc4f04e6f7455ea9e228742e697170990bbe4ae27c55a64f9857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16431
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Jan 2025 02:21:52 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/787e9b63/www-embed-player.vflset/ Frame C04B 323 KB
97 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65cd9fe803c67f0c4236805273a0453daf900d7006170c8cf38ebb8cde1b2f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 06:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98837
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Jan 2025 06:55:57 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/ Frame C04B 2 MB
2 MB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

449dffcc02bb5a08f9cff4b8659eef5511bdb979490fd3ce61e5e8004ff0df44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:27:14 GMT
x-content-type-options: nosniff
age: 131020
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2481682
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Jan 2025 02:27:14 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C04B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

16ms
16ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

844c795a2c950b14d89cd49d2128dc1328787b0f08ceee2489a5922b331a0319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 18 Jan 2024 14:50:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C04B 29 B
495 B 27ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:40:32 GMT
x-content-type-options: nosniff
age: 623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jan 2024 14:55:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 35ms
14ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 18 Jan 2024 14:50:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C04B 87 KB
40 KB 25ms
25ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40131d53a77d66d287d7ad6dbbcb7fd0a1eb16f024c337a8d388101b3e4ee76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 18 Jan 2024 14:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40963
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/ Frame C04B 117 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49104223627200e65966dc89d1648e3725bf29e70e8474e1f488a412e8abaef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33860
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 04:49:52 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Jan 2025 02:24:53 GMT

GET
H2 200 QaMcj-JulTnv9WX-ZKiswnw1NZ6KstGU-WkCl6294a4.js Show response
www.google.com/js/th/ Frame C04B 51 KB
20 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/QaMcj-JulTnv9WX-ZKiswnw1NZ6KstGU-WkCl6294a4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a31c8fe26e9539eff565fe64a8acc27c35359e8ab2d194f9690297adbde1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 07:47:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19869
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 07:47:04 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/mwKJfNYwvm8/ Frame C04B 73 KB
74 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/mwKJfNYwvm8/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfcf56d8662e3b5b4dfb7f985b345971d76b97d5e99f985e72d22b18620d0dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:50:21 GMT
x-content-type-options: nosniff
age: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74930
x-xss-protection: 0
server: sffe
etag: "1700576985"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 18 Jan 2024 16:50:21 GMT

GET
DATA 200
OK truncated
/ Frame C04B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZTM49hEx9zyui_0zDZKi75EgqJPJfuDmWu1cePdQQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C04B 5 KB
5 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZTM49hEx9zyui_0zDZKi75EgqJPJfuDmWu1cePdQQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcc9daa8cccb674c41f4d0b0fe433f44d1529457b345ab46c0c370519fb3efce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:03:46 GMT
x-content-type-options: nosniff
age: 2829
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5298
x-xss-protection: 0
server: fife
etag: "v50a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 19 Jan 2024 14:03:46 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C04B 4 KB
2 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 14:50:55 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame C04B 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?5Z6_Yw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mwKJfNYwvm8?si=UjiSViznygWJ5yen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:50:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 18 Jan 2024 14:50:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C04B 90 B
134 B 17ms
17ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/787e9b63/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c242607d4a58b6dc9377975f7111b5e4bd194005a72764c2fb3c15e6a7059847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 18 Jan 2024 14:50:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame C04B 50 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 23:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 18 Jan 2024 23:48:25 GMT

OPTIONS log
play.google.com/ Frame 0
0

POST atr
www.youtube.com/api/stats/ Frame C04B 0
0

POST log
play.google.com/ Frame C04B 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame C04B 0
0

