urlscan.io logo urlscan.io
SecurityTrails logo

rfreward.com Open in urlscan Pro
2a02:4780:8:1313:0:3241:befe:2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rfreward.com/
Effective URL: https://rfreward.com/
Submission: On February 19 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 38 HTTP transactions. The main IP is 2a02:4780:8:1313:0:3241:befe:2, located in Meppel, Netherlands and belongs to AS-HOSTINGER, CY. The main domain is rfreward.com.
TLS certificate: Issued by R3 on January 12th 2024. Valid for: 3 months.
This is the only time rfreward.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    2a02:4780:8:1313:0:3241:befe:2 (Meppel, Netherlands)

ASN47583 (AS-HOSTINGER, CY)
rfreward.com
8    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
13 rfreward.com
rfreward.com
93 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
1010 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 230
41 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
48 KB
4 w.org
s.w.org — Cisco Umbrella Rank: 3684
3 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
static.doubleclick.net — Cisco Umbrella Rank: 271
1 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 218
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
23 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
20 KB
38 9
Domain Requested by
13 rfreward.com 1 redirects rfreward.com
8 www.youtube.com rfreward.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
4 s.w.org rfreward.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
38 11

This site contains links to these domains. Also see Links.

Domain
discord.gg
www.facebook.com
www.youtube.com
www.instagram.com
Subject Issuer Validity Valid
rfreward.com
R3		 2024-01-12 -
2024-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2023-12-18 -
2025-01-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://rfreward.com/
Frame ID: 56C4FBDEB2A886B3E431656C77CBDCBE
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Frame ID: F2C13E081B28C0B6E688206C73932CFB
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Reward – Rising Force Online

Page URL History Show full URLs

  1. http://rfreward.com/ HTTP 301
    https://rfreward.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

38
Requests

95 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

1241 kB
Transfer

3895 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rfreward.com/ HTTP 301
    https://rfreward.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rfreward.com/
Redirect Chain
  • http://rfreward.com/
  • https://rfreward.com/
62 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.2.34
Resource Hash
1ca0caea0872d660e44f19a9a8973530f34cb97f50bda93a572ffab0d7dee43e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
16958
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 19 Feb 2024 19:00:35 GMT
etag
"743-1708364575;br"
link
<https://rfreward.com/index.php/wp-json/>; rel="https://api.w.org/"
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/7.2.34

