my.contentrightnow.com Open in urlscan Pro
67.212.184.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newsusaint-cslkmu.ow1n.xyz/
Effective URL:
https://my.contentrightnow.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=be940e60...
Submission: On November 19 via api (November 19th 2023, 2:35:46 pm UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 14 domains to perform 27 HTTP transactions. The main IP is 67.212.184.147, located in and belongs to . The main domain is my.contentrightnow.com.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time my.contentrightnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	89.117.52.33 89.117.52.33	51167 (CONTABO) (CONTABO)
2	209.126.85.168 209.126.85.168	40021 (NL-811-40021) (NL-811-40021)
6	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	154.53.45.45 154.53.45.45	40021 (NL-811-40021) (NL-811-40021)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.219.110.202 52.219.110.202	16509 (AMAZON-02) (AMAZON-02)
1 1	64.227.23.114 64.227.23.114	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	67.212.184.147 67.212.184.147	() ()
27	15

2 89.117.52.33 (Düsseldorf, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: ip-33-52-117-89.static.contabo.net

newsusaint-cslkmu.ow1n.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.126.85.168 (United States)

ASN40021 (NL-811-40021, US)
PTR: vmi964601.contaboserver.net

lacabrahd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
admin3.jpanel.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.53.45.45 (St Louis, United States)

ASN40021 (NL-811-40021, US)
PTR: vmi1503034.contaboserver.net

links-api.lat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.110.202 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

newsamericans89.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.23.114 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

country.contentrightnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.212.184.147 (None, )

ASN- ()

my.contentrightnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	998 KB
3	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 207	32 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
2	contentrightnow.com 1 redirects country.contentrightnow.com my.contentrightnow.com	4 KB
2	amung.us whos.amung.us — Cisco Umbrella Rank: 16137	60 B
2	gstatic.com fonts.gstatic.com www.gstatic.com Failed	31 KB
2	ow1n.xyz 1 redirects newsusaint-cslkmu.ow1n.xyz	1 KB
1	jpanel.me admin3.jpanel.me	448 B
1	amazonaws.com newsamericans89.s3.us-east-2.amazonaws.com	1 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	25 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	links-api.lat links-api.lat
1	lacabrahd.com lacabrahd.com	2 KB
27	14

	Domain	Requested by
6	www.youtube.com	newsusaint-cslkmu.ow1n.xyz www.youtube.com
3	jnn-pa.googleapis.com	www.youtube.com
2	whos.amung.us
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	newsusaint-cslkmu.ow1n.xyz	1 redirects
1	my.contentrightnow.com	admin3.jpanel.me
1	country.contentrightnow.com	1 redirects
1	admin3.jpanel.me	newsamericans89.s3.us-east-2.amazonaws.com
1	newsamericans89.s3.us-east-2.amazonaws.com	newsusaint-cslkmu.ow1n.xyz
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	links-api.lat	newsusaint-cslkmu.ow1n.xyz
1	lacabrahd.com	newsusaint-cslkmu.ow1n.xyz
0	www.gstatic.com Failed	www.youtube.com
27	17

This site contains no links.

Subject Issuer	Validity	Valid
*.ow1n.xyz R3	`2023-11-16` - `2024-02-14`	3 months	crt.sh
lacabrahd.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
webdisk.links-api.lat R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-09`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-09-17`	a year	crt.sh
admin3.jpanel.me cPanel, Inc. Certification Authority	`2023-10-30` - `2024-01-28`	3 months	crt.sh
my.contentrightnow.com R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://my.contentrightnow.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=be940e60a57a48286df3e1938740991b&data4=84.19.175.184&1=6508
Frame ID: 2D3C48F32885DDB6A02A4888F32D26D9
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cl3b7dDBLpo
Frame ID: 4A6C6A653C78366B9DC854627D4B7BAA
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click "Allow" To Continue

Page URL History Show full URLs

http://newsusaint-cslkmu.ow1n.xyz/ HTTP 301
https://newsusaint-cslkmu.ow1n.xyz/ Page URL
https://newsamericans89.s3.us-east-2.amazonaws.com/youtube.html Page URL
https://country.contentrightnow.com/?k=a15e9e0bb244f36d663f52963d76532f&type=mainstream&subtype=global&data1=wander HTTP 302
https://my.contentrightnow.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream... Page URL

