ticketurf.onlc.fr Open in urlscan Pro
2606:4700:20::681a:f9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ticketurf.onlc.fr/
Submission: On October 31 via manual (October 31st 2023, 2:51:58 pm UTC) from ML — Scanned from FR

Summary HTTP 67 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 67 HTTP transactions. The main IP is 2606:4700:20::681a:f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is ticketurf.onlc.fr.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.

This is the only time ticketurf.onlc.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:20:... 2606:4700:20::681a:f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:6a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
1	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::681a:56b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	172.64.147.222 172.64.147.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	104.21.20.75 104.21.20.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:ba61:0:1... 2a00:ba61:0:126::c	35625 (EURAFIBRE-AS) (EURAFIBRE-AS)
3	2a00:1450:400... 2a00:1450:4001:f::7	15169 (GOOGLE) (GOOGLE)
67	19

1 2606:4700:20::681a:f9 (United States)

ASN13335 (CLOUDFLARENET, US)

ticketurf.onlc.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:6a2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.onlc.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.91 (United States) 1 redirects

ASN54113 (FASTLY, US)

f.eu1.jwwb.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.91 (United States)

ASN54113 (FASTLY, US)

primary.jwwb.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:56b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.147.222 (United States)

ASN13335 (CLOUDFLARENET, US)

ticketurf.carrd.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.20.75 (None, )

ASN13335 (CLOUDFLARENET, US)

ssp.zryydi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tradeadexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:ba61:0:126::c (France)

ASN35625 (EURAFIBRE-AS, FR)

rr1---sn-apaapm4g-apae.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:f::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr2---sn-4g5edn6y.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	1017 KB
10	gstatic.com fonts.gstatic.com	222 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	95 KB
7	carrd.co ticketurf.carrd.co	319 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 jnn-pa.googleapis.com — Cisco Umbrella Rank: 207	38 KB
5	googlevideo.com rr1---sn-apaapm4g-apae.googlevideo.com — Cisco Umbrella Rank: 903526 rr2---sn-4g5edn6y.googlevideo.com — Cisco Umbrella Rank: 62865	308 KB
4	onlc.eu static.onlc.eu	33 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	10 KB
2	shorte.st cdn.shorte.st	46 KB
2	jwwb.nl 1 redirects f.eu1.jwwb.nl primary.jwwb.nl — Cisco Umbrella Rank: 240229	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	tradeadexchange.com www.tradeadexchange.com	494 B
1	zryydi.com ssp.zryydi.com
1	onlc.fr ticketurf.onlc.fr	4 KB
67	15

	Domain	Requested by
15	www.youtube.com	ticketurf.carrd.co www.youtube.com
10	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
8	cdnjs.cloudflare.com	ticketurf.onlc.fr
7	ticketurf.carrd.co	ticketurf.onlc.fr ticketurf.carrd.co
4	jnn-pa.googleapis.com	www.youtube.com
4	static.onlc.eu	ticketurf.onlc.fr
3	rr2---sn-4g5edn6y.googlevideo.com	www.youtube.com
3	fonts.googleapis.com	ticketurf.onlc.fr cdnjs.cloudflare.com ticketurf.carrd.co
2	rr1---sn-apaapm4g-apae.googlevideo.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	cdn.shorte.st	ticketurf.onlc.fr cdn.shorte.st
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.tradeadexchange.com	cdn.shorte.st
1	ssp.zryydi.com	cdn.shorte.st
1	primary.jwwb.nl	ticketurf.onlc.fr
1	f.eu1.jwwb.nl	1 redirects
1	ticketurf.onlc.fr
67	19

This site contains links to these domains. Also see Links.

Domain
ai.onlinecreation.pro
www.onlinecreation.me
shorte.st

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
carrd.co Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
zryydi.com E1	`2023-09-11` - `2023-12-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tradeadexchange.com E1	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2023-10-10` - `2023-12-19`	2 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-10-17` - `2023-12-26`	2 months	crt.sh

This page contains 3 frames:

Primary Page: https://ticketurf.onlc.fr/
Frame ID: 771B4F9981238CE501624884A85CB264
Requests: 21 HTTP requests in this frame

Frame: https://ticketurf.carrd.co/
Frame ID: F57A4A4EDCB43FE0A7A62974451F86E2
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
Frame ID: C5C8DC6EC67E33C5340973737A97D9AE
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ticketurf

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

67
Requests

97 %
HTTPS

79 %
IPv6

15
Domains

19
Subdomains

19
IPs

4
Countries

2109 kB
Transfer

5123 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://ai.onlinecreation.pro/
Title: Publicité servant à financer l'hébergement de ce site 🤖 Une Intelligence Artificielle français révolutionnaire d'une facilité extrême qui ridiculise les géants du secteur ! 🇫🇷 Découvrez AI•, votre assistant d'automatisation de texte et d'images! Laissez l'intelligence artificielle transformer vos idées en réalités visuelles. Pas besoin d'être un expert, AI• est à la portée de tous. Commencez dès maintenant!

Search URL Search Domain Scan URL

URL: https://www.onlinecreation.me/?p=ticketurfNDD
Title: Site créé gratuitement grâce à OnlineCreation.me

Search URL Search Domain Scan URL

URL: https://www.onlinecreation.me/mentionslegalessites.php?NomSite=ticketurfNDD
Title: Tous droits réservés

Search URL Search Domain Scan URL

URL: https://www.onlinecreation.me/abuse.php?NomSite=ticketurfNDD
Title: Abuse

Search URL Search Domain Scan URL

URL: https://shorte.st/?utm_source=ticketurf.onlc.fr&utm_medium=overlay&utm_campaign=bottom
Title: Shorte.st

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://f.eu1.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png HTTP 301
https://primary.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png

Request Chain 41

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ticketurf.onlc.fr/ 10 KB
4 KB 122ms
57ms Document
text/html 2606:4700:20::681a:f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d34fa358258bf31fc8c74a79dbcfa3bd717d25d12a40d54b2d9ee69cd4d341

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: https://www.onlinecreation.me
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81ecb7f8fcc70157-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 14:51:53 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fz9y2MyOCx9PnK90ZbQ6CixO0Bb%2FO7tuzPs%2FKt0Gll4w3Gz%2FTCViZK55S5BnABP2rzbEN03gXDZ%2F4adyjT9g70NogaxFpZt6SeWjKbTYW8PUpWewCeYtPlE2OkTmAtYUVUnUxFEgy%2FEs%2FNpT59gv"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 82 KB
26 KB 81ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1204254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26646
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1499c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zI8O7VDnvBlmpsS7ibkKIiCe0hf4X23nwjgBg8CxR6n7qfJv7pBzxs%2BKHXMCgN0eLLBiQHg%2BnqDose4HG6BH1Oh9m%2B5QVcv%2BxYlFfzCjr3VK701%2FzgMH19ZoZX1H%2BF8yWhhgu4eq4IqcQtfPkEyaasAT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecb7f9aa2203fb-CDG
expires: Sun, 20 Oct 2024 14:51:53 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/ 7 KB
3 KB 79ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/jquery-migrate.min.js