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Mon, 19 Feb 2024 19:00:35 GMT
location
https://rfreward.com/
platform
hostinger
server
LiteSpeed
animate.min.css
rfreward.com/wp-content/plugins/countdown-block/assets/css/ 		69 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/wp-content/plugins/countdown-block/assets/css/animate.min.css?ver=1.2.7
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
704010237b0bbe3ce746f52412c59fe5d64289b9fb11baadf8a4e266b19fe38c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 19 Feb 2024 15:39:19 GMT
server
LiteSpeed
etag
"115b3-65d37627-19add75c99b28720;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4667
expires
Mon, 26 Feb 2024 19:00:35 GMT
style.css
rfreward.com/wp-content/plugins/countdown-block/dist/ 		262 B
323 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/wp-content/plugins/countdown-block/dist/style.css?ver=1.2.7
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
412b4697bc6420829b4c8f58196e8b21ec4a0c53695feb5d7c762404af409750
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 19 Feb 2024 15:39:19 GMT
server
LiteSpeed
etag
"106-65d37627-5d855746f7f2eac0;;;"
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
262
expires
Mon, 26 Feb 2024 19:00:35 GMT
style.min.css
rfreward.com/wp-includes/blocks/social-links/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/wp-includes/blocks/social-links/style.min.css?ver=6.3.3
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a05c1b4a0da521d08a4fd7c477f5da8bcd7691f8e69244ec265762ddf4dd03e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 17 Oct 2023 06:22:37 GMT
server
LiteSpeed
etag
"26c9-652e282d-c15db80c4566b434;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1361
expires
Mon, 26 Feb 2024 19:00:35 GMT
style.min.css
rfreward.com/wp-includes/blocks/cover/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/wp-includes/blocks/cover/style.min.css?ver=6.3.3
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bbc5c3ac23e7aa8868ccd7ead04b1c7865d2dc3ff14d17e2ecedf1f45523390c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 17 Oct 2023 06:22:36 GMT
server
LiteSpeed
etag
"4194-652e282c-1b2e91c6a12aa0a9;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1396
expires
Mon, 26 Feb 2024 19:00:35 GMT
eb-style-edit-site.min.css
rfreward.com/wp-content/uploads/eb-style/ 		1 KB
483 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/wp-content/uploads/eb-style/eb-style-edit-site.min.css?ver=a164610bf4
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b74b43622fb282f126c0132c7eefc01dd840a7f050b58bb7e0980604481e2195
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 19 Feb 2024 17:42:55 GMT
server
LiteSpeed
etag
"5ed-65d3931f-abc68fc2c25efae6;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
397
expires
Mon, 26 Feb 2024 19:00:35 GMT
style.css
rfreward.com/wp-content/themes/oaknut/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/wp-content/themes/oaknut/style.css?ver=1.0
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8cbefe01536ddea750ee98561dc387b2fc545f6dca039cc68b7f07e28e39aea7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 31 Dec 2022 20:45:23 GMT
server
LiteSpeed
etag
"1599-63b09f63-1f9d7510147096e4;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1352
expires
Mon, 26 Feb 2024 19:00:35 GMT
cb48f6a4-40a9-4866-9ec1-84dfecf70ea0
https://rfreward.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://rfreward.com/cb48f6a4-40a9-4866-9ec1-84dfecf70ea0
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
j-trQE8pvto
www.youtube.com/embed/ Frame F2C1 		93 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77bfbcf4f274e5dc67595b0343b9e4cae70d15c64708b13ad8886f5be47ae1e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rfreward.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Feb 2024 19:00:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
logo-reward-Copia.png
rfreward.com/wp-content/uploads/2024/02/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rfreward.com/wp-content/uploads/2024/02/logo-reward-Copia.png
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c1bafd596549da653110198b57c86537a94e3e5ed2db9b0ecb4fae7fdf921db9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 19 Feb 2024 15:31:54 GMT
server
LiteSpeed
etag
"8968-65d3746a-b906421f5373ea2d;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
35176
expires
Mon, 26 Feb 2024 19:00:35 GMT
index.js
rfreward.com/wp-content/plugins/countdown-block/dist/frontend/ 		2 KB
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/wp-content/plugins/countdown-block/dist/frontend/index.js?ver=1.2.7
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bf1597150631b25cd000e8667df27db94bbea81643c6e3d73c70163ce45b664b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 19 Feb 2024 15:39:19 GMT
server
LiteSpeed
etag
"722-65d37627-9d74a851005cad9a;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
658
expires
Mon, 26 Feb 2024 19:00:35 GMT
eb-animation-load.js
rfreward.com/wp-content/plugins/countdown-block/assets/js/ 		2 KB
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/wp-content/plugins/countdown-block/assets/js/eb-animation-load.js?ver=1.2.7
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7159e76b60dc253f3b5549d4976f680acb8980fa0afdb49652c4005133bde5d7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 19 Feb 2024 15:39:19 GMT
server
LiteSpeed
etag
"9de-65d37627-9571e396ea64475f;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
708
expires
Mon, 26 Feb 2024 19:00:35 GMT
figtree.woff2
rfreward.com/wp-content/themes/oaknut/assets/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/wp-content/themes/oaknut/assets/fonts/figtree.woff2
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9ad88893ad156ccd68a79612d939d8be324001a947009311f126199e037272f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://rfreward.com/
Origin
https://rfreward.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 31 Dec 2022 20:45:23 GMT
server
LiteSpeed
etag
"6540-63b09f63-4ba2b3b9faecdc10;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
25920
expires
Mon, 26 Feb 2024 19:00:35 GMT
wp-emoji-release.min.js
rfreward.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rfreward.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.3
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:1313:0:3241:befe:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 17 Oct 2023 06:22:34 GMT
server
LiteSpeed
etag
"4904-652e282a-5debdee7290e93eb;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4605
expires
Mon, 26 Feb 2024 19:00:35 GMT
1f3af.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		1 KB
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f3af.svg
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
e6c11ef16f86c3c06a36ce4e3af7bd3ec27b7a8f1791f510b0e7a1638edbfca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:50 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
1f52e.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		695 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f52e.svg
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
5ba3c6d835cf3dea2bf01c07c40ca6b5575eeb87ed9a845addd06c6fcdcc9511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:50:59 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
1f4dc.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		912 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f4dc.svg
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
