bloxcrafts.com Open in urlscan Pro
104.21.25.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://minebloxcraft.com/v/2qxW27abDuw
Effective URL:
https://bloxcrafts.com/v/2qxW27abDuw
Submission: On March 23 via api (March 23rd 2023, 8:57:03 pm UTC) from FI — Scanned from NL

Summary HTTP 49 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 20 domains to perform 49 HTTP transactions. The main IP is 104.21.25.122, located in and belongs to CLOUDFLARENET, US. The main domain is bloxcrafts.com.
TLS certificate: Issued by E1 on March 21st 2023. Valid for: 3 months.

This is the only time bloxcrafts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::ac43:bb07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.134.56 172.67.134.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.21.25.122 104.21.25.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:f3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:239... 2600:9000:2396:f600:18:319b:c100:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.107.19 172.64.107.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.158.16 52.222.158.16	16509 (AMAZON-02) (AMAZON-02)
2	104.21.41.152 104.21.41.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
49	23

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

minebloxcraft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:bb07 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

minebloxcrafts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.134.56 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bloxcrafts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.21.25.122 (None, )

ASN13335 (CLOUDFLARENET, US)

bloxcrafts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:f3e (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2396:f600:18:319b:c100:21 (United States)

ASN16509 (AMAZON-02, US)

d3tjml0i5ek35w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.107.19 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.158.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-16.cdg52.r.cloudfront.net

opeanresultanc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.41.152 (None, )

ASN13335 (CLOUDFLARENET, US)

narepuewrwq.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	youtube.com 1 redirects youtube.com — Cisco Umbrella Rank: 51 www.youtube.com — Cisco Umbrella Rank: 77	866 KB
8	bloxcrafts.com 1 redirects bloxcrafts.com	270 KB
7	google.com 4 redirects accounts.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	18 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 jnn-pa.googleapis.com — Cisco Umbrella Rank: 216	33 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	92 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
2	googleusercontent.com yt3.googleusercontent.com — Cisco Umbrella Rank: 1216	92 KB
2	narepuewrwq.info narepuewrwq.info	795 B
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 29373	101 KB
2	cloudfront.net d3tjml0i5ek35w.cloudfront.net	54 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	40 KB
1	googlevideo.com redirector.googlevideo.com — Cisco Umbrella Rank: 859	926 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109
1	opeanresultanc.com opeanresultanc.com	538 B
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 5734	163 KB
1	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 15454	649 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
1	minebloxcrafts.com 1 redirects minebloxcrafts.com	460 B
1	minebloxcraft.com 1 redirects minebloxcraft.com	467 B
49	20

	Domain	Requested by
10	www.youtube.com	bloxcrafts.com www.youtube.com
8	bloxcrafts.com	1 redirects bloxcrafts.com
6	accounts.google.com	4 redirects bloxcrafts.com
4	jnn-pa.googleapis.com	www.youtube.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	yt3.googleusercontent.com
2	narepuewrwq.info	bloxcrafts.com
2	pogothere.xyz	d3tjml0i5ek35w.cloudfront.net
2	d3tjml0i5ek35w.cloudfront.net	bloxcrafts.com d3tjml0i5ek35w.cloudfront.net
2	fonts.googleapis.com	bloxcrafts.com
1	www.google.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	redirector.googlevideo.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	youtube.com	1 redirects
1	www.facebook.com	bloxcrafts.com
1	opeanresultanc.com	d3tjml0i5ek35w.cloudfront.net
1	js.hsforms.net	bloxcrafts.com
1	fonts.cdnfonts.com	bloxcrafts.com
1	cdnjs.cloudflare.com	bloxcrafts.com
1	minebloxcrafts.com	1 redirects
1	minebloxcraft.com	1 redirects
49	25

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
rekonise.com
youtu.be
www.roblox.com
minebloxcraft.com

Subject Issuer	Validity	Valid
*.bloxcrafts.com E1	`2023-03-21` - `2023-06-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.cdnfonts.com GTS CA 1P5	`2023-02-07` - `2023-05-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
opeanresultanc.com Amazon RSA 2048 M02	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.narepuewrwq.info GTS CA 1P5	`2023-03-16` - `2023-06-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bloxcrafts.com/v/2qxW27abDuw
Frame ID: 1184ACB6172181FC5432730CF4EF3A1A
Requests: 26 HTTP requests in this frame

Frame: https://www.youtube.com/embed/2qxW27abDuw
Frame ID: A23CA0B8BB6D5DE81D70E2B370249FFF
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Minebloxcraft

Page URL History Show full URLs

https://minebloxcraft.com/v/2qxW27abDuw HTTP 302
https://minebloxcrafts.com/v/2qxW27abDuw HTTP 302
http://bloxcrafts.com/v/2qxW27abDuw HTTP 301
https://bloxcrafts.com/v/2qxW27abDuw Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