Page Statistics

27
Requests

85 %
HTTPS

60 %
IPv6

14
Domains

17
Subdomains

15
IPs

2
Countries

1114 kB
Transfer

3536 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newsusaint-cslkmu.ow1n.xyz/ HTTP 301
https://newsusaint-cslkmu.ow1n.xyz/ Page URL
https://newsamericans89.s3.us-east-2.amazonaws.com/youtube.html Page URL
https://country.contentrightnow.com/?k=a15e9e0bb244f36d663f52963d76532f&type=mainstream&subtype=global&data1=wander HTTP 302
https://my.contentrightnow.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=be940e60a57a48286df3e1938740991b&data4=84.19.175.184&1=6508 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://newsusaint-cslkmu.ow1n.xyz/ HTTP 301
https://newsusaint-cslkmu.ow1n.xyz/

Request Chain 10

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
newsusaint-cslkmu.ow1n.xyz/
Redirect Chain

http://newsusaint-cslkmu.ow1n.xyz/
https://newsusaint-cslkmu.ow1n.xyz/

1 KB
1 KB

106ms
38ms

Document
text/html

89.117.52.33
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://newsusaint-cslkmu.ow1n.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.117.52.33 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: ip-33-52-117-89.static.contabo.net
Software: nginx/1.24.0 / PHP/8.2.4
Resource Hash: 41e4bd26ac0cd971dcae1cf22ac3e492d64e96462805ca78c209213db06312bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 1072
Content-Type: text/html; charset=UTF-8
Date: Sun, 19 Nov 2023 14:35:41 GMT
Server: nginx/1.24.0
X-Powered-By: PHP/8.2.4

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Sun, 19 Nov 2023 14:35:41 GMT
Location: https://newsusaint-cslkmu.ow1n.xyz/
Server: nginx/1.24.0

GET
H/1.1 200
OK fbmultiplepais Show response
lacabrahd.com/api/scripts/ 2 KB
2 KB 731ms
277ms Script
application/javascript 209.126.85.168
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://lacabrahd.com:3069/api/scripts/fbmultiplepais?contador=alexito47k&owner=alexitoh&isbot=false&before=true&selectedcountry=
Requested by: Host: newsusaint-cslkmu.ow1n.xyz
URL: https://newsusaint-cslkmu.ow1n.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.85.168 , United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi964601.contaboserver.net
Software: / Express
Resource Hash: 00586a1635fd7bb5db8f90175f5df7992522b03006f08aefcb08a014ed0ed124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsusaint-cslkmu.ow1n.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 19 Nov 2023 14:35:41 GMT
Connection: keep-alive
X-Powered-By: Express
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 cl3b7dDBLpo Show response
www.youtube.com/embed/ Frame 4A6C 90 KB
40 KB 149ms
96ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cl3b7dDBLpo

Requested by

Host: newsusaint-cslkmu.ow1n.xyz
URL: https://newsusaint-cslkmu.ow1n.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

286287cdc374d185def92cd66b10f80e5512eb5b77cd1ae0d1fdf0688b4301db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsusaint-cslkmu.ow1n.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 14:35:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 404
Not Found data.php
links-api.lat/src/ 0
0 449ms
139ms Image
text/html 154.53.45.45
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links-api.lat/src/data.php
Requested by: Host: newsusaint-cslkmu.ow1n.xyz
URL: https://newsusaint-cslkmu.ow1n.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 154.53.45.45 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1503034.contaboserver.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsusaint-cslkmu.ow1n.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 www-player.css
www.youtube.com/s/player/190c935f/ Frame 4A6C 378 KB
48 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cl3b7dDBLpo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27def9acb53f27287b73f15b98b424b2227894d98f2a0c238f3e5e3b2843af2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cl3b7dDBLpo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48795
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Nov 2024 14:26:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A6C 15 KB
16 KB 99ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cl3b7dDBLpo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 227325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4A6C 15 KB
15 KB 104ms
28ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cl3b7dDBLpo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 322454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:01:27 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame 4A6C 57 KB
18 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cl3b7dDBLpo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65030c1bb33a7d3b00574b46d56c6fefc6e4430bf4f2b23de425078585c0ec50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cl3b7dDBLpo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 118986
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17875
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 17 Nov 2024 05:32:35 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/190c935f/www-embed-player.vflset/ Frame 4A6C 322 KB
96 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cl3b7dDBLpo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b794c3bb91599f949ed26b4cd85a2a068629b8770aee5be43d6d352f676e13e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cl3b7dDBLpo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 13:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98594
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 18 Nov 2024 13:14:49 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame 4A6C 2 MB
763 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cl3b7dDBLpo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65d9d35ac0df81d0440f783d9ff8a084b17c6aa133228424f468eb240c085a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cl3b7dDBLpo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 04:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 781301
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 17 Nov 2024 04:19:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4A6C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
243 B