e8d2fa22f334a6e170fc4b156d677eaa3f19b23699a2b594e8f47b952bfddec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 19 Feb 2024 19:00:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:26 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
2764.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		368 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/2764.svg
Requested by
Host: rfreward.com
URL: https://rfreward.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://rfreward.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Mon, 19 Feb 2024 19:00:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:50:38 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
368
expires
Thu, 31 Dec 2037 23:55:55 GMT
www-player.css
www.youtube.com/s/player/5683fc5e/ Frame F2C1 		366 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 11:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
112505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48183
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 17 Feb 2025 11:45:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F2C1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:50:21 GMT
x-content-type-options
nosniff
age
555014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:50:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F2C1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:09:14 GMT
x-content-type-options
nosniff
age
553881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:09:14 GMT
embed.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/ Frame F2C1 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767db26e217689246aff4c65a4133f224d04f3605905df1c5071b375403ee66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:42:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
469078
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16852
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 13 Feb 2025 08:42:37 GMT
www-embed-player.js
www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/ Frame F2C1 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 13:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
19408
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96927
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Feb 2025 13:37:07 GMT
base.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/ Frame F2C1 		2 MB
777 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38223f05308c8bd6769c832eff7433751d148bc2bee622d80de157aafdacf06a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795368
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 13 Feb 2025 08:42:38 GMT
id
googleads.g.doubleclick.net/pagead/ Frame F2C1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Protocol
H2
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e2f6692980579c0ae46810724805c64b35414d6c639425b1fb127c2ec97a738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 19 Feb 2024 19:00:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame F2C1 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 18:57:15 GMT
x-content-type-options
nosniff
age
201
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Feb 2024 19:12:15 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 19 Feb 2024 19:00:36 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F2C1 		88 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0668c03b6afdda54aba7bc6834afcd7ff0a823cf9c440bbde6b9f932f2866d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 19 Feb 2024 19:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41407
x-xss-protection
0
remote.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/ Frame F2C1 		117 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2852477cf5149a6cdc099bddc595e1351a0d760196072343f4d19ed0f0cf1727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:50:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
468589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33924
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 13 Feb 2025 08:50:46 GMT
Fp6QulWswpmLMJEWkaTJt3cp4P6ZSFxx-IHTkppzlzQ.js
www.google.com/js/th/ Frame F2C1 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Fp6QulWswpmLMJEWkaTJt3cp4P6ZSFxx-IHTkppzlzQ.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
169e90ba55acc2998b30911691a4c9b77729e0fe99485c71f881d3929a739734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 03:59:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
226889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19965
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Feb 2025 03:59:07 GMT
sddefault.jpg
i.ytimg.com/vi/j-trQE8pvto/ Frame F2C1 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/j-trQE8pvto/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEAgUihlMA8=&rs=AOn4CLAT0COVyLA68pDaBzfyHUt97UKYUw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cfcdb986d8f68134c100afd40462717e1308479ef2fad6c28c0218ddae0602d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:36 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23356
x-xss-protection
0
server
sffe
etag
"1708362181"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 19 Feb 2024 19:05:36 GMT
truncated
/ Frame F2C1 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
HTw7R-s0ABfHg5XrfgROUAOWtEWu8NvfrtpTOLLiwV9RohPqnJPjbAY8paWTpnBEbMinUvzlN6E=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame F2C1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/HTw7R-s0ABfHg5XrfgROUAOWtEWu8NvfrtpTOLLiwV9RohPqnJPjbAY8paWTpnBEbMinUvzlN6E=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2cdd0de7508cc9cbce5b67f827bab591d8970971e7538199d2e7f992ba445552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 17:58:58 GMT
x-content-type-options
nosniff
age
3698
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3193
x-xss-protection
0
server
fife
etag
"v2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Feb 2024 17:58:58 GMT
generate_204
www.youtube.com/ Frame F2C1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?8BMuWA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame F2C1 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Feb 2024 19:00:36 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 19 Feb 2024 19:00:36 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F2C1 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
026ac2110d276d6408eda5acbe216476587aa22629e530c169816a89999d2a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 19 Feb 2024 19:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/121/ Frame F2C1 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/121/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 05:08:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 16:05:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 20 Feb 2024 05:08:05 GMT
log_event
www.youtube.com/youtubei/v1/ Frame F2C1 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-Goog-Request-Time
1708369238309
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/j-trQE8pvto?feature=oembed
X-YouTube-Client-Version
1.20240213.01.00
X-YouTube-Time-Zone
Europe/Amsterdam
X-Goog-Visitor-Id
CgtsNURQSmlqc0RBayjTys6uBjIOCgJOTBIIEgQSAgsMIAs%3D
X-YouTube-Ad-Signals
dt=1708369235742&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C532%2C299&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 19 Feb 2024 19:00:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings function| isInViewport function| replaceAnimationClasses function| waitForElement object| twemoji object| wp