49
Requests

94 %
HTTPS

81 %
IPv6

20
Domains

25
Subdomains

23
IPs

3
Countries

1733 kB
Transfer

7119 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCZszOP3lIgh6wmB6Ovp-b_A
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://rekonise.com/fishing-simulator-script-l91ha
Title: https://rekonise.com/fishing-simulator-script-l91ha

Search URL Search Domain Scan URL

URL: https://youtu.be/h0xzq439_AE
Title: https://youtu.be/h0xzq439_AE

Search URL Search Domain Scan URL

URL: https://youtu.be/HkpqlQ9GHq8
Title: https://youtu.be/HkpqlQ9GHq8

Search URL Search Domain Scan URL

URL: https://www.roblox.com/games/2866967438/Day-5-Fishing-Simulator
Title: https://www.roblox.com/games/2866967438/Day-5-Fishing-Simulator

Search URL Search Domain Scan URL

URL: https://youtu.be/bSdTj0oDTWw
Title: https://youtu.be/bSdTj0oDTWw

Search URL Search Domain Scan URL

URL: https://minebloxcraft.com/
Title: https://minebloxcraft.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://minebloxcraft.com/v/2qxW27abDuw HTTP 302
https://minebloxcrafts.com/v/2qxW27abDuw HTTP 302
http://bloxcrafts.com/v/2qxW27abDuw HTTP 301
https://bloxcrafts.com/v/2qxW27abDuw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHcpmC1oUkdVuZ7Ck2euB-JkSaq84tgcreJxNos7cWfrAsdgs-4JMBk-y0oDTK0b-wMUCoU5 HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S2080639804%3A1679605017264652&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Q81wqkk_til18mO3lCZa15-uZNN_ZumNQWPvbPQGG-GMzShy892CwvbkrBEZFy0s61XJ7Vcw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 15

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7SNh8wBAo0tc-Nm16ILIBdQvI5YMGJJ8RS7LQVgzH7cjojnsaBu2u4pMM3qXNIeVi1L3Gf4 HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-535988045%3A1679605017309973&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RIQnlqHd5PbaQHevqtCDXPi6bgW8soYKf-bMFBs4Yz-wbEaRkjkw8f_z7CfBpSG4krsCtd5A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 22

https://youtube.com/embed/2qxW27abDuw HTTP 301
https://www.youtube.com/embed/2qxW27abDuw

Request Chain 32

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 2qxW27abDuw Show response
bloxcrafts.com/v/
Redirect Chain

https://minebloxcraft.com/v/2qxW27abDuw
https://minebloxcrafts.com/v/2qxW27abDuw
http://bloxcrafts.com/v/2qxW27abDuw
https://bloxcrafts.com/v/2qxW27abDuw

1 KB
1 KB

279ms
220ms

Document
text/html

104.21.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69564e6bb3204c6f9ecc829c9d5831ca5fcabea510d2e55a77f475746c1b446

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, content-type
access-control-allow-methods: GET, POST
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ac99572edec0eb0-AMS
content-encoding: br
content-type: text/html
date: Thu, 23 Mar 2023 20:56:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWeUZ3PIFzWNZVxhM5zNP7MIDYJ1aDcqNnegaza6zli%2Fzt0VYXPRhTWGQM%2BZ2Fn%2F1VDOx4EUzDvi10hdg8cLngICQkSvulSeMlZ0KAMdEk%2BlVB%2BRF4d1NmtYTqwTf9TSpw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 7ac995725a0eb776-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 23 Mar 2023 20:56:55 GMT
Expires: Thu, 23 Mar 2023 21:56:55 GMT
Location: https://bloxcrafts.com/v/2qxW27abDuw
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOcG4c2pVoNO%2BOupOB5onzio8Q1HRcD9B05KWx6wGC3DaNJTeNsTtgE%2FA4v3KhBYroCXpaSAbhiQ%2Bs83JHCTt2ALN0mHHvj2v4IdBCys8NJdoSZlFjnj%2BiFdb0HNreaMAA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 89ms
34ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 588789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLoIvzXiiajV54qBcr78OcBVfDaV5K1eeFQqP4IlO%2BNMyMkPP4Md%2FoY%2FnY9%2BaoCR0QYmVaRRX7JW2idjB1P0qlgUg1Vbl4YisBk5ibLDTNje7HFPWuSQcasVCNoM3%2B34qmJfyRlGLfbYeK1rgmFdgcIk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ac99574ac59b89a-AMS
expires: Tue, 12 Mar 2024 20:56:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 148ms
70ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;600;700;800&display=swap

Requested by

Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

202847ca5012b087ceaf261a68e42f7638e01e2cd1cccb915d434cd8c228056d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 20:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 20:54:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 20:56:55 GMT

GET
H2 200 minecraft-4
fonts.cdnfonts.com/css/ 169 B
649 B 103ms
37ms Stylesheet
text/css 2606:4700:20::681a:f3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/minecraft-4
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1af0f0a4830eea6783c00aa425504cc694842ec9406c57748c28480ff4afc645