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 15536503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2687
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-1c20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTgMo2b9WkBD6mMRFh11b%2FXK4AgLDH0s8BRDHzVcx4l0WBGwNab6%2B0M7dFpMrhG85BkSAQ8fVHveGLFPGCFYYXQQf%2BBSCvEp2VZafSdPPUd%2BsQ%2FWf0XH62howFWe0X0xPTPmW6iakDDWOVtkNZsGDptt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecb7f9aa2103fb-CDG
expires: Sun, 20 Oct 2024 14:51:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 89 KB
4 KB 137ms
77ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

960ffb23b887779d6f02c9fd745a8b2cd1ba8bdc15415a55e35d6daca4ada8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 14:51:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 14:51:53 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/css/ 120 KB
16 KB 75ms
30ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/css/bootstrap.min.css

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 601098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16223
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-1deac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSTQpQcICoFFwo6tGJlsqJ98UWskoj0MGKVoEbIXH%2FrfBBSn629ET0hhpUADIXbqYaYtG3YYEtcmLy7PKP%2FLskIbC%2B%2F2dr997Q%2FtuJXyJOovwdZc30mibKxHXeU9ZcryfZDvPUrfDPmsPj3vqXiPxiHC"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecb7f9aa1e03fb-CDG
expires: Sun, 20 Oct 2024 14:51:53 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootswatch/3.3.5/simplex/ 125 KB
17 KB 76ms
31ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootswatch/3.3.5/simplex/bootstrap.min.css

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22da8d88b991a65fbe510fd298a0bbf96e561f2e0bd286aa0af381b5bd8b72ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 603612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16909
last-modified: Mon, 04 May 2020 16:06:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d90-1f4c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOOdb5TD3fhx0FODG1Jw54iIxeUJJXYbFPMlDZjw8ZS2VL4nm5HdWBVLUU95iYfeYlACE%2FTwV%2Fr1fqQUgU3f4Q%2F777CGfUSMqr9D2HlRu1BR%2Bjx5CNxjzEq16ye8h5CKLR%2F47ETk2vu3vJWer2qo2jlG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecb7f9aa1f03fb-CDG
expires: Sun, 20 Oct 2024 14:51:53 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 27 KB
6 KB 74ms
29ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14248595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4972
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-6b4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1LL255hC76YxVNfvi9CAqwP%2F%2FQB1XYvG4cMkVe%2FqPvjSkA12aWBgwM88xbpwLAmsbv7TdFDMei0t%2BfrBFgCTBEtJBq1RN17V8rqx2m644s%2FNL7l7NdDIfhkIYJ1MSnZ%2Balmr8XKXgU45PBrAbx9FwCS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecb7f9aa2003fb-CDG
expires: Sun, 20 Oct 2024 14:51:53 GMT

GET
H2 200 vanilla_bigfooter.css
static.onlc.eu/designs/bootstrap/contents/ 403 B
766 B 95ms
26ms Stylesheet
text/css 2606:4700:20::681a:6a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onlc.eu/designs/bootstrap/contents/vanilla_bigfooter.css
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff728822fc51255ff253b4b8555782eaf2e35d9fa2ef9b905ce3f570197f621

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5817
cf-polished: origSize=512
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 18:10:51 GMT
server: cloudflare
etag: W/"925758259"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSSKYS9qUM3LM17j56UqwRLYKy2VXEeMAl3V7f5KoofWd5WxQf2C9QibxpzRc%2Fq5S1zi6RMv3fbJaLrRfN6LLqB8TEw1gQqzLXusmiafPC6DMjkmwO7hgbIFv9FHpeAptAPg4GkARERkiL7g"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 81ecb7f9c8c73c8c-CDG

GET
H2 200 pills.css
static.onlc.eu/designs/bootstrap/menus/ 387 B
538 B 121ms
52ms Stylesheet
text/css 2606:4700:20::681a:6a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onlc.eu/designs/bootstrap/menus/pills.css
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f83d8cd0c14bccf28c8c3f780b50e3879952e7e9eea8af16cbdec8635d82de08

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=478
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 Feb 2016 18:09:02 GMT
server: cloudflare
etag: W/"864654470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDtzj4ND2ZavMncZtBvXJ7iCgJnDFKnPaClW%2FY04Gc4qP21FRGsP0r7sSlP3F3TayQiJsysdsQL81Fi4B22QMmg8TlyLlOslCDpNEDCgy8wM1F8F2EVby7SzIFrkv3aetIaNYPJMU0FvA7iP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 81ecb7f9c8c83c8c-CDG

GET
H2 200 mediaelementplayer.min.css
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/ 17 KB
3 KB 76ms
32ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelementplayer.min.css

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ticketurf.onlc.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14492455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2265
last-modified: Mon, 04 May 2020 16:13:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f1f-4392"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFDiALiof4Rsu3jW2vvMHe96AmHOdKHqSS7NfDOrUxeulCnCI9Kw5ZhX4oLHJx9Nf8Xyy97BJEPFIJZ%2BAI7lCwTk5kwaEJEpA%2Fss1dYkbulJvGl0O2u93jMbSM13Sh34iTaatC3DmlkDUE%2BoOfV0d86C"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecb7f9af09f0df-CDG
expires: Sun, 20 Oct 2024 14:51:53 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/ 61 KB
15 KB 78ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelement-and-player.min.js

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ticketurf.onlc.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 15178968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15089
last-modified: Mon, 04 May 2020 16:13:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f1f-f42f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESuV2FKm6ISvtMAtXWWlk1q0cos3dEMyOkgHPr5MkwsGWajZQ8YMTxLl2McK09uRor7irTwYU8A0gEJeRut1I2GgF0M%2BcDgK8QL5zZ7p7FmoVxD5g4jaHIU1xwlnM2g3R7VWx4gc1vCyT1v61bE1n5fD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecb7f9af0df0df-CDG
expires: Sun, 20 Oct 2024 14:51:53 GMT

GET
H2

200

Pmubann.png
primary.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/
Redirect Chain

https://f.eu1.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png
https://primary.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png

1 KB
1 KB

58ms
19ms

Image
image/webp

151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://primary.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Server