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 7f8lGUbMAYk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: l5DPJijsDAk

18 Console Messages

Source Level URL
Text
other warning URL: https://rfreward.com/(Line 155)
Message:
Unrecognized feature: 'web-share'.
deprecation warning URL: https://rfreward.com/wp-content/plugins/countdown-block/assets/js/eb-animation-load.js?ver=1.2.7(Line 25)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://rfreward.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
rfreward.com
s.w.org
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
192.0.77.48
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2016
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2006
2a02:4780:8:1313:0:3241:befe:2
026ac2110d276d6408eda5acbe216476587aa22629e530c169816a89999d2a96
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
169e90ba55acc2998b30911691a4c9b77729e0fe99485c71f881d3929a739734
1ca0caea0872d660e44f19a9a8973530f34cb97f50bda93a572ffab0d7dee43e
2852477cf5149a6cdc099bddc595e1351a0d760196072343f4d19ed0f0cf1727
2cdd0de7508cc9cbce5b67f827bab591d8970971e7538199d2e7f992ba445552
38223f05308c8bd6769c832eff7433751d148bc2bee622d80de157aafdacf06a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
412b4697bc6420829b4c8f58196e8b21ec4a0c53695feb5d7c762404af409750
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba3c6d835cf3dea2bf01c07c40ca6b5575eeb87ed9a845addd06c6fcdcc9511
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6e2f6692980579c0ae46810724805c64b35414d6c639425b1fb127c2ec97a738
704010237b0bbe3ce746f52412c59fe5d64289b9fb11baadf8a4e266b19fe38c
7159e76b60dc253f3b5549d4976f680acb8980fa0afdb49652c4005133bde5d7
77bfbcf4f274e5dc67595b0343b9e4cae70d15c64708b13ad8886f5be47ae1e5
8767db26e217689246aff4c65a4133f224d04f3605905df1c5071b375403ee66
8cbefe01536ddea750ee98561dc387b2fc545f6dca039cc68b7f07e28e39aea7
8cfcdb986d8f68134c100afd40462717e1308479ef2fad6c28c0218ddae0602d
9ad88893ad156ccd68a79612d939d8be324001a947009311f126199e037272f5
a05c1b4a0da521d08a4fd7c477f5da8bcd7691f8e69244ec265762ddf4dd03e9
b74b43622fb282f126c0132c7eefc01dd840a7f050b58bb7e0980604481e2195
bbc5c3ac23e7aa8868ccd7ead04b1c7865d2dc3ff14d17e2ecedf1f45523390c
bf1597150631b25cd000e8667df27db94bbea81643c6e3d73c70163ce45b664b
c1bafd596549da653110198b57c86537a94e3e5ed2db9b0ecb4fae7fdf921db9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e0668c03b6afdda54aba7bc6834afcd7ff0a823cf9c440bbde6b9f932f2866d2
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c11ef16f86c3c06a36ce4e3af7bd3ec27b7a8f1791f510b0e7a1638edbfca2
e8d2fa22f334a6e170fc4b156d677eaa3f19b23699a2b594e8f47b952bfddec3
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660