30ms
29ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cl3b7dDBLpo

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

193cd75f1edf34355db36f42f186cbfa73f8ce4bc4bcfe1954385db7e3551449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 19 Nov 2023 14:35:41 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4A6C 29 B
495 B 87ms
23ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:35:30 GMT
x-content-type-options: nosniff
age: 11
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 19 Nov 2023 14:50:30 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 89ms
30ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 19 Nov 2023 14:35:41 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4A6C 71 KB
32 KB 38ms
37ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5290b1e2554f26eb5b8ce9100484e012cf12590c875be193ad53724544e0e8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 19 Nov 2023 14:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32739
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/ Frame 4A6C 116 KB
33 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266f10bcd8445642b63ba1729f7ef7c99816684782ccf290eb924d3c675e5072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cl3b7dDBLpo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 11:01:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33664
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 02:47:17 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 17 Nov 2024 11:01:02 GMT

GET
H2 200 lYY52XQrUlH64Wh-f-QMzQSikq1nuSlNPE5Z4_DU2e4.js Show response
www.google.com/js/th/ Frame 4A6C 39 KB
15 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/lYY52XQrUlH64Wh-f-QMzQSikq1nuSlNPE5Z4_DU2e4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/190c935f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

958639d9742b5251fae1687e7fe40ccd04a292ad67b9294d3c4e59e3f0d4d9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15149
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Nov 2024 10:47:25 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/cl3b7dDBLpo/ Frame 4A6C 25 KB
25 KB 115ms
23ms Image
image/webp 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/cl3b7dDBLpo/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cl3b7dDBLpo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37cd37b363c2ed377c84fcb663045214ad371825c00e77688ec1d9b802d4249f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:31:06 GMT
x-content-type-options: nosniff
age: 275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25270
x-xss-protection: 0
server: sffe
etag: "1541095309"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 19 Nov 2023 16:31:06 GMT

GET
DATA 200
OK truncated
/ Frame 4A6C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pZG_3NR0sJxfI53myVzQ_OjFh5ya0uU-fWOLja_oR12TnHiWk7JktAB5HqSeLb7Ua7-J1VOF_Q=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 4A6C 3 KB
3 KB 94ms
23ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/pZG_3NR0sJxfI53myVzQ_OjFh5ya0uU-fWOLja_oR12TnHiWk7JktAB5HqSeLb7Ua7-J1VOF_Q=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cl3b7dDBLpo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bb17b4a6ea7bb6c1396fffcfbb116d5e08c6a79db6fe123df4ebc6a74e3ea851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 13:43:40 GMT
x-content-type-options: nosniff
age: 3121
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3042
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 20 Nov 2023 13:43:40 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 30ms
29ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 19 Nov 2023 14:35:42 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4A6C 0
0

GET cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4A6C 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 4A6C 0
0

GET
H2 200 /
whos.amung.us/pingjs/ 32 B
32 B 212ms
144ms Image
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=alexito47k&t=La%20Chancla&c=s&x=https://google.com/&y=https://google.com/&a=-1&d=0&v=27&r=817
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsusaint-cslkmu.ow1n.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:35:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82892e647e935d92-FRA
content-type: text/javascript;charset=UTF-8

GET
H2 200 /
whos.amung.us/pingjs/ 28 B
28 B 210ms
142ms Image
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whos.amung.us/pingjs/?k=jojoog&t=Drakgon%20Industries&c=s&x=https://twitter.com/&y=https://twitter.com/&a=-1&d=0&v=27&r=5214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsusaint-cslkmu.ow1n.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:35:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82892e647e965d92-FRA
content-type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK youtube.html Show response
newsamericans89.s3.us-east-2.amazonaws.com/ 843 B
1 KB 390ms
131ms Document
text/html 52.219.110.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://newsamericans89.s3.us-east-2.amazonaws.com/youtube.html
Requested by: Host: newsusaint-cslkmu.ow1n.xyz
URL: https://newsusaint-cslkmu.ow1n.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.110.202 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: c2eddc76f70652f71fc90d4a4fcf3ba6f02d9856759576c0ed5cf012a6a4dc99

Request headers

Referer: https://newsusaint-cslkmu.ow1n.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 843
Content-Type: text/html
Date: Sun, 19 Nov 2023 14:35:44 GMT
ETag: "6cd5fd0ef25bf5cef1e7dc4805a9171d"
Last-Modified: Thu, 16 Nov 2023 01:28:40 GMT
Server: AmazonS3
x-amz-id-2: HKgmK21R3jORmC0bFNWE/rE0tyAGPZk4Q0a1lK6yRUJbwB5EU+AUs3oMKESx0QsjQS+NsMzU/KY=
x-amz-request-id: JAZG5WJMZMN9962D
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK index.php
admin3.jpanel.me/manager/ 136 B
448 B 733ms
136ms Script
application/javascript 209.126.85.168
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://admin3.jpanel.me/manager/index.php?username=alexitoh&counter=alexito4k
Requested by: Host: newsamericans89.s3.us-east-2.amazonaws.com
URL: https://newsamericans89.s3.us-east-2.amazonaws.com/youtube.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.126.85.168 , United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi964601.contaboserver.net
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsamericans89.s3.us-east-2.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Nov 2023 14:35:44 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive

