urlscan.io logo urlscan.io
SecurityTrails logo

kmobifatetsteam.ga Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: http://kmobifatetsteam.ga/
Submission Tags: discord.fish
Submission: On June 30 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 23 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is kmobifatetsteam.ga.
This is the only time kmobifatetsteam.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
kmobifatetsteam.ga
1    109.234.162.26 (France)

ASN50474 (O2SWITCH, FR)
PTR: castro.o2switch.net
infoidevice.fr
2    2606:4700:20::681a:969 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tomsguide.fr
www.tomsguide.fr
9    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 107
771 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 330
30 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
static.doubleclick.net — Cisco Umbrella Rank: 436
1 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
18 KB
2 tomsguide.fr
cdn.tomsguide.fr
www.tomsguide.fr — Cisco Umbrella Rank: 469774
100 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 135
48 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 257
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 8
14 KB
1 infoidevice.fr
infoidevice.fr
55 KB
1 kmobifatetsteam.ga
kmobifatetsteam.ga
8 KB
23 10
Domain Requested by
9 www.youtube.com kmobifatetsteam.ga
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 www.tomsguide.fr kmobifatetsteam.ga
1 cdn.tomsguide.fr 1 redirects
1 infoidevice.fr kmobifatetsteam.ga
1 kmobifatetsteam.ga
23 13

This site contains no links.

Subject Issuer Validity Valid
infoidevice.fr
R3		 2022-05-06 -
2022-08-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://kmobifatetsteam.ga/
Frame ID: 3A60FBB98885CD1727C36936BF2A8F3A
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Xk6zqnE_FxY
Frame ID: D238D5D2622A481C27776E41EEEF843F
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dans l'ombre de l'App Store: le marché noir des applications mobiles

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

23
Requests

87 %
HTTPS

92 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

1046 kB
Transfer

3155 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cdn.tomsguide.fr/content/uploads/sites/2/2018/12/smartphone-perdu-vole.jpg HTTP 301
  • https://www.tomsguide.fr/content/uploads/sites/2/2018/12/smartphone-perdu-vole.jpg
Request Chain 8
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kmobifatetsteam.ga/ 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://kmobifatetsteam.ga/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35dcb8b506b4a9b35709fcf945196ce0cf3bad71549d0d506441f578e1eecc4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7237a3d0bbb4b7a9-AMS
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 Jun 2022 14:37:26 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Du9jot8sIzEGjbIlxjfZK4cRsaiG9LHsF4nNOGg7mP7%2B%2FSbjIfPkmKFj8kf4o6tFbLocgLWnsQ3rT7dDFdoNCmGpDq%2BQ6W3WGmI8w37KO1xzZoYw0u5GTzJMoacaCEcJR4Mp603e1Ar7z17mfwfu0xw%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tweak-cydia-compatible-jailbreak-ios-12.jpg
infoidevice.fr/wp-content/uploads/2019/02/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infoidevice.fr/wp-content/uploads/2019/02/tweak-cydia-compatible-jailbreak-ios-12.jpg
Requested by
Host: kmobifatetsteam.ga
URL: http://kmobifatetsteam.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.162.26 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
castro.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
6870d2c2e9b9d849521d37b2faa406f6c9c1246fd6800f206207384ec28d278f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://kmobifatetsteam.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 14:37:27 GMT
x-content-type-options
nosniff
content-length
56006
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-lsadc-cache
hit
last-modified
Sat, 23 Feb 2019 19:50:30 GMT
server
o2switch-PowerBoost-v3
etag
"643680-1655936924;;;"
expect-ct
max-age=7776000, enforce
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
max-age=10368000, public
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 20 Oct 2022 22:28:48 GMT
smartphone-perdu-vole.jpg
www.tomsguide.fr/content/uploads/sites/2/2018/12/
Redirect Chain
  • https://cdn.tomsguide.fr/content/uploads/sites/2/2018/12/smartphone-perdu-vole.jpg
  • https://www.tomsguide.fr/content/uploads/sites/2/2018/12/smartphone-perdu-vole.jpg
99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tomsguide.fr/content/uploads/sites/2/2018/12/smartphone-perdu-vole.jpg
Requested by
Host: kmobifatetsteam.ga
URL: http://kmobifatetsteam.ga/
Protocol
H2
Server
2606:4700:20::681a:969 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5225f5d56c014cf4f12066f68e45b992fd02f2dd58f65b5c2fe6b4e650783b08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' tomshardware.fr www.tomshardware.fr tomsguide.fr www.tomsguide.fr cms.galaxiemedia.fr amp.tomsguide.fr amp.tomshardware.fr cdn.tomsguide.fr cdn.tomshardware.fr presence-pc.fr www.presence-pc.fr presence-pc.com www.presence-pc.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://kmobifatetsteam.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 14:37:27 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=101786, status=webp_bigger
strict-transport-security
max-age=31536000; includeSubdomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
101016
x-xss-protection
1; mode=block
last-modified
Wed, 12 Dec 2018 13:34:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PosP4j%2ByyAEtdG4Os8s3B1tJOuWrlHR3pJAbpIcBN7tOxGrgyg8tFAE%2BIllbnAM%2B9m1Xk77VqsgESdBjEjQQYZpMJpkrgtN6HlKXGcqQ7JXNLAJ21e5VzOUAjwWWA1z3kjMoKOGg07pc6Pke7K8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' tomshardware.fr www.tomshardware.fr tomsguide.fr www.tomsguide.fr cms.galaxiemedia.fr amp.tomsguide.fr amp.tomshardware.fr cdn.tomsguide.fr cdn.tomshardware.fr presence-pc.fr www.presence-pc.fr presence-pc.com www.presence-pc.com;
accept-ranges
bytes
cf-ray
7237a3d6edc7b992-AMS
cf-bgj
imgq:100,h2pri