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:55 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 26 Oct 2022 05:50:03 GMT
server: cloudflare
age: 12841612
cf-polished: origSize=204
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBZJOpk2vTUWVO%2FuJzOaHaQStTe5hQzGXbpJMDkZ%2F5FaTx%2BNZA8VnEDE%2BoQaBfHd0oOB3eKP9Gbj0aWoj8I3lhvSVsjFxwzWYwL%2F%2FUtfB4a0Oa7xmAlaM7EbvCEU7EDYPcXtxcjELZh7vv4Wb0%2BPIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 7ac99574cbd30b07-AMS

GET
H2 200 / Show response
d3tjml0i5ek35w.cloudfront.net/ 161 KB
53 KB 980ms
540ms Script
text/plain 2600:9000:2396:f600:18:319b:c100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tjml0i5ek35w.cloudfront.net/?lmjtd=972452
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:f600:18:319b:c100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d332b3d4fce6f19a6289ce4f7215309dfa2b98aaf1b71148448495e14b286354

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 20:56:56 GMT
content-encoding: gzip
via: 1.1 0cd7eb065076cb5987d9348a09f72496.cloudfront.net (CloudFront)
x-amz-cf-pop: MCT50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 53841
x-amz-cf-id: f2RaG1tju8fwDfkz5_ZFlCBsLJxAYx8KZRWysYNRlX1aaQ-YpASyTA==

GET
H2 404 ksdjgfks.js
bloxcrafts.com/v/ 0
0 214ms
212ms Script
text/html 104.21.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxcrafts.com/v/ksdjgfks.js
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/v/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:55 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6HRa%2BvrbAzt5WfzNbT5ySMdeWDw%2Bp5Uy%2BjvBM0KAzhasaVOsonMjnqRqgIRShK7cmYHdQDM6EPVPuvq81XjTzwCnN4%2FSvazjO1YRSdmLtkx1DYLu4WmrzdcCjy47NwJNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 7ac9957458490eb0-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 519 KB
163 KB 112ms
46ms Script
application/javascript 2606:4700::6811:b949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cf36478d6948fe47ca29577bfa6b8c7aff1794674cde4da0fea6c5c79a2416d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:55 GMT
x-amz-version-id: BcUKT19jvqha_mCJECQcCiOx8gVJnm0b
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 47
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2916/bundles/project-v2.js&cfRay=7ac9944c6fcf0be3-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 02:39:35 UTC
server: cloudflare
etag: W/"c3874180dd1cb2b9fa1505de5d7b5e30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KB1jHwe3UWLsuUbnQDy2eAxZoDi0w136GX9kHyj19UMcEWspFVWD1tUkDrh4Y9u8DAcedxqgZe%2FoKVs6agG%2FyJ2eh4IwxOX5qHq0kKaxVizKld6i0NMCeDR37wvaiLIDa7sqJBWajrm6cb5M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7ac99574ca571c93-AMS
x-amz-cf-id: fSYc_aRDM8QiU7ehOD2LXgqObUKah9t4FxWfaqn5UOp4ZinWUp2gYQ==
x-hs-target-asset: forms-embed/static-1.2916/bundles/project-v2.js

GET
H2 200 regsw.js Show response
bloxcrafts.com/ 282 B
491 B 34ms
33ms Script
application/javascript 104.21.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxcrafts.com/regsw.js
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f52b25daed630fb6129a1356b9ff7a9c4ccb70441209fca3ab8dfb0930fcf8a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/v/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1657
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 20:29:18 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e63NZI9HqrEct%2B9PUdOz%2FTT9qPVLUE14BQZQzXwyZ2iYbzhnvHi2cqDeOlLkdOLxVvg0ME3zdjrPIycuigKIBANaPE9R0cTBY6bwaitp9NseqxaRI65JtmhsdJe0a1pVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ac99574584c0eb0-AMS
access-control-allow-headers: X-Requested-With, content-type

GET
H3 200 main.e92e2985.js Show response
bloxcrafts.com/static/js/ 177 KB
58 KB 479ms
479ms Script
application/javascript 104.21.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxcrafts.com/static/js/main.e92e2985.js
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b52ad76467efbb416531dcff67f002e0b48349698362251f002f6ada6776ef41

