urlscan.io logo urlscan.io
SecurityTrails logo

www.romainthomas.fr Open in urlscan Pro
2606:50c0:8001::153  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Submission: On March 01 via manual from JP — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 47 HTTP transactions. The main IP is 2606:50c0:8001::153, located in United States and belongs to FASTLY, US. The main domain is www.romainthomas.fr.
TLS certificate: Issued by R3 on January 3rd 2024. Valid for: 3 months.
This is the only time www.romainthomas.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)
www.romainthomas.fr
8    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    195.154.171.95 (France)

ASN12876 (Online SAS, FR)
PTR: piloupilou.sstic.org
static.sstic.org
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
18 romainthomas.fr
www.romainthomas.fr
1 MB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 66
1009 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
jnn-pa.googleapis.com — Cisco Umbrella Rank: 218
42 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
78 KB
4 sstic.org
static.sstic.org
2 MB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
static.doubleclick.net — Cisco Umbrella Rank: 259
1 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 231
2 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89
7 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
20 KB
47 9
Domain Requested by
18 www.romainthomas.fr www.romainthomas.fr
8 www.youtube.com www.romainthomas.fr
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
4 static.sstic.org www.romainthomas.fr
3 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.googleapis.com www.romainthomas.fr
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
47 12

This site contains links to these domains. Also see Links.

Domain
www.blackhat.com
www.sstic.org
github.com
Subject Issuer Validity Valid
www.romainthomas.fr
R3		 2024-01-03 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
static.sstic.org
R3		 2024-01-28 -
2024-04-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Frame ID: C7274048093FCC46E1815D14C574BC49
Requests: 32 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zcFg0ZJ2E_A
Frame ID: AAF56917D33A1D7A38CEC95D28BE5932
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Romain Thomas

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

47
Requests

96 %
HTTPS

92 %
IPv6

9
Domains

12
Subdomains

13
IPs

3
Countries

4728 kB
Transfer

8522 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/ 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
a1184a5479833b4216847dd42b1fbe1dada086d5577931fbb8eda4ecac00e9bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
3373
content-type
text/html; charset=utf-8
date
Fri, 01 Mar 2024 21:21:24 GMT
etag
W/"63b548bf-37e4"
expires
Fri, 01 Mar 2024 21:31:24 GMT
last-modified
Wed, 04 Jan 2023 09:37:03 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
17b73860792ed6c09ca744ccdd63ec1110d40879
x-github-request-id
670A:0E70:19880F6:19FFB22:65E246D3
x-origin-cache
HIT
x-proxy-cache
MISS
x-served-by
cache-lcy-eglc8600060-LCY
x-timer
S1709328084.049236,VS0,VE135
fa-all.min.css
www.romainthomas.fr/css/ 		486 KB
83 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/css/fa-all.min.css
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
5516ebc12df03cef152f52c7f87813515407e7f6dc852dfb1b5a4569ad2a541b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
b044d22781846bee6ad21a1ebe03b133bde66dc1
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
84149
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:02 GMT
server
GitHub.com
x-github-request-id
7F2E:0DFF:2E16086:2EF2085:65E246D4
x-timer
S1709328084.206696,VS0,VE127
etag
W/"63b548be-79941"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 01 Mar 2024 21:31:24 GMT
glide.core.min.css
www.romainthomas.fr/vendor/@glidejs/glide/dist/css/ 		788 B
529 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/vendor/@glidejs/glide/dist/css/glide.core.min.css
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
12ff32da630bfe019ae0b1556603693138cac23df8ab8a42e0372c7967916fdc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
7e9661ae9420670182762a61ae3e32fc535c684a
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
347
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
92AE:0E18:2C11028:2CE3AD9:65E246D4
x-timer
S1709328084.207363,VS0,VE101
etag
W/"63b548c0-314"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Mar 2024 21:31:24 GMT
glide.theme.min.css
www.romainthomas.fr/vendor/@glidejs/glide/dist/css/ 		1 KB
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/vendor/@glidejs/glide/dist/css/glide.theme.min.css
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
b30fc988f395d597dc5e3a81253d6fa9a038bc119e8aa9fe6fb3c3855bf8380e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
872ec914559d8baec710aeee1b56a0b9afffa393
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
512
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
B5DA:0E33:515B5DA:52E681F:65E246D4
x-timer
S1709328084.207497,VS0,VE125
etag
W/"63b548c0-50d"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Mar 2024 21:31:24 GMT
theme.bundle.css
www.romainthomas.fr/css/ 		422 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/css/theme.bundle.css
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
fb1c202b4c6a9618b437a0dc65a6dc58dbea90faf5b9d14a00cc7fdb08d224e8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
abdde2cac4c6c9f30c93e87ef6a477129475d2f6
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
63067
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:02 GMT
server
GitHub.com
x-github-request-id
DBB0:32F9E7:161354:1677E8:65E246D4
x-timer
S1709328084.207378,VS0,VE138
etag
W/"63b548be-69693"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Mar 2024 21:31:24 GMT
bootstrap.min.js
www.romainthomas.fr/vendor/bootstrap/dist/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/vendor/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
9e89a950ced071d28bcd0449fd5bcc500e8cf98a8438c0af94496da2b2a02d4a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
5bb43a68f71b4c48c5db8908420a78fe83bb3e34
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
16095
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
18BE:0E10:4339550:4471470:65E246D4
x-timer
S1709328084.207513,VS0,VE121
etag
W/"63b548c0-eacc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 01 Mar 2024 21:31:24 GMT
headroom.min.js
www.romainthomas.fr/vendor/headroom.js/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/vendor/headroom.js/dist/headroom.min.js
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
bd084fe66fa1ecbdcb1e80f529d9943db50cd4556acc901da2003ce272a7fae7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
32f38b03eff56fc12a2a4e710e68386d78e5f79e
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
1485
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
BBE0:0DE3:7D4F3C9:7FA449E:65E246D4
x-timer
S1709328084.207648,VS0,VE111
etag
W/"63b548c0-10bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 01 Mar 2024 21:31:24 GMT
on-screen.umd.min.js
www.romainthomas.fr/vendor/onscreen/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/vendor/onscreen/dist/on-screen.umd.min.js
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
477bb4166eb3c9bb122d3c3091a0a87e018713e809cca69fef9eab1834977c79