GET
H2 200 /
whos.amung.us/pingjs/ 29 B
29 B 154ms
119ms Image
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=ogprovenza&t=La%20Chancla~%20Le%20%20dimo%20to&c=s&x=https://twitter.com/&y=https://twitter.com/&a=-1&d=0&v=27&r=3536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bbcnews-lzbcsl.videosusa0.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:50:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8477a73029770418-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK videos.html Show response
asdfdgf.s3.us-east-2.amazonaws.com/ 870 B
1 KB 348ms
123ms Document
text/html 52.219.84.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asdfdgf.s3.us-east-2.amazonaws.com/videos.html
Requested by: Host: bbcnews-lzbcsl.videosusa0.xyz
URL: https://bbcnews-lzbcsl.videosusa0.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.84.192 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4705b08554737304314e33fe8476a5588416906db2a32b1d3e217c1c6d9312ea

Request headers

Referer: https://bbcnews-lzbcsl.videosusa0.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 870
Content-Type: text/html
Date: Thu, 18 Jan 2024 14:50:57 GMT
ETag: "95c35b94537b4b54f19538c38706dee4"
Last-Modified: Wed, 10 Jan 2024 23:32:19 GMT
Server: AmazonS3
x-amz-id-2: 5hK25QvHhGyXb06pq/p5qcucZjFr/0yw1nOm51FhfSdH6dvH6QBZfCWdIhNEtloJuB40fr9e/zI=
x-amz-request-id: 8PS63M39RRM0TE2Q
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK index.php
corbatica.vip/manager/ 125 B
437 B 367ms
119ms Script
application/javascript 154.53.45.45
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://corbatica.vip/manager/index.php?username=jojo&counter=jb007
Requested by: Host: asdfdgf.s3.us-east-2.amazonaws.com
URL: https://asdfdgf.s3.us-east-2.amazonaws.com/videos.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 154.53.45.45 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1503034.contaboserver.net
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://asdfdgf.s3.us-east-2.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 14:50:57 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive

GET
H2

200

/ Show response
my.contentrightnow.com/
Redirect Chain

https://cchcontent.com/?k=2d61d8a312a2d3dede0092b7e7ba2924&type=mainstream&subtype=global&data1=JELTAXPC
https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb

8 KB
3 KB

494ms
132ms

Document
text/html

67.212.184.147
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Requested by: Host: corbatica.vip
URL: https://corbatica.vip/manager/index.php?username=jojo&counter=jb007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.147 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.3.1
Resource Hash: 179309bf08bff049892bed10fc2822999790ef46eb3eeea22611ade0d7ed605b

Request headers

Referer: https://asdfdgf.s3.us-east-2.amazonaws.com/videos.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 14:50:57 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.3.1

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 18 Jan 2024 14:50:57 GMT
Location: https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Server: nginx/1.16.1 (Ubuntu)

GET
H2 200 proc.php
my.contentrightnow.com/ 1 KB
1 KB 132ms
131ms Document
text/html 67.212.184.147
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://my.contentrightnow.com/proc.php?6f02f19ce605c531f7d4b7ebfaeecf2199696674
Requested by: Host: my.contentrightnow.com
URL: https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.147 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.3.1
Resource Hash

Request headers

Referer: https://my.contentrightnow.com/?utm_medium=9edef15e72214e8a973d0e5b01f40580976cda9b&utm_campaign=optimizedb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 14:50:58 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.3.1

GET
H/1.1 200
OK /
www.cimentbuilder.one/ 4 KB
4 KB 63ms
9ms Document
text/html 51.68.81.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400
Requested by: Host: my.contentrightnow.com
URL: https://my.contentrightnow.com/proc.php?6f02f19ce605c531f7d4b7ebfaeecf2199696674
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://my.contentrightnow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Thu, 18 Jan 2024 14:50:58 GMT
Transfer-Encoding: chunked

GET
H2

200

7edf752b35 Show response
yfuh.ningutengo.com/rc/
Redirect Chain

https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400&eyeg=a81bf5bf86ea12d07ac9d868ea5ca1b2&eyer=0.9854701644046537...
https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400&eyeg=3&eyer=0.9854701644046537&eyei=0&eyew=1600&eyeh=1200&eye...
https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=9077643309794633874

1 KB
1 KB

146ms
108ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=9077643309794633874
Requested by: Host: www.cimentbuilder.one
URL: https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d58a5a4bc78f9e619c67ed7d129314018ccc3a4cb334732b73eb1dd93ce11733