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/v/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 23 Mar 2023 20:56:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mU3bmQJVsA5r6Vt%2BnqxIBvKsmNfdvpLQzpSAdsXgYIrPJc1azZjD6bOdbAq571GAYx2CFAhXTRjfsy%2FpubiHyF6udw275o9F0YeubHzKJF6jxi8CIW3kUTrDfHZ0nrxKug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ac99577aed4b767-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.1acdce63.css
bloxcrafts.com/static/css/ 101 KB
68 KB 494ms
493ms Stylesheet
text/css 104.21.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxcrafts.com/static/css/main.1acdce63.css
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf83925d0e07d3bf0834b333e397cc417bade98da2c15b4881fe37ec9a54cb4c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/v/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 23 Mar 2023 17:50:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmLdwZMX2TpM7YRmr1rMJY%2FVd33Yoi3qKfbCGWi91KD2%2B8dGwvt4uvVxSPEn8kdwnhCGHfythDTUJFpEeRbPw18vIlE64RaIxVYEicp9OeWMthVjvXgN0sRuIijLL4ZpCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ac9957458460eb0-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 100ms
36ms Fetch
binary/octet-stream 172.64.107.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d3tjml0i5ek35w.cloudfront.net
URL: https://d3tjml0i5ek35w.cloudfront.net/?lmjtd=972452
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.107.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5377
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Mar 2023 19:27:20 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://bloxcrafts.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5K7hEFWZoxNhWNKCVPtRXuLYj7Ow4zc6Wibb6nesgQh0aswdr4csSa8WS4OrRqm3tRdWl0jn4c0OHhjFH2%2F88B7wYCtBQ18WmFY%2F2OT%2FHxkOyGZ1unmbgPcQujts2ib"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ac9957c5c460ea4-AMS
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 25 B
367 B 193ms
130ms Fetch
text/plain 172.64.107.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d3tjml0i5ek35w.cloudfront.net
URL: https://d3tjml0i5ek35w.cloudfront.net/?lmjtd=972452
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.107.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 541f3c61df7ceafd79381ddbbfbf6d56a4c04e22a5fbb5845628206cd6f18b0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxVYrkMrjEDS6Eaqvec2DAo%2FvSCnA1kgYk3odieLhRKs7PapQ2DpphH%2BlMNz4nsMUPGf0L92OABrHncP%2BA6y42Vl3Mdw%2BFuJ6sIOsUHMDDUq3RTVEofLkfbbj92NxZUF"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://bloxcrafts.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7ac9957c5c470ea4-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
opeanresultanc.com/ 0
538 B 195ms
118ms XHR
text/plain 52.222.158.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://opeanresultanc.com/utx?cb=eC6Kzd4lNjtj&top=bloxcrafts.com&tid=972452
Requested by: Host: d3tjml0i5ek35w.cloudfront.net
URL: https://d3tjml0i5ek35w.cloudfront.net/?lmjtd=972452
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-16.cdg52.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 20:56:57 GMT
via: 1.1 8b20ff9a1799265d378bf510ac3db6de.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: CDG52-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://bloxcrafts.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: XjzUKlLHGEfH9baJrcp8j9rt_AuQBP0DXArxdSG4i_Bqju2Xlsssfg==

GET
H2 204 R1BSWUZobzEqeyY7CAkTExIIOh4rIBEfc3Q1BQwDEBgYbBwWCXQtLyNta250c2VgfzYuNG9oYDQkMy0zNG1jfy8pNj1kYDFtY3d1c35ha2h1didkd2EkIjghemF0KTIzPG9ocHBpZGlzd2FkYHJ3
narepuewrwq.info/ 0
251 B 187ms
121ms Image
text/plain 104.21.41.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://narepuewrwq.info/R1BSWUZobzEqeyY7CAkTExIIOh4rIBEfc3Q1BQwDEBgYbBwWCXQtLyNta250c2VgfzYuNG9oYDQkMy0zNG1jfy8pNj1kYDFtY3d1c35ha2h1didkd2EkIjghemF0KTIzPG9ocHBpZGlzd2FkYHJ3
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.41.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxHIwtil1rnoMdmX6%2FxfYpcL5w3A7lJU72Rlg%2FopDrDhwkE5OaHaOTw5ZkYY4lJQuuo9VRD4gQhkRyKRVhcC4YFVxzoHW7QjCzAXYA7T7speX75q8wseAM8MYSYwTBU5DMfX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7ac9957c6f0c0e58-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 314ms
248ms Image
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AWnogHcpmC1oUkdVuZ7Ck2euB-JkSaq84tgcreJxNos7cWfrAsdgs-4JMBk-y0o...
https://accounts.google.com/v3/signin/identifier?dsh=S2080639804%3A1679605017264652&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Q81wqkk_til18mO3lCZa15-uZNN_ZumNQWPvbPQGG-GM...

0
0

83ms
82ms

Image
text/html

2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S2080639804%3A1679605017264652&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Q81wqkk_til18mO3lCZa15-uZNN_ZumNQWPvbPQGG-GMzShy892CwvbkrBEZFy0s61XJ7Vcw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H2
Server: 2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Redirect headers

date: Thu, 23 Mar 2023 20:56:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce--p2dJ_ce0WhJCIW0HdbCQQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S2080639804%3A1679605017264652&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Q81wqkk_til18mO3lCZa15-uZNN_ZumNQWPvbPQGG-GMzShy892CwvbkrBEZFy0s61XJ7Vcw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7SNh8wBAo0tc-Nm16ILIBdQvI5YMGJJ8RS7LQVgzH7cjojnsaBu2u4...
https://accounts.google.com/v3/signin/identifier?dsh=S-535988045%3A1679605017309973&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RIQnlqHd5PbaQHevqtCDXPi6bgW8soYKf-bMFBs4Yz-...