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
7ec541e4dab4247ef7e4b9cc8ad22dbad3aca757
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
1580
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
573C:0E66:14A8CC3:150DC49:65E246D4
x-timer
S1709328084.207183,VS0,VE107
etag
W/"63b548c0-1428"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 01 Mar 2024 21:31:24 GMT
jarallax.min.js
www.romainthomas.fr/vendor/jarallax/dist/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/vendor/jarallax/dist/jarallax.min.js
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
4d3372431085076b2487cebb2b1de02760bc524ff58a8e3a36c648d0459b2102

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
6ea7abab1f1e42621e31d67798f61e082b0681be
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
4939
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
E23C:0DB8:16E43D7:175212F:65E246D4
x-timer
S1709328084.207174,VS0,VE118
etag
W/"63b548c0-3ad9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 01 Mar 2024 21:31:24 GMT
smooth-scroll.polyfills.min.js
www.romainthomas.fr/vendor/smooth-scroll/dist/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
404aebb31c77fd47d55cba01deb7ca6ac6b382b55d8a096025b388f2b166bcbb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
339a94fc5822c5a79ec55be61770fdd1fb4ba446
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
2701
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
BEC4:0DB6:12C587B:1320FAA:65E246D4
x-timer
S1709328084.207162,VS0,VE115
etag
W/"63b548c0-195e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 01 Mar 2024 21:31:24 GMT
theme.bundle.js
www.romainthomas.fr/js/ 		777 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/js/theme.bundle.js
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
33bdb05d4b42f52e354261badf39cc46da25e70a2da759ee133330d7d6087241

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
2816479705b5f9dd3d97c9a289ea3fc287385cfa
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
435
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:02 GMT
server
GitHub.com
x-github-request-id
09D8:0E65:55ECE41:5781F8D:65E246D4
x-timer
S1709328084.208454,VS0,VE143
etag
W/"63b548be-309"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 01 Mar 2024 21:31:24 GMT
glide.min.js
www.romainthomas.fr/vendor/@glidejs/glide/dist/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/vendor/@glidejs/glide/dist/glide.min.js
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
18f44ff962c3ed7571cd763b25c8630f138ab45a9acfa42bb8a14703d6769717