Request headers

Referer: https://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=Track1&data2=Track2&tag=M7325450938234175620&website=4400-5d3c60dz&placement=4400
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8477a7435a1d39c7-FRA
content-encoding: br
content-language: en-us
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 14:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qx5Z34hMhRjrWPTwzPfK8w%2BzSomRyoRJ4zAEAmmobl4k8CI0sG1m%2B9cDuVa6DIJ8VXlE93%2F7k39ezyPyLCxG5jx4B0W2SGGNkLwPROQwLjSpLyalqip2KaX%2FD3liaGlQ74zw28cNPZKsrs03d9dgaLv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 0
Date: Thu, 18 Jan 2024 14:50:58 GMT
Location: https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=9077643309794633874

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 80ms
24ms Stylesheet
text/css 2606:4700:3034::6815:1362
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: yfuh.ningutengo.com
URL: https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=9077643309794633874
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:50:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: P20RRDFYBD75KJTH
age: 6827
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400
x-amz-id-2: VJybkA0qKPGeVBjNnVPCiY0PdRvx78kCWv2CXlXsf7NMuEZTJmvmd5FbzdRBuUh146a76frtKanQwtMXeNKQSg==
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLYwV2i8%2FsaqzhVkrQCDC33D%2Ftv4%2B1BCo22Pzl4CXtbvhxqrfrjeptjr9XL60lDU90YFJPZg8baxKCvPU%2B%2BlQRBw1kY5Od14kEtk5zS8aAJ5%2FgUnU%2Bz%2FRTaYrMvqYvaBGGQZn5gVtPKXM3lmRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8477a74469ef0a58-AMS

GET
H2 200 / Show response
uzi.tguzi.com/ 8 KB
3 KB 396ms
130ms Document
text/html 67.212.173.76
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=c7594bbb&cid=pubef41f4df526d4b1f96d265c765931bad&2=pubid
Requested by: Host: yfuh.ningutengo.com
URL: https://yfuh.ningutengo.com/rc/7edf752b35?pubid=pubid&affclick=9077643309794633874
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.173.76 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.3.1
Resource Hash: bf77f424368c850829ba8bc6e188acada9fb8ddae7b93b891ef796668a5263fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 14:50:59 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.3.1

GET
H2 200 Primary Request proc.php
uzi.tguzi.com/ 2 KB
1 KB 128ms
127ms Document
text/html 67.212.173.76
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://uzi.tguzi.com/proc.php?1b2bba095a748cbc79fec28734564b8938be30d1
Requested by: Host: uzi.tguzi.com
URL: https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=c7594bbb&cid=pubef41f4df526d4b1f96d265c765931bad&2=pubid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.173.76 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: server04.com-2.mobi
Software: nginx / PHP/8.3.1
Resource Hash

Request headers

Referer: https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=c7594bbb&cid=pubef41f4df526d4b1f96d265c765931bad&2=pubid
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 14:50:59 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://v111304.qeh8.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7325450946824110095&pub=20961&pid=20961-45b4929d-c0fb8912&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DE+WiFi&a=0
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.3.1

GET go.php
v111304.qeh8.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=mPUKYUsQVCFoBb-R&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fbbcnews-lzbcsl.videosusa0.xyz%2F&lact=266&cl=598696019&mos=0&volume=100&cbr=Chrome&cbrver=120.0.6099.224&c=WEB_EMBEDDED_PLAYER&cver=1.20240115.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=630&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153868%2C23095%2C53633%2C84737%2C19570%2C6118%2C9541%2C1089%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C8128%2C11466%2C4683%2C1360%2C8314%2C280%2C2008%2C4552%2C4881%2C145%2C1089%2C3864%2C6675%2C3001%2C1473%2C1598%2C23%2C3437%2C1908%2C1&muted=0&docid=mwKJfNYwvm8