0
0

84ms
84ms

Image
text/html

2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-535988045%3A1679605017309973&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RIQnlqHd5PbaQHevqtCDXPi6bgW8soYKf-bMFBs4Yz-wbEaRkjkw8f_z7CfBpSG4krsCtd5A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H3
Server: 2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Redirect headers

date: Thu, 23 Mar 2023 20:56:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-VlqHT9z74W9q-ZBqMe4aWg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-535988045%3A1679605017309973&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RIQnlqHd5PbaQHevqtCDXPi6bgW8soYKf-bMFBs4Yz-wbEaRkjkw8f_z7CfBpSG4krsCtd5A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
narepuewrwq.info/ 35 B
544 B 69ms
32ms Image
image/gif 104.21.41.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://narepuewrwq.info/popunder.gif
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/v/2qxW27abDuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.41.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: public
date: Thu, 23 Mar 2023 20:56:57 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 20:26:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1838
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSW121wIyWvVPQEPLHyS%2BYZ52hfQN9fyjg0djtdiT7kZribYoNTVsgiimr821OuegedFD4%2BwD17EJN77XDMguKAH6hfHI7JweTdmg4TJEHZFI7wq1Ic4m4guQKEZ0vrKps9z"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7ac9957c6f0d0e58-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
956 B 71ms
69ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Requested by

Host: bloxcrafts.com
URL: https://bloxcrafts.com/static/css/main.1acdce63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

659f641de81ca703114fd6675032bfab0410f47b3423d055e020d567b9708759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 20:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 20:04:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 20:56:56 GMT

GET
H2 200 Sb2VkZVUMCgoDahsMAFhsWFdQUGdJDxcKOx9YLwg5JQYhHA8uAAAPOkkRHgFoX0MIBDsIWEIAOwxYVUM0CwdZVXMbFQsOaB0BBQ8wBBwLFSxJEAVYOAAfDQk5DkBWI2BBVUFXZUcSDQsxABIXQGdfCxBAZ19UVEtlSlYmQGdfEg0LY1tAVydwXVUcU2FGQF-ZVNB8... Show response
d3tjml0i5ek35w.cloudfront.net/ 801 B
857 B 675ms
675ms Script
text/plain 2600:9000:2396:f600:18:319b:c100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3tjml0i5ek35w.cloudfront.net/Sb2VkZVUMCgoDahsMAFhsWFdQUGdJDxcKOx9YLwg5JQYhHA8uAAAPOkkRHgFoX0MIBDsIWEIAOwxYVUM0CwdZVXMbFQsOaB0BBQ8wBBwLFSxJEAVYOAAfDQk5DkBWI2BBVUFXZUcSDQsxABIXQGdfCxBAZ19UVEtlSlYmQGdfEg0LY1tAVydwXVUcU2FGQF-ZVNB8VCAAiCgcPDCFKVyJQZlhLV1NwXVVMDj0bCAhAZyxAVlU5Bg4BQGdfAgEGPgBMQVdlDA0WCjgKQFYjZF5USlV7WlBSVnteVFRAZ18WBQM0HQxBVxNaVlNLZllDEVhk
Requested by: Host: d3tjml0i5ek35w.cloudfront.net
URL: https://d3tjml0i5ek35w.cloudfront.net/?lmjtd=972452
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2396:f600:18:319b:c100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8155a0d46e37f602d07798f3b1871978bd99dc635c98541df31312722b3e2a96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:57 GMT
content-encoding: gzip
via: 1.1 0cd7eb065076cb5987d9348a09f72496.cloudfront.net (CloudFront)
x-amz-cf-pop: MCT50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 581
x-amz-cf-id: 3qt5fdxnxbBV43yW9nTe6i96R8O6erE3RSIsn9RvKJpekcl7qznerA==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 134ms
58ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bloxcrafts.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 217158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
H3 200 data.json Show response
bloxcrafts.com/ 1 MB
71 KB 220ms
219ms Fetch
application/json 104.21.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxcrafts.com/data.json?tid=934606
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/static/js/main.e92e2985.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d23332b0aae9d6c0f59040c16eb5ae865798ed0fa7c6a13f263cb2fccd0ff811