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
d12918950f84d2efb26e9bbac8321d24cb8a36ae
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
6740
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
573A:0E72:6B0A0E1:6D047EF:65E246D4
x-timer
S1709328084.223304,VS0,VE120
etag
W/"63b548c0-5af2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Mar 2024 21:31:24 GMT
anime.min.js
www.romainthomas.fr/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/js/anime.min.js
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
29da8443ee27086df3893c772e7cc3ff9620b84c
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
4884
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:02 GMT
server
GitHub.com
x-github-request-id
91C2:0E70:1988126:19FFB50:65E246D4
x-timer
S1709328084.223305,VS0,VE118
etag
W/"63b548be-2be1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Mar 2024 21:31:24 GMT
zcFg0ZJ2E_A
www.youtube.com/embed/ Frame AAF5 		89 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/zcFg0ZJ2E_A
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9da1bffe5880ecb2f13d1c5311643878aeee5f2d3bd951bcad84825ea222fa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.romainthomas.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Mar 2024 21:21:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
droidguard_a_deep_dive_into_safetynet.mp4
static.sstic.org/videos2022/1080p/ 		54 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.sstic.org/videos2022/1080p/droidguard_a_deep_dive_into_safetynet.mp4
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.154.171.95 , France, ASN12876 (Online SAS, FR),
Reverse DNS
piloupilou.sstic.org
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.romainthomas.fr/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 01 Mar 2024 21:21:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 02 Jun 2022 12:59:16 GMT
Server
Apache
ETag
"7df518c-5e07692ba5100"
X-Frame-Options
sameorigin
Content-Type
video/mp4
Content-Range
bytes 0-132075915/132075916
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=50, max=100
Content-Length
132075916
X-XSS-Protection
1; mode=block
css2
fonts.googleapis.com/ 		8 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fira+Code:wght@200;400;500;600;700&display=swap
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/css/theme.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fdacf10c93ab7a3919378a89a7059408145a85019a69ec1fd381ec14e3dc71b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Mar 2024 21:21:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Mar 2024 21:21:24 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700&display=swap
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/css/theme.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79e32874961712e9cb9d188aa8846162af3a26923fb57a483a068f4b1a60f2fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.romainthomas.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Mar 2024 21:20:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Mar 2024 21:21:24 GMT
www-player.css
www.youtube.com/s/player/31eb286a/ Frame AAF5 		366 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31eb286a/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zcFg0ZJ2E_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/zcFg0ZJ2E_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 19:23:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
7057
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47553
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Mar 2025 19:23:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AAF5 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zcFg0ZJ2E_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:03:23 GMT
x-content-type-options
nosniff
age
303481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 09:03:23 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AAF5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zcFg0ZJ2E_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 14:26:30 GMT
x-content-type-options
nosniff
age
111294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Feb 2025 14:26:30 GMT
embed.js
www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/ Frame AAF5 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zcFg0ZJ2E_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2aef7e90e9a2b67ed2ea1c6a1490ab31fdb7d23a7a848351178cf7a249745506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/zcFg0ZJ2E_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:35:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
218733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16858
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 08:35:51 GMT
www-embed-player.js
www.youtube.com/s/player/31eb286a/www-embed-player.vflset/ Frame AAF5 		319 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zcFg0ZJ2E_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/zcFg0ZJ2E_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 06:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
54783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97346
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Mar 2025 06:08:21 GMT
base.js
www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/ Frame AAF5 		2 MB
779 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zcFg0ZJ2E_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da34e50910889df6447e4db1d3821327234c11167a1355c6dae56ff7e9f38abd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/zcFg0ZJ2E_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
797018
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 08:35:51 GMT
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
Ananda.ttf
www.romainthomas.fr/fonts/ 		201 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/fonts/Ananda.ttf
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/css/theme.bundle.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
c9cc5b0076bd46d55580db486c53bf460e748d078e7678e51de49d8bb7275466

Request headers

Referer
https://www.romainthomas.fr/css/theme.bundle.css
Origin
https://www.romainthomas.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
b5ae920363f0673d6f708ecf03c73e02c23ee9f1
date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
54406
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:02 GMT
server
GitHub.com
x-github-request-id
7F04:0E7F:6B57F34:6D5B22D:65E246D4
x-timer
S1709328085.500218,VS0,VE139
etag
W/"63b548be-32544"
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Mar 2024 21:31:24 GMT
fa-regular-400.woff2
www.romainthomas.fr/webfonts/ 		380 KB
380 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/webfonts/fa-regular-400.woff2
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/css/fa-all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e