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: v111304.qeh8.com
URL: https://v111304.qeh8.com/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7325450946824110095&pub=20961&pid=20961-45b4929d-c0fb8912&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DE+WiFi&a=0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: t3NIsCS_ihY
.youtube.com/	1970-01-20 22:05:41	Name: VISITOR_INFO1_LIVE Value: lmnty9pj4RY
yfuh.ningutengo.com/	1970-01-20 17:56:34	Name: AWSALB Value: 0sOAsNYBBHHDv8+uMxEvwCcZ4FsqkorxEcUy7+IUxi3JAyiv4fODPu8M4C8rFSHXRzJvnSxEOUKZ8eqCaVWQHHdb/2Ka78R+Z1s9ZTlE3zncpIWIwipN7L+/Na76

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://bbcnews-lzbcsl.videosusa0.xyz/(Line 20) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asdfdgf.s3.us-east-2.amazonaws.com
bbcnews-lzbcsl.videosusa0.xyz
cchcontent.com
cdn.addlnk.com
corbatica.vip
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
lacabrahd.com
links-api.lat
my.contentrightnow.com
play.google.com
static.doubleclick.net
uzi.tguzi.com
v111304.qeh8.com
whos.amung.us
www.cimentbuilder.one
www.google.com
www.gstatic.com
www.youtube.com
yfuh.ningutengo.com
yt3.ggpht.com
play.google.com
v111304.qeh8.com
www.youtube.com
154.12.254.12
154.53.45.45
209.126.85.168
2606:4700:10::ac43:88d
2606:4700:3034::6815:1362
2a00:1450:4001:802::2016
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a06:98c1:3120::3
51.68.81.31
52.219.84.192
64.227.23.114
67.212.173.76
67.212.184.147
125f5d905fb1b5680e48815b8ce371370200f42f4ff4437c8129c33329d160f2
1515b988fb1fab95f3ba07b215b8fc214e6834106caf76452ad83045ddc73d5e
179309bf08bff049892bed10fc2822999790ef46eb3eeea22611ade0d7ed605b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40131d53a77d66d287d7ad6dbbcb7fd0a1eb16f024c337a8d388101b3e4ee76c
41a31c8fe26e9539eff565fe64a8acc27c35359e8ab2d194f9690297adbde1ae
449dffcc02bb5a08f9cff4b8659eef5511bdb979490fd3ce61e5e8004ff0df44
4705b08554737304314e33fe8476a5588416906db2a32b1d3e217c1c6d9312ea
49104223627200e65966dc89d1648e3725bf29e70e8474e1f488a412e8abaef4
4b66593560d537065add41c948774351ec294a253dfee531b12c3870344741db
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
65cd9fe803c67f0c4236805273a0453daf900d7006170c8cf38ebb8cde1b2f37
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
844c795a2c950b14d89cd49d2128dc1328787b0f08ceee2489a5922b331a0319
b5bd78b5b3645f9c790484f240ed5a17885bc3fc4c6583b32882e4f43f2572d3
bcc9daa8cccb674c41f4d0b0fe433f44d1529457b345ab46c0c370519fb3efce
bf77f424368c850829ba8bc6e188acada9fb8ddae7b93b891ef796668a5263fb
c242607d4a58b6dc9377975f7111b5e4bd194005a72764c2fb3c15e6a7059847
d58a5a4bc78f9e619c67ed7d129314018ccc3a4cb334732b73eb1dd93ce11733
dfcf56d8662e3b5b4dfb7f985b345971d76b97d5e99f985e72d22b18620d0dec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
fe65faef556bfc4f04e6f7455ea9e228742e697170990bbe4ae27c55a64f9857

uzi.tguzi.com Open in urlscan Pro 67.212.173.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

84 %HTTPS

60 %IPv6

20 Domains

23 Subdomains

20 IPs

3 Countries

2868 kBTransfer

3698 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

uzi.tguzi.com Open in urlscan Pro
67.212.173.76 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

84 %
HTTPS

60 %
IPv6

20
Domains

23
Subdomains

20
IPs

3
Countries

2868 kB
Transfer

3698 kB
Size

3
Cookies

38 HTTP transactions
1 data transactions