151.101.1.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9041530bf582d9ce662f425bdf07bad4dfdaadb41830f4ef8e1b46a3b216d69d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
server: UploadServer
age: 1047733
etag: "dJB/VVzLnXEGWDRZjqAFiLi4Ps5A+OwrDx0TXdLSWys"
x-goog-meta-fl-original-last-modified: 2020-11-30T16:04:45Z
vary: Accept
content-type: image/webp
fastly-io-info: ifsz=1430 idim=329x20 ifmt=png ofsz=1048 odim=329x20 ofmt=webp
cache-control: public, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1048

Redirect headers

x-served-by: cache-lcy-eglc8600068-LCY
date: Tue, 31 Oct 2023 14:51:53 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1698763913.286332,VS0,VE0
x-cache: HIT
location: https://primary.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/ 36 KB
9 KB 51ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 18040544
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8641
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-8fd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9Yny1x1R7aNU9dcOoD0r0Fb6Quub8X1hJPTmWSKLicL6Khboh7E5skNaoc9%2Fh3Ss%2Fz4RCg800bPyKyDG7AUhfuz3sZV7edkLD5FjjQYdHKJYbYUeKku4YRi76%2BSbyxsh1JO2u1zRf5RGyphQxeM5SGA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecb7f9ea7603fb-CDG
expires: Sun, 20 Oct 2024 14:51:53 GMT

GET
H2 200 images-sizer.js Show response
static.onlc.eu/designs/bootstrap/scripts/ 465 B
595 B 32ms
31ms Script
application/javascript 2606:4700:20::681a:6a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onlc.eu/designs/bootstrap/scripts/images-sizer.js
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76239ac4f24cf0979baa27e7a5a25c712ebc3c7c5934754c19358c2e96afc5c5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 920
cf-polished: origSize=620
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 07 Feb 2016 13:48:36 GMT
server: cloudflare
etag: W/"3994891144"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Biyuo4IEQoIcr85sQ2wKkndjFutTVxhcJvCkAQ9pH1AmDkL82%2Fb6vi1h%2BgEOEEyz0q0qh8aJaot6RkIcW42x9NXUhKr5JXOgdOek%2Bi%2BmW3sdBYG9GEQ6xS6nUR%2BHyGDtRq5HI0H0B4UBUQFm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 81ecb7fa39733c8c-CDG

GET
H2 200 css
fonts.googleapis.com/ 5 KB
774 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bootswatch/3.3.5/simplex/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d81372d24594f6fc20de51c71f80266e35bf19666316ab3de588145fe7bd39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdnjs.cloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:03:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 14:51:53 GMT

GET
H2 200 link-converter.min.js Show response
cdn.shorte.st/ 116 KB
45 KB 103ms
51ms Script
application/javascript 2606:4700:20::681a:56b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/link-converter.min.js
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:56b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 949
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-1d196"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5LUeHurClKG0%2BKHUBRXCkvCTryZ86CzwQxbzbYjIgzXFUSHKPXUGxL24CeYLfaeCA%2FsBqgLtINmg4P%2F7AVOTKHS9Ydn%2Fv5B5yQ0baMsOSy8W4fymPnhQYRw%2FMZlVfc3SUFcVeO6ZMaKY1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-id: shn08
cache-control: max-age=14400
cf-ray: 81ecb7fa9b44d611-CDG
expires: Tue, 31 Oct 2023 15:36:04 GMT

GET
H2 200 / Show response
ticketurf.carrd.co/ Frame F57A 31 KB
8 KB 356ms
303ms Document
text/html 172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ticketurf.carrd.co/
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b2b09c529194a3cba6460ceef689e4bc2b34ed5a8be77e9557b130c7d976c74

Request headers

Referer: https://ticketurf.onlc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 81ecb7faa8f82a6e-CDG
content-encoding: gzip
content-type: text/html
date: Tue, 31 Oct 2023 14:51:53 GMT
expires: Tue, 31 Oct 2023 14:51:53 GMT
last-modified: Mon, 30 Oct 2023 21:02:09 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 163339832361.png
static.onlc.eu/ticketurfNDD/ 30 KB
31 KB 27ms
27ms Image
image/webp 2606:4700:20::681a:6a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.onlc.eu/ticketurfNDD/163339832361.png
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:6a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f281b5cd43af5b46678768a3d7d7105e546c3afbdff2a0ec5f09dc9d5b0b8c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196
cf-polished: origFmt=png, origSize=37064
content-disposition: inline; filename="163339832361.webp"
alt-svc: h3=":443"; ma=86400
content-length: 31056
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Oct 2021 01:45:23 GMT
server: cloudflare
etag: "3612979649"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8nEeHsTiRtjFR3sy%2B7gRV5pCqsO5UZ6NaNSceQ4HmyK74cn%2FwGwwKC34FLiT%2BYM1Rp0%2FrcMHrk5hWagabVUanAUUSrUIrBKhGtOwqlILEcPNHA6YPEpYtHh5mavlDlsG4p8GziWEq5jHp5G"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81ecb7fa5960d564-CDG

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 81ms
24ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.onlc.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 419734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:16:19 GMT

GET
H2 404 /
ssp.zryydi.com/bid/ 0
0 683ms
630ms Script
text/html 104.21.20.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.zryydi.com/bid/?tag_id=90&sub_id=ba935990d51070c1473f34dccb0914e4&url=https%3A%2F%2Fticketurf.onlc.fr%2F&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1698763913438
Requested by: Host: cdn.shorte.st
URL: https://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 sh-overlay.css
cdn.shorte.st/css/ 3 KB
1 KB 34ms
34ms Stylesheet
text/css 2606:4700:20::681a:56b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/css/sh-overlay.css
Requested by: Host: cdn.shorte.st
URL: https://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:56b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 332
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-dd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CM9kHz98Wmv11judf2WQ2IkqVOxYpnHa9Dvo14KyCYkp%2FjpASnh2%2FdmxknMIXigG3RwOddqy6URkkqsGqNR1Y7u2MaZFMC%2Bf65UAWuTbuasddTcgK9XgXUKBeOskCOQbdHD5cDIEJ3Y9BLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-server-id: shn08
cache-control: max-age=14400
cf-ray: 81ecb7fb0bffd611-CDG
expires: Tue, 31 Oct 2023 15:46:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame F57A 24 KB
1 KB 39ms
38ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Roboto+Slab:ital,wght@0,400;0,700;1,400;1,700&family=Red+Hat+Text:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Roboto:ital,wght@0,100;0,400;0,700;1,100;1,400;1,700&family=Rozha+One:ital,wght@0,400;1,400