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/v/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPjEE80p2bwI0UPIP8p5%2B67Epph6YMSljdMLAIoxGbaPj64VRzUBZsGlbtVLwiz1UWQkqAyVPIr%2FNi5uwJCfu1hebiF2daBTi1z1UmenqfSPPIxlEhiDajvE%2FqJ2GpOZvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-credentials: true
cf-ray: 7ac9957ccb8eb767-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 data.json Show response
bloxcrafts.com/ 1 MB
71 KB 219ms
218ms Fetch
application/json 104.21.25.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bloxcrafts.com/data.json?tid=934606
Requested by: Host: bloxcrafts.com
URL: https://bloxcrafts.com/static/js/main.e92e2985.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.25.122 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d23332b0aae9d6c0f59040c16eb5ae865798ed0fa7c6a13f263cb2fccd0ff811

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/v/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOM9FniMFKFDRRYAKD%2BEuKRjye%2FB8OKiyvPgRLRcvFd%2FjkxnuGZ6V4mOoOKpPDkLfDBBao%2FnMumiMI%2F%2FsyuVD2yEpvVNNGVBtTQZqncaiKm7u%2FiSfqpKk3rwv4xUrIQikw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-credentials: true
cf-ray: 7ac9957ccb8fb767-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

2qxW27abDuw Show response
www.youtube.com/embed/ Frame A23C
Redirect Chain

https://youtube.com/embed/2qxW27abDuw
https://www.youtube.com/embed/2qxW27abDuw

73 KB
31 KB

270ms
141ms

Document
text/html

2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/2qxW27abDuw

Requested by

Host: bloxcrafts.com
URL: https://bloxcrafts.com/static/js/main.e92e2985.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7e2902689e02654b5700eccf49b4d8db28358f9513e0306bf3293ca5abdb43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloxcrafts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 20:56:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=31536000
content-length: 0
content-type: application/binary
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 20:56:58 GMT
expires: Thu, 23 Mar 2023 20:56:58 GMT
location: https://www.youtube.com/embed/2qxW27abDuw
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cca92f26e5112e394cd022b7e60fec5f50f40c5b79e9a5bb3130684b8c95d9e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Yi6wNh8fhbLbyVVO4OfQTf9hVMUIEGsxHslyhjYMBDhkAJHplSK8NGnxk_MeqwOJYKm3x_trXDI=s176-c-k-c0x00ffffff-no-rj
yt3.googleusercontent.com/ 6 KB
6 KB 149ms
60ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.googleusercontent.com/Yi6wNh8fhbLbyVVO4OfQTf9hVMUIEGsxHslyhjYMBDhkAJHplSK8NGnxk_MeqwOJYKm3x_trXDI=s176-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4403f7cf4a591ec20a631adf81dca8b7ea1c38153de6e4ae0069176828037b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:23:04 GMT
x-content-type-options: nosniff
age: 2034
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5844
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:22:29 GMT

GET
H2 200 ivUcgipsp1AnMzetRt5_UIRbYM2z0xAccFL6hLL_BJNC-BdZAVOY5F6Xl5v5bKsNowUxuD3h=w1060-fcrop64=1
yt3.googleusercontent.com/ 86 KB
86 KB 152ms
64ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.googleusercontent.com/ivUcgipsp1AnMzetRt5_UIRbYM2z0xAccFL6hLL_BJNC-BdZAVOY5F6Xl5v5bKsNowUxuD3h=w1060-fcrop64=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9f271bcf055ac21d0856b89a2deff33102eb1f9e8c15dd306423c1a70105cd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bloxcrafts.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:23:04 GMT
x-content-type-options: nosniff
age: 2034
content-disposition: inline;filename="channels4_banner.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87754
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 23 Mar 2023 18:22:54 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/ace4d669/ Frame A23C 399 KB
51 KB 60ms
59ms Stylesheet
text/css 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf75f9a4ede4c78af871f3cb51fffa3e1f91f5cb0ae8e408770eb707bbda2ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51763
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:00:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A23C 15 KB
15 KB 59ms
58ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 217160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A23C 15 KB
15 KB 68ms
68ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 217160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/ace4d669/www-embed-player.vflset/ Frame A23C 347 KB
108 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732b2e7803c1a94ff38fda4a0c54b919ad96930218d4dccaf17e3dbbfbbde174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:45:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110254
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Mar 2024 20:45:07 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/ Frame A23C 2 MB
612 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c68d7c2e89bff804eb1afac106a7c37d48af265f4e33a5e1e43052c5971eb35b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 626567
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:13:50 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ace4d669/fetch-polyfill.vflset/ Frame A23C 9 KB
3 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:11:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Mar 2024 20:11:11 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A23C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