GET
H2

200

Primary Request / Show response
my.contentrightnow.com/
Redirect Chain

https://country.contentrightnow.com/?k=a15e9e0bb244f36d663f52963d76532f&type=mainstream&subtype=global&data1=wander
https://my.contentrightnow.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=be940e60a57a48286df3e1938740991b&data4=84.19.175.184&1=6508

8 KB
3 KB

787ms
158ms

Document
text/html

67.212.184.147

General

Check archive.org

Show headers Download Go to

Full URL: https://my.contentrightnow.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=be940e60a57a48286df3e1938740991b&data4=84.19.175.184&1=6508
Requested by: Host: admin3.jpanel.me
URL: https://admin3.jpanel.me/manager/index.php?username=alexitoh&counter=alexito4k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.212.184.147 -, , ASN (),
Reverse DNS
Software: nginx / PHP/8.2.12
Resource Hash: c71115c06ac7533fc06281339853e216b7157a403cfdcaeb105123d7235e0b5a

Request headers

Referer: https://newsamericans89.s3.us-east-2.amazonaws.com/youtube.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 19 Nov 2023 14:35:46 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.2.12

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 19 Nov 2023 14:35:45 GMT
Location: https://my.contentrightnow.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=be940e60a57a48286df3e1938740991b&data4=84.19.175.184&1=6508
Server: nginx/1.16.1 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Domain: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: YGH2zc32B64
			.youtube.com/	1970-01-20 20:39:16	Name: VISITOR_INFO1_LIVE Value: 6DRZ52cf1wU

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://newsusaint-cslkmu.ow1n.xyz/(Line 26) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://links-api.lat/src/data.php Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin3.jpanel.me
country.contentrightnow.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
lacabrahd.com
links-api.lat
my.contentrightnow.com
newsamericans89.s3.us-east-2.amazonaws.com
newsusaint-cslkmu.ow1n.xyz
static.doubleclick.net
whos.amung.us
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
jnn-pa.googleapis.com
www.gstatic.com
www.youtube.com
154.53.45.45
209.126.85.168
2606:4700:10::ac43:88d
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200a
52.219.110.202
64.227.23.114
67.212.184.147
89.117.52.33
00586a1635fd7bb5db8f90175f5df7992522b03006f08aefcb08a014ed0ed124
193cd75f1edf34355db36f42f186cbfa73f8ce4bc4bcfe1954385db7e3551449
266f10bcd8445642b63ba1729f7ef7c99816684782ccf290eb924d3c675e5072
286287cdc374d185def92cd66b10f80e5512eb5b77cd1ae0d1fdf0688b4301db
37cd37b363c2ed377c84fcb663045214ad371825c00e77688ec1d9b802d4249f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41e4bd26ac0cd971dcae1cf22ac3e492d64e96462805ca78c209213db06312bc
5290b1e2554f26eb5b8ce9100484e012cf12590c875be193ad53724544e0e8c5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b794c3bb91599f949ed26b4cd85a2a068629b8770aee5be43d6d352f676e13e
65030c1bb33a7d3b00574b46d56c6fefc6e4430bf4f2b23de425078585c0ec50
65d9d35ac0df81d0440f783d9ff8a084b17c6aa133228424f468eb240c085a33
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
958639d9742b5251fae1687e7fe40ccd04a292ad67b9294d3c4e59e3f0d4d9ee
bb17b4a6ea7bb6c1396fffcfbb116d5e08c6a79db6fe123df4ebc6a74e3ea851
c2eddc76f70652f71fc90d4a4fcf3ba6f02d9856759576c0ed5cf012a6a4dc99
c71115c06ac7533fc06281339853e216b7157a403cfdcaeb105123d7235e0b5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f27def9acb53f27287b73f15b98b424b2227894d98f2a0c238f3e5e3b2843af2

my.contentrightnow.com Open in urlscan Pro 67.212.184.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

27 Requests

85 %HTTPS

60 %IPv6

14 Domains

17 Subdomains

15 IPs

2 Countries

1114 kBTransfer

3536 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

2 Console Messages

my.contentrightnow.com Open in urlscan Pro
67.212.184.147 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

85 %
HTTPS

60 %
IPv6

14
Domains

17
Subdomains

15
IPs

2
Countries

1114 kB
Transfer

3536 kB
Size

2
Cookies

27 HTTP transactions
1 data transactions