Requested by

Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c647eebd5f54c0b6123aae7f93307f3b8d61efe9da88e462627643dce35a87c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 14:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 14:51:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 14:51:53 GMT

GET
H2 200 image05.jpg
ticketurf.carrd.co/assets/images/ Frame F57A 19 KB
19 KB 54ms
53ms Image
image/jpeg 172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/image05.jpg?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59d1a8b0ad29ff122aec2f40f5d87cbde1f5817d205d97b8dccf87f50b13e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sun, 29 Oct 2023 19:09:27 GMT
server: cloudflare
age: 59309
etag: "4cf8-608dfa91830c0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecb7fc8c562a6e-CDG
content-length: 19704
expires: Tue, 07 Nov 2023 14:51:53 GMT

GET
H2 200 image03.gif
ticketurf.carrd.co/assets/images/ Frame F57A 21 KB
21 KB 42ms
41ms Image
image/gif 172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/image03.gif?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b242e6c66ae210740511e7719910bff0122d861698221c8a34262ee25ce5b17d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
cf-cache-status: HIT
last-modified: Sun, 29 Oct 2023 19:43:49 GMT
server: cloudflare
age: 59309
etag: "5251-608e023f5e918"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecb7fc8c582a6e-CDG
content-length: 21073
expires: Tue, 07 Nov 2023 14:51:53 GMT

GET
H2 200 image07.gif
ticketurf.carrd.co/assets/images/ Frame F57A 739 B
903 B 32ms
31ms Image
image/gif 172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/image07.gif?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cbea78d5474714bd51b0195ee65be709e8cdfad9bd9b4c02f82d065b7eaa9bd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 02:36:03 GMT
server: cloudflare
age: 59309
etag: "2e3-601e7865a02d8"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecb7fc9c592a6e-CDG
content-length: 739
expires: Tue, 07 Nov 2023 14:51:53 GMT

GET
H2 200 image04.gif
ticketurf.carrd.co/assets/images/ Frame F57A 36 KB
36 KB 35ms
34ms Image
image/gif 172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/image04.gif?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec8e6c921954a15b064e7aa23783df4ffb7ea8fe3a1e1e6e5d2e8be0bbe27ee3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 02:36:03 GMT
server: cloudflare
age: 59309
etag: "8e1f-601e7865b3b58"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecb7fc9c5a2a6e-CDG
content-length: 36383
expires: Tue, 07 Nov 2023 14:51:53 GMT

GET
H2 200 image01.jpg
ticketurf.carrd.co/assets/images/ Frame F57A 25 KB
25 KB 51ms
51ms Image
image/jpeg 172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/image01.jpg?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaef72238a71c5bfebcad0d1d17e648eb40b45951ed771c55148770e2f4d88dd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 02 Aug 2023 03:45:22 GMT
server: cloudflare
age: 59309
etag: "64bb-601e87e3b6898"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecb7fc9c5b2a6e-CDG
content-length: 25787
expires: Tue, 07 Nov 2023 14:51:53 GMT

GET
H2 200 XSho6acgbtE Show response
www.youtube.com/embed/ Frame C5C8 93 KB
42 KB 193ms
135ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Requested by

Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8fc5512fa1c89673f7c68811989acaffaec6866937f870ec4543431736ca766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ticketurf.carrd.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-_f4VUWHravPZ78fqeTmZAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 14:51:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bg.jpg
ticketurf.carrd.co/assets/images/ Frame F57A 209 KB
209 KB 36ms
35ms Image
image/jpeg 172.64.147.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/bg.jpg?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a93cbab2025cad0e835b226fc0b3978a2bcec8856d56c9cbf38dbfdc2913af1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 02 Aug 2023 02:36:03 GMT
server: cloudflare
age: 59309
etag: "342ea-601e786586c98"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecb7fcac802a6e-CDG
content-length: 213738
expires: Tue, 07 Nov 2023 14:51:53 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ Frame F57A 34 KB
34 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Roboto+Slab:ital,wght@0,400;0,700;1,400;1,700&family=Red+Hat+Text:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Roboto:ital,wght@0,100;0,400;0,700;1,100;1,400;1,700&family=Rozha+One:ital,wght@0,400;1,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 20:45:18 GMT
x-content-type-options: nosniff
age: 583595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34328
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 20:45:18 GMT

GET
H2 200 RrQXbohi_ic6B3yVSzGBrMxQaKct.woff2
fonts.gstatic.com/s/redhattext/v14/ Frame F57A 27 KB
27 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhattext/v14/RrQXbohi_ic6B3yVSzGBrMxQaKct.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b2f5ac43898b79c2fddba6968f281fe471838e5a3573bcf3ea25ea7f9d3c708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 19:00:31 GMT
x-content-type-options: nosniff
age: 417082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27980
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:17:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 19:00:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F57A 15 KB
15 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 56986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 23:02:07 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F57A 15 KB
16 KB 47ms
46ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 16:37:51 GMT
x-content-type-options: nosniff
age: 80042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 16:37:51 GMT

GET
H2 200 KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F57A 17 KB
17 KB 48ms
47ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 07:52:40 GMT
x-content-type-options: nosniff
age: 284353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17060
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 07:52:40 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F57A 17 KB
17 KB 50ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 07:27:52 GMT
x-content-type-options: nosniff
age: 372241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 07:27:52 GMT

GET
H2 200 AlZy_zVFtYP12Zncg2kRcn35.woff2
fonts.gstatic.com/s/rozhaone/v15/ Frame F57A 18 KB
18 KB 59ms
59ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rozhaone/v15/AlZy_zVFtYP12Zncg2kRcn35.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 24 Oct 2023 16:53:40 GMT
x-content-type-options: nosniff
age: 597493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18176
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Oct 2024 16:53:40 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/9e328581/ Frame C5C8 377 KB
48 KB 28ms
25ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e145fd39385252b9692e8a022fd599d62542a548ace6423dd9bc9abb07e1dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48749
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Oct 2024 14:26:46 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C5C8 15 KB
15 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 302030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 02:58:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C5C8 15 KB
15 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 420323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:06:30 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/9e328581/www-embed-player.vflset/ Frame C5C8 318 KB
95 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

837ff4d2018dbb14f63f899c3479035f7a986d5f36b9a5603c872b624afbbf19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97578
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Oct 2024 14:44:44 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame C5C8 2 MB
756 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

863f9756bfa22af1dfb2edf9112a893b6f0bbd158d32335eea4d8a9beae440a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 773515
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 26 Oct 2024 21:06:11 GMT