66ms
65ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2qxW27abDuw

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4a7c1873094391ab1c945adef905ad9f56a0735ccbdb41abcf28884fa28c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Mar 2023 20:56:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A23C 29 B
495 B 182ms
58ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:50:11 GMT
x-content-type-options: nosniff
age: 407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Mar 2023 21:05:11 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 196ms
68ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 23 Mar 2023 20:56:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 initplayback Show response
redirector.googlevideo.com/ Frame A23C 490 B
926 B 211ms
67ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=2a00%3A1630%3A2%3A1c03%3A0%3A0%3A0%3A4&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQzNjQ1Ng&rxtags=Cg4KAnR4EggyNDQzNjQ1NQ%2CCg4KAnR4EggyNDQzNjQ1Ng%2CCg4KAnR4EggyNDQzNjQ1Nw%2CCg4KAnR4EggyNDQzNjQ1OA&alr=yes&id=49415

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ClientMapServer /

Resource Hash

a13df14a9c0bf0c7957addde927682765bfb2a4482f15c7f70974d5751cbf7d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 306
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A23C 66 KB
31 KB 81ms
80ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab24f437de46d2e5cdd44bd6939eb1f5b6cc480d72e5fe5023e7de3383ab0fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 23 Mar 2023 20:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31094
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/ Frame A23C 116 KB
36 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f7805c091f07b0a85bd7b22835845df07c9943c51f33c0abfd5af23539d2463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36460
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:13:50 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/2qxW27abDuw/ Frame A23C 39 KB
40 KB 241ms
116ms Image
image/webp 2a00:1450:4001:80b::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/2qxW27abDuw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ccb60b24f9c3753ff0f01ae4488e754b22e68ad7f22ea090cfbce7833e74f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:59 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40142
x-xss-protection: 0
server: sffe
etag: "1671433656"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Mar 2023 22:56:59 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/ Frame A23C 27 KB
9 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c49accd829294d619df6bcc541c216bc51810da465a0714fd203656f48a0698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8693
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:13:50 GMT

GET
DATA 200
OK truncated
/ Frame A23C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Yi6wNh8fhbLbyVVO4OfQTf9hVMUIEGsxHslyhjYMBDhkAJHplSK8NGnxk_MeqwOJYKm3x_trXDI=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A23C 2 KB
2 KB 183ms
58ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/Yi6wNh8fhbLbyVVO4OfQTf9hVMUIEGsxHslyhjYMBDhkAJHplSK8NGnxk_MeqwOJYKm3x_trXDI=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/2qxW27abDuw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9503f2bdfd0ad03e1d815b1b221ee6fd42b150d82182801dd8b0103617b7da54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 19:37:30 GMT
x-content-type-options: nosniff
age: 4768
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1759
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 23 Mar 2023 18:14:04 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A23C 4 KB
2 KB 150ms
76ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 20:56:59 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame A23C 50 KB
15 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 24 Mar 2023 10:21:14 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A23C 90 B
134 B 71ms
71ms XHR
application/json+protobuf 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ce5c9f3500ba8d2e7f640540979880ba8871927999ee55ef48f27a01c5460d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 23 Mar 2023 20:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 68ms
67ms Preflight
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 23 Mar 2023 20:56:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 get Show response
www.youtube.com/youtubei/v1/att/ Frame A23C 22 KB
16 KB 88ms
86ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/att/get?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

e932140b7667d39e3abd383cfeb0ffe1a32e11f8486f7c39b73fe76b6f24573e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/2qxW27abDuw
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230321.00.00
X-Goog-Visitor-Id: CgtwaHBrZVp3eUViOCia-vKgBg%3D%3D

Response headers

date: Thu, 23 Mar 2023 20:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16352
x-xss-protection: 0
expires: Thu, 23 Mar 2023 20:56:59 GMT

GET
H2 200 O-AKP-tSDh3fyUooxhKH3SjZl1z40CGI4bY0NG2JmmE.js Show response
www.google.com/js/th/ Frame A23C 36 KB
14 KB 113ms
32ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/O-AKP-tSDh3fyUooxhKH3SjZl1z40CGI4bY0NG2JmmE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be00a3feb520e1ddfc94a28c61287dd28d9975cf8d02188e1b634346d899a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 05:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14304
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 05:05:00 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A23C 0
10 B 60ms
59ms Image
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Zgnctg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/2qxW27abDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 20:57:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A23C 28 B
54 B 74ms
74ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
X-Goog-Request-Time: 1679605021213
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/2qxW27abDuw
X-YouTube-Client-Version: 1.20230321.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtwaHBrZVp3eUViOCia-vKgBg%3D%3D
X-YouTube-Ad-Signals: dt=1679605018566&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C600%2C400&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 23 Mar 2023 20:57:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 23 Mar 2023 20:57:01 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pogothere.xyz/	1970-01-20 19:11:49	Name: csu Value: 39769928973938@1@1679605017
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: bD4k0_6dpIc
.youtube.com/	1970-01-20 14:52:37	Name: VISITOR_INFO1_LIVE Value: phpkeZwyEb8