Request headers

Referer
https://www.romainthomas.fr/css/fa-all.min.css
Origin
https://www.romainthomas.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
138d87032949739bc5ea39b6c1ed69be9aef09d1
date
Fri, 01 Mar 2024 21:21:24 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
388900
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
51DA:32F9E7:16139F:16782A:65E246D4
x-timer
S1709328084.499991,VS0,VE170
etag
"63b548c0-5ef24"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Mar 2024 21:31:24 GMT
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.romainthomas.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 17:14:35 GMT
x-content-type-options
nosniff
age
360409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Feb 2025 17:14:35 GMT
fa-solid-900.woff2
www.romainthomas.fr/webfonts/ 		321 KB
322 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/webfonts/fa-solid-900.woff2
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/css/fa-all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

Request headers

Referer
https://www.romainthomas.fr/css/fa-all.min.css
Origin
https://www.romainthomas.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
813e1af5c23f601827bff318b77046d130145055
date
Fri, 01 Mar 2024 21:21:24 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
329204
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
C8CC:0DE3:7D4F41D:7FA44EF:65E246D4
x-timer
S1709328084.499806,VS0,VE120
etag
"63b548c0-505f4"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Mar 2024 21:31:24 GMT
fa-duotone-900.woff2
www.romainthomas.fr/webfonts/ 		420 KB
421 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/webfonts/fa-duotone-900.woff2
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/css/fa-all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
6f28dce91f45bc4687582137bb5d82d9771efc774e3b2b83c30018469d191ad8

Request headers

Referer
https://www.romainthomas.fr/css/fa-all.min.css
Origin
https://www.romainthomas.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
c4376a6a9884b255cb29bb7fe03f701492e072e1
date
Fri, 01 Mar 2024 21:21:24 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
430200
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
9C66:0E10:43395AC:44714B6:65E246D4
x-timer
S1709328084.499660,VS0,VE142
etag
"63b548c0-69078"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Mar 2024 21:31:24 GMT
fa-brands-400.woff2
www.romainthomas.fr/webfonts/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.romainthomas.fr/webfonts/fa-brands-400.woff2
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/css/fa-all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
3701cbff3acccd80b1f2eede4311050514f7a64c2039eb77a77368fcd6e3de28

Request headers

Referer
https://www.romainthomas.fr/css/fa-all.min.css
Origin
https://www.romainthomas.fr
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id
0223fd3e738213dca16c69983beaf53b83c865f2
date
Fri, 01 Mar 2024 21:21:24 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
105768
x-served-by
cache-lcy-eglc8600060-LCY
last-modified
Wed, 04 Jan 2023 09:37:04 GMT
server
GitHub.com
x-github-request-id
C8E2:32F9E7:16139F:167829:65E246D4
x-timer
S1709328084.499561,VS0,VE121
etag
"63b548c0-19d28"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Mar 2024 21:31:24 GMT
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
droidguard_a_deep_dive_into_safetynet.mp4
static.sstic.org/videos2022/1080p/ 		86 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.sstic.org/videos2022/1080p/droidguard_a_deep_dive_into_safetynet.mp4
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.154.171.95 , France, ASN12876 (Online SAS, FR),
Reverse DNS
piloupilou.sstic.org
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.romainthomas.fr/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Range
bytes=129859584-