GET
H2 204 display.php Show response
www.tradeadexchange.com/a/ 0
494 B 215ms
159ms Script
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=ba935990d51070c1473f34dccb0914e4&sub2=0
Requested by: Host: cdn.shorte.st
URL: https://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahZkbEa9GwpGo6xGDelRV83zsFxb04OD7shIISi6UnRpXHQYwFLsV%2FB6YcVHlfrJngrqxekoY13eDtpejZsMrGrg%2Bkj%2BaDXX85fQ%2BqOgiDnGAQOYR6zCZukL85tdde64RaSlp8HUJXehLUP7FRNaTLElIePz8w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 81ecb7ffaace0261-CDG
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame C5C8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

37ms
36ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

883764eae6d1fe2dec998a90bcf032d0e6db7afba7b6d5766173bd5f6c944e4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 14:51:54 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C5C8 29 B
494 B 91ms
29ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:43:23 GMT
x-content-type-options: nosniff
age: 511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 14:58:23 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 98ms
32ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Oct 2023 14:51:54 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C5C8 68 KB
31 KB 43ms
41ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a237ecf03063b1a3c171bd274687bb4176cc2482a10060cfc0d3bdce63c79aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32009
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame C5C8 69 KB
30 KB 130ms
130ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

56007f2fe5483de1de53bddb480255bcd753e5f189590c71b7cf828d83b919a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231024.01.02
X-Goog-Visitor-Id: CgtVQk00YzB1OTFKTSiJqYSqBjIICgJGUhICEgA%3D

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30627
x-xss-protection: 0
expires: Tue, 31 Oct 2023 14:51:54 GMT

GET
H2 200 87YGUa-CtHzGh2dX4WqK9TGwOTgC4_iw-Ct0WwzLfDU.js Show response
www.google.com/js/th/ Frame C5C8 37 KB
15 KB 93ms
25ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/87YGUa-CtHzGh2dX4WqK9TGwOTgC4_iw-Ct0WwzLfDU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3b60651af82b47cc6876757e16a8af531b0393802e3f8b0f82b745b0ccb7c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 11:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14760
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 11:46:41 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame C5C8 54 KB
17 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19bd5a56f4259144bffb64cb8d11218e8710fceedd00f35dc7aa750c19ef4305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 480150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17018
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Oct 2024 01:29:24 GMT

GET
DATA 200
OK truncated
/ Frame C5C8 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0KKpZc2AwAF9CYENxJWas_PEG_guprrRGy4V1fWljQWjtP1wS9qQ4kArD9K22JudFEO9pM2bUA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C5C8 4 KB
4 KB 97ms
38ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/0KKpZc2AwAF9CYENxJWas_PEG_guprrRGy4V1fWljQWjtP1wS9qQ4kArD9K22JudFEO9pM2bUA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2e2769814731a347b4da1baebf585d87a3ac7405f5637eb37f6d4afc42db142c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3895
x-xss-protection: 0
expires: Wed, 01 Nov 2023 14:51:54 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame C5C8 90 B
134 B 37ms
37ms XHR
application/json+protobuf 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4402baa4d180b8dd7dd238d5c26f5ea82e2c1280bc55e40150e1de800a71efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 35ms
35ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Oct 2023 14:51:54 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame C5C8 0
19 B 33ms
33ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&cpn=-QdGDm0JNl3qBDdk&el=embedded&ns=yt&fexp=v1%2C23848210%2C135086%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C17227%2C8461%2C9541%2C1089%2C3783%2C2094%2C394%2C3200%2C15645%2C2820%2C6%2C26417823%2C1293%2C2761%2C1253%2C677%2C5181%2C1542%2C6357%2C2289%2C737%2C2040%2C7229%2C859%2C3410%2C5836&cl=576683619&seq=1&docid=XSho6acgbtE&ei=ihRBZdGoEs-Px_AP5ta4qA4&event=streamingstats&plid=AAYJBEur63nvOTCd&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FXSho6acgbtE%3Fautoplay%3D1%26mute%3D1%26rel%3D0%26loop%3D1%26controls%3D0%26cc_load_policy%3D0%26playlist%3DXSho6acgbtE&qclc=ChAtUWRHRG0wSk5sM3FCRGRrEAE&embargoed=0&cbr=Chrome&cbrver=118.0.5993.117&c=WEB_EMBEDDED_PLAYER&cver=1.20231024.01.02&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.018:B,0.227:B,0.227:B&cat=streaming&cmt=0.018:0.000,0.227:0.000&vfs=0.227:243:243::r&view=0.227:260:146&bwe=0.227:130000&bat=0.227:1:1&vis=0.227:0&bh=0.227:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtVQk00YzB1OTFKTSiJqYSqBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698763914139&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C146&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 14:51:54 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr1---sn-apaapm4g-apae.googlevideo.com/ Frame C5C8 1 KB
2 KB 65ms
22ms Fetch
application/vnd.yt-ump 2a00:ba61:0:126::c
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1698785514&ei=ihRBZdGoEs-Px_AP5ta4qA4&ip=2001%3A41d0%3A8%3Ad154%3A%3A14&id=o-ABErg8hFuhtrTbPdZogZ_8bWqm8tPjWqPNkg9VoFVNfP&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Zj&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-4g5edn6y&ms=au%2Crdu&mv=m&mvi=1&pl=45&initcwndbps=237500&spc=UWF9f6vhLLOQcK07iBpVN9pw2kXMUGHVylfcylIIBQ&vprv=1&svpuc=1&mime=video%2Fwebm&ns=rF8_JBozZlMgQOtry1D2-zgP&gir=yes&clen=636441&dur=39.999&lmt=1676808640318824&mt=1698763755&fvip=2&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=nUGTVvLX8vdgDA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhAPUUMjroCq3hK050AmPrSX0xsN37ux-yGEeBx8ELyafYAiAY492l--ljbfjzCOPjZPF0rvdB8hdvCbwdBIo3JxYyWQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRgIhAKPAOYxYs8e-RCCD0LPezcqPRXCx3RBNLRRUB0amlvYQAiEAyikStnCjxFB1OHfkSK1y0pT3mBA54MhJCa828Wc-Jy4%3D&alr=yes&cpn=-QdGDm0JNl3qBDdk&cver=1.20231024.01.02&range=0-65884&rn=1&rbuf=0&pot=IjIEggSEYcMQCEflcNRV6TSyXfhGs0vWQslQ0W3IddtX80boTctH5U7FUepNwUHlRac3xg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8b3363d445e7dce6e244cbd6d3e80cb576c049e160d27ad3cca81626f8b288f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 14:51:54 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 31 Oct 2023 14:51:54 GMT