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bloxcrafts.com/v/ksdjgfks.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S2080639804%3A1679605017264652&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Q81wqkk_til18mO3lCZa15-uZNN_ZumNQWPvbPQGG-GMzShy892CwvbkrBEZFy0s61XJ7Vcw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-535988045%3A1679605017309973&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RIQnlqHd5PbaQHevqtCDXPi6bgW8soYKf-bMFBs4Yz-wbEaRkjkw8f_z7CfBpSG4krsCtd5A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
bloxcrafts.com
cdnjs.cloudflare.com
d3tjml0i5ek35w.cloudfront.net
fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js.hsforms.net
minebloxcraft.com
minebloxcrafts.com
narepuewrwq.info
opeanresultanc.com
pogothere.xyz
redirector.googlevideo.com
static.doubleclick.net
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
youtube.com
yt3.ggpht.com
yt3.googleusercontent.com
104.21.25.122
104.21.41.152
172.64.107.19
172.67.134.56
2600:9000:2396:f600:18:319b:c100:21
2606:4700:20::681a:f3e
2606:4700:3031::ac43:bb07
2606:4700::6811:190e
2606:4700::6811:b949
2a00:1450:4001:801::200e
2a00:1450:4001:806::2001
2a00:1450:4001:806::2006
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2016
2a00:1450:4001:80e::200d
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::200a
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
52.222.158.16
0cf36478d6948fe47ca29577bfa6b8c7aff1794674cde4da0fea6c5c79a2416d
1af0f0a4830eea6783c00aa425504cc694842ec9406c57748c28480ff4afc645
1f52b25daed630fb6129a1356b9ff7a9c4ccb70441209fca3ab8dfb0930fcf8a
1f7805c091f07b0a85bd7b22835845df07c9943c51f33c0abfd5af23539d2463
202847ca5012b087ceaf261a68e42f7638e01e2cd1cccb915d434cd8c228056d
3be00a3feb520e1ddfc94a28c61287dd28d9975cf8d02188e1b634346d899a61
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4403f7cf4a591ec20a631adf81dca8b7ea1c38153de6e4ae0069176828037b3b
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
541f3c61df7ceafd79381ddbbfbf6d56a4c04e22a5fbb5845628206cd6f18b0e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
63ccb60b24f9c3753ff0f01ae4488e754b22e68ad7f22ea090cfbce7833e74f9
659f641de81ca703114fd6675032bfab0410f47b3423d055e020d567b9708759
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
732b2e7803c1a94ff38fda4a0c54b919ad96930218d4dccaf17e3dbbfbbde174
7c49accd829294d619df6bcc541c216bc51810da465a0714fd203656f48a0698
8155a0d46e37f602d07798f3b1871978bd99dc635c98541df31312722b3e2a96
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9503f2bdfd0ad03e1d815b1b221ee6fd42b150d82182801dd8b0103617b7da54
9f271bcf055ac21d0856b89a2deff33102eb1f9e8c15dd306423c1a70105cd71
a13df14a9c0bf0c7957addde927682765bfb2a4482f15c7f70974d5751cbf7d3
ab24f437de46d2e5cdd44bd6939eb1f5b6cc480d72e5fe5023e7de3383ab0fd6
b52ad76467efbb416531dcff67f002e0b48349698362251f002f6ada6776ef41
bf75f9a4ede4c78af871f3cb51fffa3e1f91f5cb0ae8e408770eb707bbda2ddb
bf83925d0e07d3bf0834b333e397cc417bade98da2c15b4881fe37ec9a54cb4c
c68d7c2e89bff804eb1afac106a7c37d48af265f4e33a5e1e43052c5971eb35b
cca92f26e5112e394cd022b7e60fec5f50f40c5b79e9a5bb3130684b8c95d9e5
ce5c9f3500ba8d2e7f640540979880ba8871927999ee55ef48f27a01c5460d3a
cf7e2902689e02654b5700eccf49b4d8db28358f9513e0306bf3293ca5abdb43
d23332b0aae9d6c0f59040c16eb5ae865798ed0fa7c6a13f263cb2fccd0ff811
d332b3d4fce6f19a6289ce4f7215309dfa2b98aaf1b71148448495e14b286354
d69564e6bb3204c6f9ecc829c9d5831ca5fcabea510d2e55a77f475746c1b446
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e932140b7667d39e3abd383cfeb0ffe1a32e11f8486f7c39b73fe76b6f24573e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee4a7c1873094391ab1c945adef905ad9f56a0735ccbdb41abcf28884fa28c76
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

bloxcrafts.com Open in urlscan Pro 104.21.25.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

94 %HTTPS

81 %IPv6

20 Domains

25 Subdomains

23 IPs

3 Countries

1733 kBTransfer

7119 kBSize

3 Cookies

7 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

bloxcrafts.com Open in urlscan Pro
104.21.25.122 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

94 %
HTTPS

81 %
IPv6

20
Domains

25
Subdomains

23
IPs

3
Countries

1733 kB
Transfer

7119 kB
Size

3
Cookies

49 HTTP transactions
2 data transactions