Response headers

Date
Fri, 01 Mar 2024 21:21:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 02 Jun 2022 12:59:16 GMT
Server
Apache
ETag
"7df518c-5e07692ba5100"
X-Frame-Options
sameorigin
Content-Type
video/mp4
Content-Range
bytes 129859584-132075915/132075916
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=50, max=100
Content-Length
2216332
X-XSS-Protection
1; mode=block
id
googleads.g.doubleclick.net/pagead/ Frame AAF5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zcFg0ZJ2E_A
Protocol
H2
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e6c8398644532a9c1f73da38e0cc408dc48287c6702c3fe5c2a7190656bfde3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 01 Mar 2024 21:21:24 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame AAF5 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 21:15:40 GMT
x-content-type-options
nosniff
age
344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Mar 2024 21:30:40 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 01 Mar 2024 21:21:24 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame AAF5 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13651b6b76f340d4e8d1c476599a47a73e6dd090295ce34ef11f773ee3c6e9e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40793
x-xss-protection
0
remote.js
www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/ Frame AAF5 		118 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a3601d494cc044b3e00e6e753b9e19534d338a2a0652581e75916f71a0b795c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/zcFg0ZJ2E_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 08:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
218566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Feb 2025 08:38:38 GMT
QIgJXlTW_ocH5BKR4VvT459F7KnrK51w4wqraUAmDYI.js
www.google.com/js/th/ Frame AAF5 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/QIgJXlTW_ocH5BKR4VvT459F7KnrK51w4wqraUAmDYI.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4088095e54d6fe8707e41291e15bd3e39f45eca9eb2b9d70e30aab6940260d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 10:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
40583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19860
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 10:05:01 GMT
hqdefault.webp
i.ytimg.com/vi_webp/zcFg0ZJ2E_A/ Frame AAF5 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/zcFg0ZJ2E_A/hqdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zcFg0ZJ2E_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88906e1a990100705c944769215db44465f083fc5cba87475b8765b1f396e515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 21:21:24 GMT
x-content-type-options
nosniff
server
sffe
etag
"1663186454"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6608
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 01 Mar 2024 23:21:24 GMT
truncated
/ Frame AAF5 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
AIdro_lBOofKCN-f146-8sf5mCN6_-eK_0XXEAafkL_kJA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame AAF5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIdro_lBOofKCN-f146-8sf5mCN6_-eK_0XXEAafkL_kJA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zcFg0ZJ2E_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6c76790c14fecf58042802ad30053cf76dbc94784badf56ef8c82f51b6142576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 17:50:40 GMT
x-content-type-options
nosniff
age
12644
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1846
x-xss-protection
0
server
fife
etag
"v12d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 02 Mar 2024 17:50:40 GMT
droidguard_a_deep_dive_into_safetynet.mp4
static.sstic.org/videos2022/1080p/ 		0
0
droidguard_a_deep_dive_into_safetynet.mp4
static.sstic.org/videos2022/1080p/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.sstic.org/videos2022/1080p/droidguard_a_deep_dive_into_safetynet.mp4
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.154.171.95 , France, ASN12876 (Online SAS, FR),
Reverse DNS
piloupilou.sstic.org
Software
Apache /
Resource Hash
100184e8ea230ef73e43be70a4cba188935c950255d6362826992a69a36a26df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.romainthomas.fr/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Range
bytes=129925120-

Response headers

Date
Fri, 01 Mar 2024 21:21:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 02 Jun 2022 12:59:16 GMT
Server
Apache
ETag
"7df518c-5e07692ba5100"
X-Frame-Options
sameorigin
Content-Type
video/mp4
Content-Range
bytes 129925120-132075915/132075916
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=50, max=100
Content-Length
2150796
X-XSS-Protection
1; mode=block
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame AAF5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 21:21:24 GMT
generate_204
www.youtube.com/ Frame AAF5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?JpHiCA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zcFg0ZJ2E_A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/embed/zcFg0ZJ2E_A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 21:21:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Fri, 01 Mar 2024 21:21:24 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame AAF5 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/player_ias.vflset/fr_FR/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5fff8df05f0599caef34d958c0306fc6f6dab608e94e357540ddfe1412f1167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Fri, 01 Mar 2024 21:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/122/ Frame AAF5 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/122/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 07:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14711
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 16:03:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 02 Mar 2024 07:32:29 GMT
droidguard_a_deep_dive_into_safetynet.mp4
static.sstic.org/videos2022/1080p/ 		133 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.sstic.org/videos2022/1080p/droidguard_a_deep_dive_into_safetynet.mp4
Requested by
Host: www.romainthomas.fr
URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.154.171.95 , France, ASN12876 (Online SAS, FR),
Reverse DNS
piloupilou.sstic.org
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.romainthomas.fr/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Range
bytes=32768-

Response headers

Date
Fri, 01 Mar 2024 21:21:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 02 Jun 2022 12:59:16 GMT
Server
Apache
ETag
"7df518c-5e07692ba5100"
X-Frame-Options
sameorigin
Content-Type
video/mp4
Content-Range
bytes 32768-132075915/132075916
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=50, max=99
Content-Length
132043148
X-XSS-Protection
1; mode=block
log_event
www.youtube.com/youtubei/v1/ Frame AAF5 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31eb286a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-Goog-Request-Time
1709328086696
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/zcFg0ZJ2E_A
X-YouTube-Client-Version
1.20240227.01.00
X-YouTube-Time-Zone
Europe/Paris
X-Goog-Visitor-Id
CgtyUFVxOUhFLXlxayjUjYmvBjIOCgJGUhIIEgQSAgsMICc%3D
X-YouTube-Ad-Signals
dt=1709328084529&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C962%2C541&vis=1&wgl=true&ca_type=image