POST
H/1.1 200
OK videoplayback Show response
rr1---sn-apaapm4g-apae.googlevideo.com/ Frame C5C8 1 KB
2 KB 61ms
23ms Fetch
application/vnd.yt-ump 2a00:ba61:0:126::c
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1698785514&ei=ihRBZdGoEs-Px_AP5ta4qA4&ip=2001%3A41d0%3A8%3Ad154%3A%3A14&id=o-ABErg8hFuhtrTbPdZogZ_8bWqm8tPjWqPNkg9VoFVNfP&itag=250&source=youtube&requiressl=yes&mh=Zj&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-4g5edn6y&ms=au%2Crdu&mv=m&mvi=1&pl=45&initcwndbps=237500&spc=UWF9f6vhLLOQcK07iBpVN9pw2kXMUGHVylfcylIIBQ&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=rF8_JBozZlMgQOtry1D2-zgP&gir=yes&clen=18403&dur=40.021&lmt=1676808632319953&mt=1698763755&fvip=2&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=nUGTVvLX8vdgDA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRAIga5Sdb0Z2zNTXp6hkJvLzGPKEE28jkVfZV1SQYvP7wYMCICwJg1aHC7XZ8PZd1LVjXi8JHcdpABF1_PR1Wz0Yg-TF&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRgIhAKPAOYxYs8e-RCCD0LPezcqPRXCx3RBNLRRUB0amlvYQAiEAyikStnCjxFB1OHfkSK1y0pT3mBA54MhJCa828Wc-Jy4%3D&alr=yes&cpn=-QdGDm0JNl3qBDdk&cver=1.20231024.01.02&range=0-18402&rn=2&rbuf=0&pot=IjJhTGFKBA11xiIrFRowJ1F8ODYjfS4YJwc1HwgGEBUyPSMmKAUiKysLNCQoDyQrIGlSCA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ceb7d07de72cf1fb633ad72bcf3198d35fede418648bd1b72dba172096be777e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 14:51:54 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 31 Oct 2023 14:51:54 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame C5C8 33 KB
8 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6b1baea291fdd592e3277eb5345c0b9d0707eed3370e6029e9796aa7e0b5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 324013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8353
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 26 Oct 2024 20:51:41 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame C5C8 68 KB
18 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

202c54801c24c0dcd0a06cf21417fe62332416eb44aaef98dd8d0438f7db04a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 479776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18890
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Oct 2024 01:35:38 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame C5C8 8 KB
3 KB 412ms
411ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

cbbb44902daf520de410e183419c28ef4a5e0e74f96466e1cdc2aaa6ae9b010b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231024.01.02
X-Goog-Visitor-Id: CgtVQk00YzB1OTFKTSiJqYSqBjIICgJGUhICEgA%3D

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2669
x-xss-protection: 0
expires: Tue, 31 Oct 2023 14:51:54 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame C5C8 0
10 B 32ms
31ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?o5AkMQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 videoplayback Show response
rr2---sn-4g5edn6y.googlevideo.com/ Frame C5C8 64 KB
64 KB 220ms
54ms Fetch
application/vnd.yt-ump 2a00:1450:4001:f::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1698785514&ei=ihRBZdGoEs-Px_AP5ta4qA4&ip=2001%3A41d0%3A8%3Ad154%3A%3A14&id=o-ABErg8hFuhtrTbPdZogZ_8bWqm8tPjWqPNkg9VoFVNfP&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=UWF9f6vhLLOQcK07iBpVN9pw2kXMUGHVylfcylIIBQ&vprv=1&svpuc=1&mime=video%2Fwebm&ns=rF8_JBozZlMgQOtry1D2-zgP&gir=yes&clen=636441&dur=39.999&lmt=1676808640318824&keepalive=yes&fexp=24007246,24350018,24350045&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=nUGTVvLX8vdgDA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhAPUUMjroCq3hK050AmPrSX0xsN37ux-yGEeBx8ELyafYAiAY492l--ljbfjzCOPjZPF0rvdB8hdvCbwdBIo3JxYyWQ%3D%3D&alr=yes&cpn=-QdGDm0JNl3qBDdk&cver=1.20231024.01.02&redirect_counter=1&cm2rm=sn-apaapm4g-apae7e&cms_redirect=yes&cmsv=e&mh=Zj&mm=29&mn=sn-4g5edn6y&ms=rdu&mt=1698763513&mv=m&mvi=2&pl=45&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRgIhAPa1IG7o-xJ3BtJ0eSbhb7IlQlN9aFTWwSdTGCQGdZwOAiEAghrYvZbgdGw-1P5y7zheOZdSACIKVHWnKaLhM-6fQUw%3D&range=0-65884&rn=3&rbuf=0&pot=Mm6V7PxLwtgvb5XU7XT0FT8lfbNfBFVgaukv-Xaa7I9_vxAWsrKzXKVz1bRbR5dVThPjeKwB4T-RzN0QHj4atRLQl3VpIE3S83Gyxw7NLTNjpZih1H1xNBY7995D6pLYg84oJlmP9beS26Wlawk6hw==&ump=1&srfvp=1&altitags=242%2C278

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:f::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7b8001046c325175f624b27a3d893ea35f589c39fdbeaf570f5545ce49ea437a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 14:51:54 GMT
date: Tue, 31 Oct 2023 14:51:54 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000
last-modified: Sun, 19 Feb 2023 12:10:40 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr2---sn-4g5edn6y.googlevideo.com/ Frame C5C8 18 KB
18 KB 228ms
63ms Fetch
application/vnd.yt-ump 2a00:1450:4001:f::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1698785514&ei=ihRBZdGoEs-Px_AP5ta4qA4&ip=2001%3A41d0%3A8%3Ad154%3A%3A14&id=o-ABErg8hFuhtrTbPdZogZ_8bWqm8tPjWqPNkg9VoFVNfP&itag=250&source=youtube&requiressl=yes&spc=UWF9f6vhLLOQcK07iBpVN9pw2kXMUGHVylfcylIIBQ&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=rF8_JBozZlMgQOtry1D2-zgP&gir=yes&clen=18403&dur=40.021&lmt=1676808632319953&keepalive=yes&fexp=24007246,24350018,24350045&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=nUGTVvLX8vdgDA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRAIga5Sdb0Z2zNTXp6hkJvLzGPKEE28jkVfZV1SQYvP7wYMCICwJg1aHC7XZ8PZd1LVjXi8JHcdpABF1_PR1Wz0Yg-TF&alr=yes&cpn=-QdGDm0JNl3qBDdk&cver=1.20231024.01.02&redirect_counter=1&cm2rm=sn-apaapm4g-apae7e&cms_redirect=yes&cmsv=e&mh=Zj&mm=29&mn=sn-4g5edn6y&ms=rdu&mt=1698763513&mv=m&mvi=2&pl=45&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRQIhAIEgWucPT7PxDGHOV09u7gj2l6vNNabGl29rw6iO6r3BAiAc62zkYj_cums-JzML77OulctbX4A1njoFYGxXb9lOSw%3D%3D&range=0-18402&rn=4&rbuf=0&pot=Mm6V7PxLwtgvb5XU7XT0FT8lfbNfBFVgaukv-Xaa7I9_vxAWsrKzXKVz1bRbR5dVThPjeKwB4T-RzN0QHj4atRLQl3VpIE3S83Gyxw7NLTNjpZih1H1xNBY7995D6pLYg84oJlmP9beS26Wlawk6hw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:f::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0adced9f977b72f3e34e77eb2967077b696db4e44616de31885cc8aaa0ace625

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 31 Oct 2023 14:51:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 19 Feb 2023 12:10:32 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000
expires: Tue, 31 Oct 2023 14:51:54 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C5C8 28 B
54 B 38ms
36ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Goog-Request-Time: 1698763914912
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtVQk00YzB1OTFKTSiJqYSqBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698763913998&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C146&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 31 Oct 2023 14:51:54 GMT

GET
H2 200 0KKpZc2AwAF9CYENxJWas_PEG_guprrRGy4V1fWljQWjtP1wS9qQ4kArD9K22JudFEO9pM2bUA=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame C5C8 6 KB
6 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/0KKpZc2AwAF9CYENxJWas_PEG_guprrRGy4V1fWljQWjtP1wS9qQ4kArD9K22JudFEO9pM2bUA=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3893a7fa0cf9f0c1a26ac8b58984ff123e0f0e0989a16901c2fc239c352cda56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5783
x-xss-protection: 0
expires: Wed, 01 Nov 2023 14:51:54 GMT

POST
H3 200 videoplayback Show response
rr2---sn-4g5edn6y.googlevideo.com/ Frame C5C8 221 KB
221 KB 26ms
26ms Fetch
application/vnd.yt-ump 2a00:1450:4001:f::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5edn6y.googlevideo.com/videoplayback?expire=1698785514&ei=ihRBZdGoEs-Px_AP5ta4qA4&ip=2001%3A41d0%3A8%3Ad154%3A%3A14&id=o-ABErg8hFuhtrTbPdZogZ_8bWqm8tPjWqPNkg9VoFVNfP&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=UWF9f6vhLLOQcK07iBpVN9pw2kXMUGHVylfcylIIBQ&vprv=1&svpuc=1&mime=video%2Fwebm&ns=rF8_JBozZlMgQOtry1D2-zgP&gir=yes&clen=636441&dur=39.999&lmt=1676808640318824&keepalive=yes&fexp=24007246,24350018,24350045&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=nUGTVvLX8vdgDA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhAPUUMjroCq3hK050AmPrSX0xsN37ux-yGEeBx8ELyafYAiAY492l--ljbfjzCOPjZPF0rvdB8hdvCbwdBIo3JxYyWQ%3D%3D&alr=yes&cpn=-QdGDm0JNl3qBDdk&cver=1.20231024.01.02&redirect_counter=1&cm2rm=sn-apaapm4g-apae7e&cms_redirect=yes&cmsv=e&mh=Zj&mm=29&mn=sn-4g5edn6y&ms=rdu&mt=1698763513&mv=m&mvi=2&pl=45&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AK1ks_kwRgIhAPa1IG7o-xJ3BtJ0eSbhb7IlQlN9aFTWwSdTGCQGdZwOAiEAghrYvZbgdGw-1P5y7zheOZdSACIKVHWnKaLhM-6fQUw%3D&range=65885-291869&rn=5&rbuf=8302&pot=Mm6V7PxLwtgvb5XU7XT0FT8lfbNfBFVgaukv-Xaa7I9_vxAWsrKzXKVz1bRbR5dVThPjeKwB4T-RzN0QHj4atRLQl3VpIE3S83Gyxw7NLTNjpZih1H1xNBY7995D6pLYg84oJlmP9beS26Wlawk6hw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:f::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fb1066a8e7ccabbaf0b307cff3a48820ca84a2a3460d756e0386e320997ae73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 14:51:55 GMT
date: Tue, 31 Oct 2023 14:51:55 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000
last-modified: Sun, 19 Feb 2023 12:10:40 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame C5C8 0
17 B 33ms
32ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=-QdGDm0JNl3qBDdk&ver=2&cmt=0.061&fmt=243&fs=0&rt=0.775&euri=https%3A%2F%2Fticketurf.carrd.co%2F&lact=821&cl=576683619&mos=1&volume=100&cbr=Chrome&cbrver=118.0.5993.117&c=WEB_EMBEDDED_PLAYER&cver=1.20231024.01.02&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=fr_FR&cr=FR&len=40&fexp=v1%2C23848210%2C135086%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C17227%2C8461%2C9541%2C1089%2C3783%2C2094%2C394%2C3200%2C15645%2C2820%2C6%2C26417823%2C1293%2C2761%2C1253%2C677%2C5181%2C1542%2C6357%2C2289%2C737%2C2040%2C7229%2C859%2C3410%2C5836&rtn=9&afmt=250&size=260%3A146&inview=0&muted=1&docid=XSho6acgbtE&ei=ihRBZdGoEs-Px_AP5ta4qA4&plid=AAYJBEur63nvOTCd&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FXSho6acgbtE%3Fautoplay%3D1%26mute%3D1%26rel%3D0%26loop%3D1%26controls%3D0%26cc_load_policy%3D0%26playlist%3DXSho6acgbtE&list=TLGGkoMxQwxL0vczMTEwMjAyMw&of=yX5RpBYBJLP7Tad9VVBxKA&vm=CAEQABgEOjJBRzZGdTI3YVlySno1SzN0YlRsaGI3MEZ2Q0JHdThkNV9xSklFaFJLTHh6aUlZSG9Kd2J2QVBta0tES3BrTXNHWVBsZGRCU20wRlR6bm9MemhuU25sTC1OWHRrTEV1YTZtb19Oak80Tks0S3VEN1F6N0NuWkJ2NE8xeVdMeEVaVXcyY0hLUmljR3dMTWZPN2VNZE43ZXNxYmtrWkFMT0E0Mk85NzMxOFhVZ2gB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtVQk00YzB1OTFKTSiJqYSqBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698763914139&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C146&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 14:51:55 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame C5C8 0
19 B 32ms
32ms XHR
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=XSho6acgbtE&cpn=-QdGDm0JNl3qBDdk&ei=ihRBZdGoEs-Px_AP5ta4qA4&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtVQk00YzB1OTFKTSiJqYSqBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698763914139&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C146&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 14:51:55 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C5C8 28 B
54 B 38ms
37ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Goog-Request-Time: 1698763916198
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtVQk00YzB1OTFKTSiJqYSqBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698763913998&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C146&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 31 Oct 2023 14:51:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 31 Oct 2023 14:51:56 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ticketurf.onlc.fr/	1970-01-20 15:53:19	Name: PHPSESSID Value: doe3f691s3ki6qpujmqvetlhke
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: DEhy8pHWAVI
.youtube.com/	1970-01-20 20:11:55	Name: VISITOR_INFO1_LIVE Value: UBM4c0u91JM