Response headers

date
Fri, 01 Mar 2024 21:21:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.sstic.org
URL
https://static.sstic.org/videos2022/1080p/droidguard_a_deep_dive_into_safetynet.mp4

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| uidEvent object| bootstrap function| Headroom function| OnScreen function| jarallax function| SmoothScroll function| Glide object| $jscomp$this function| anime

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: QR0GA8iCqeM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: rPUq9HE-yqk

16 Console Messages

Source Level URL
Text
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/(Line 65)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/(Line 65)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.romainthomas.fr/publication/22-sstic-blackhat-droidguard-safetynet/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
static.sstic.org
www.google.com
www.gstatic.com
www.romainthomas.fr
www.youtube.com
yt3.ggpht.com
static.sstic.org
195.154.171.95
2606:50c0:8001::153
2a00:1450:4001:800::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82a::2016
2a00:1450:4001:82b::200a
100184e8ea230ef73e43be70a4cba188935c950255d6362826992a69a36a26df
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
12ff32da630bfe019ae0b1556603693138cac23df8ab8a42e0372c7967916fdc
13651b6b76f340d4e8d1c476599a47a73e6dd090295ce34ef11f773ee3c6e9e2
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
18f44ff962c3ed7571cd763b25c8630f138ab45a9acfa42bb8a14703d6769717
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2aef7e90e9a2b67ed2ea1c6a1490ab31fdb7d23a7a848351178cf7a249745506
33bdb05d4b42f52e354261badf39cc46da25e70a2da759ee133330d7d6087241
3701cbff3acccd80b1f2eede4311050514f7a64c2039eb77a77368fcd6e3de28
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6c8398644532a9c1f73da38e0cc408dc48287c6702c3fe5c2a7190656bfde3
404aebb31c77fd47d55cba01deb7ca6ac6b382b55d8a096025b388f2b166bcbb
4088095e54d6fe8707e41291e15bd3e39f45eca9eb2b9d70e30aab6940260d82
477bb4166eb3c9bb122d3c3091a0a87e018713e809cca69fef9eab1834977c79
4d3372431085076b2487cebb2b1de02760bc524ff58a8e3a36c648d0459b2102
5516ebc12df03cef152f52c7f87813515407e7f6dc852dfb1b5a4569ad2a541b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c76790c14fecf58042802ad30053cf76dbc94784badf56ef8c82f51b6142576
6f28dce91f45bc4687582137bb5d82d9771efc774e3b2b83c30018469d191ad8
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c
79e32874961712e9cb9d188aa8846162af3a26923fb57a483a068f4b1a60f2fb
88906e1a990100705c944769215db44465f083fc5cba87475b8765b1f396e515
9a3601d494cc044b3e00e6e753b9e19534d338a2a0652581e75916f71a0b795c
9e89a950ced071d28bcd0449fd5bcc500e8cf98a8438c0af94496da2b2a02d4a
a1184a5479833b4216847dd42b1fbe1dada086d5577931fbb8eda4ecac00e9bd
af92e92bdd6eb796c55b3aab8839b33b92fd40828d2a59359c81d979e55c98c4
b30fc988f395d597dc5e3a81253d6fa9a038bc119e8aa9fe6fb3c3855bf8380e
bd084fe66fa1ecbdcb1e80f529d9943db50cd4556acc901da2003ce272a7fae7
c9cc5b0076bd46d55580db486c53bf460e748d078e7678e51de49d8bb7275466
c9da1bffe5880ecb2f13d1c5311643878aeee5f2d3bd951bcad84825ea222fa5
d5fff8df05f0599caef34d958c0306fc6f6dab608e94e357540ddfe1412f1167
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da34e50910889df6447e4db1d3821327234c11167a1355c6dae56ff7e9f38abd
e17e6c412d2159ad058eea653b9286f8617781dd517dd07b2171d669c8c7075a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
fb1c202b4c6a9618b437a0dc65a6dc58dbea90faf5b9d14a00cc7fdb08d224e8
fdacf10c93ab7a3919378a89a7059408145a85019a69ec1fd381ec14e3dc71b7