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ssp.zryydi.com/bid/?tag_id=90&sub_id=ba935990d51070c1473f34dccb0914e4&url=https%3A%2F%2Fticketurf.onlc.fr%2F&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1698763913438 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.shorte.st
cdnjs.cloudflare.com
f.eu1.jwwb.nl
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
primary.jwwb.nl
rr1---sn-apaapm4g-apae.googlevideo.com
rr2---sn-4g5edn6y.googlevideo.com
ssp.zryydi.com
static.doubleclick.net
static.onlc.eu
ticketurf.carrd.co
ticketurf.onlc.fr
www.google.com
www.tradeadexchange.com
www.youtube.com
yt3.ggpht.com
104.21.20.75
151.101.1.91
151.101.129.91
172.64.147.222
2606:4700:20::681a:56b
2606:4700:20::681a:6a2
2606:4700:20::681a:f9
2606:4700::6811:190e
2a00:1450:4001:800::2004
2a00:1450:4001:802::200a
2a00:1450:4001:809::200e
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2006
2a00:1450:4001:f::7
2a00:ba61:0:126::c
2a06:98c1:3120::3
0adced9f977b72f3e34e77eb2967077b696db4e44616de31885cc8aaa0ace625
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
19bd5a56f4259144bffb64cb8d11218e8710fceedd00f35dc7aa750c19ef4305
202c54801c24c0dcd0a06cf21417fe62332416eb44aaef98dd8d0438f7db04a6
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
22da8d88b991a65fbe510fd298a0bbf96e561f2e0bd286aa0af381b5bd8b72ab
2b2f5ac43898b79c2fddba6968f281fe471838e5a3573bcf3ea25ea7f9d3c708
2d81372d24594f6fc20de51c71f80266e35bf19666316ab3de588145fe7bd39c
2e2769814731a347b4da1baebf585d87a3ac7405f5637eb37f6d4afc42db142c
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471
3893a7fa0cf9f0c1a26ac8b58984ff123e0f0e0989a16901c2fc239c352cda56
3a237ecf03063b1a3c171bd274687bb4176cc2482a10060cfc0d3bdce63c79aa
3a93cbab2025cad0e835b226fc0b3978a2bcec8856d56c9cbf38dbfdc2913af1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4b2b09c529194a3cba6460ceef689e4bc2b34ed5a8be77e9557b130c7d976c74
4ff728822fc51255ff253b4b8555782eaf2e35d9fa2ef9b905ce3f570197f621
56007f2fe5483de1de53bddb480255bcd753e5f189590c71b7cf828d83b919a8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e145fd39385252b9692e8a022fd599d62542a548ace6423dd9bc9abb07e1dca
63f281b5cd43af5b46678768a3d7d7105e546c3afbdff2a0ec5f09dc9d5b0b8c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6cbea78d5474714bd51b0195ee65be709e8cdfad9bd9b4c02f82d065b7eaa9bd
75d34fa358258bf31fc8c74a79dbcfa3bd717d25d12a40d54b2d9ee69cd4d341
76239ac4f24cf0979baa27e7a5a25c712ebc3c7c5934754c19358c2e96afc5c5
7b8001046c325175f624b27a3d893ea35f589c39fdbeaf570f5545ce49ea437a
837ff4d2018dbb14f63f899c3479035f7a986d5f36b9a5603c872b624afbbf19
863f9756bfa22af1dfb2edf9112a893b6f0bbd158d32335eea4d8a9beae440a4
883764eae6d1fe2dec998a90bcf032d0e6db7afba7b6d5766173bd5f6c944e4d
8b3363d445e7dce6e244cbd6d3e80cb576c049e160d27ad3cca81626f8b288f8
9041530bf582d9ce662f425bdf07bad4dfdaadb41830f4ef8e1b46a3b216d69d
960ffb23b887779d6f02c9fd745a8b2cd1ba8bdc15415a55e35d6daca4ada8c3
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
aaef72238a71c5bfebcad0d1d17e648eb40b45951ed771c55148770e2f4d88dd
b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa
b242e6c66ae210740511e7719910bff0122d861698221c8a34262ee25ce5b17d
c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c647eebd5f54c0b6123aae7f93307f3b8d61efe9da88e462627643dce35a87c7
c6b1baea291fdd592e3277eb5345c0b9d0707eed3370e6029e9796aa7e0b5eca
c8fc5512fa1c89673f7c68811989acaffaec6866937f870ec4543431736ca766
c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37
cbbb44902daf520de410e183419c28ef4a5e0e74f96466e1cdc2aaa6ae9b010b
ceb7d07de72cf1fb633ad72bcf3198d35fede418648bd1b72dba172096be777e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4402baa4d180b8dd7dd238d5c26f5ea82e2c1280bc55e40150e1de800a71efa
e59d1a8b0ad29ff122aec2f40f5d87cbde1f5817d205d97b8dccf87f50b13e49
ec8e6c921954a15b064e7aa23783df4ffb7ea8fe3a1e1e6e5d2e8be0bbe27ee3
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f3b60651af82b47cc6876757e16a8af531b0393802e3f8b0f82b745b0ccb7c35
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f83d8cd0c14bccf28c8c3f780b50e3879952e7e9eea8af16cbdec8635d82de08
fb1066a8e7ccabbaf0b307cff3a48820ca84a2a3460d756e0386e320997ae73f

ticketurf.onlc.fr Open in urlscan Pro 2606:4700:20::681a:f9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

97 %HTTPS

79 %IPv6

15 Domains

19 Subdomains

19 IPs

4 Countries

2109 kBTransfer

5123 kBSize

3 Cookies

5 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ticketurf.onlc.fr Open in urlscan Pro
2606:4700:20::681a:f9 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

97 %
HTTPS

79 %
IPv6

15
Domains

19
Subdomains

19
IPs

4
Countries

2109 kB
Transfer

5123 kB
Size

3
Cookies

67 HTTP transactions
1 data transactions