Redirect headers

date
Thu, 30 Jun 2022 14:37:27 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXUyq2LfxrBXa0MG5%2BXHZUuUr2mH35Vnp%2F%2FQ7G0auluFYft66mCgc1WVtJeIjN3lUe8pg7xLcK2%2Fi7e2yITgcHujQHkwy7CBF059bw1Mc%2BQA4w2DM2rTHHgLlP72V52Wi1zgkIBOLXdTFOi6DmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.tomsguide.fr/content/uploads/sites/2/2018/12/smartphone-perdu-vole.jpg
vary
Accept-Encoding
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' tomshardware.fr www.tomshardware.fr tomsguide.fr www.tomsguide.fr cms.galaxiemedia.fr amp.tomsguide.fr amp.tomshardware.fr cdn.tomsguide.fr cdn.tomshardware.fr presence-pc.fr www.presence-pc.fr presence-pc.com www.presence-pc.com;
cf-ray
7237a3d5ec14b992-AMS
Xk6zqnE_FxY
www.youtube.com/embed/ Frame D238 		63 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Xk6zqnE_FxY
Requested by
Host: kmobifatetsteam.ga
URL: http://kmobifatetsteam.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef9df007e565d49fdf185b2a86f0d4b687955c2c73917c6b1be40c34cc4af0e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://kmobifatetsteam.ga/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 30 Jun 2022 14:37:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/bc3f94c3/ Frame D238 		339 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bc3f94c3/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Xk6zqnE_FxY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd46e809f37664665b67394303719ba31f518c6c03b6bc3c7a401c1c952001af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Xk6zqnE_FxY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 13:30:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
4043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47659
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 30 Jun 2023 13:30:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D238 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Xk6zqnE_FxY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
163846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/bc3f94c3/www-embed-player.vflset/ Frame D238 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bc3f94c3/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Xk6zqnE_FxY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20a9c6a34056688558ad52cc6ccffb58e8e476db537c3489c9db8d2d8f351b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Xk6zqnE_FxY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 16:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
78489
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95362
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 16:49:18 GMT
base.js
www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/ Frame D238 		2 MB
556 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Xk6zqnE_FxY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72b120c8fa02e48539e9f1f97a016525ce98c2b237b1ebaba1eeee9089928a8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Xk6zqnE_FxY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 17:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
77717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
569286
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 17:02:10 GMT
fetch-polyfill.js
www.youtube.com/s/player/bc3f94c3/fetch-polyfill.vflset/ Frame D238 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bc3f94c3/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Xk6zqnE_FxY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Xk6zqnE_FxY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 16:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
78489
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 16:49:18 GMT
id
googleads.g.doubleclick.net/pagead/ Frame D238
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Xk6zqnE_FxY
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7f2ee340cf1a4b30732535ffcdeb736f23493f306735e06cc4cffd2106a4fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 14:37:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 30 Jun 2022 14:37:27 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame D238 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 14:34:42 GMT
x-content-type-options
nosniff
age
165
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Jun 2022 14:49:42 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 30 Jun 2022 14:37:27 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D238 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ccd538935153e1aecacf9584e54435477c0c7692e25a94ba9334ad536b2394ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 30 Jun 2022 14:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30124
x-xss-protection
0
remote.js
www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/ Frame D238 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40fa4a1763e8d698fc91232ef7255fc2dfed9e0ce8738f25059a5995ec06639e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Xk6zqnE_FxY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 17:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
77188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37745
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 17:10:59 GMT
RaLArsxvzZvWDSadiaPkG6S0RcX7_vBx8QXaB049FR8.js
www.google.com/js/th/ Frame D238 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/RaLArsxvzZvWDSadiaPkG6S0RcX7_vBx8QXaB049FR8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a2c0aecc6fcd9bd60d269d89a3e41ba4b445c5fbfef071f105da074e3d151f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 04:11:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
37543
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13906
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 04:11:44 GMT
embed.js
www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/ Frame D238 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
763d712353363cb09f53d04958f1cffd72b8fdbfc991e320bb58d293ccee1e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Xk6zqnE_FxY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 17:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
77717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8077
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 03:07:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 17:02:10 GMT
truncated
/ Frame D238 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRXs3QOUDjiNVq0d9ViQpfIdk8AEl_oT0QhtTK8Vg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D238 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLRXs3QOUDjiNVq0d9ViQpfIdk8AEl_oT0QhtTK8Vg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Xk6zqnE_FxY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1ffa93b2895bb2829c0e6578ad64b58e3cc966c2b15c1beed8188e03f78c4fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 12:38:16 GMT
x-content-type-options
nosniff
age
7151
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2002
x-xss-protection
0
server
fife
etag
"v336"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 14 Jun 2022 10:29:42 GMT
sddefault.jpg
i.ytimg.com/vi/Xk6zqnE_FxY/ Frame D238 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/Xk6zqnE_FxY/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Xk6zqnE_FxY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c4994ef8ff44c918b860b131b3b9130247ce171826f1a722047fce7c14668f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 14:17:54 GMT
x-content-type-options
nosniff
age
1173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48206
x-xss-protection
0
server
sffe
etag
"1388618435"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 Jun 2022 16:17:54 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame D238 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 14:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 14:37:28 GMT
generate_204
www.youtube.com/ Frame D238 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?44NZtg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Xk6zqnE_FxY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/Xk6zqnE_FxY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 14:37:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D238 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
204853e82a5b643fb971a6fa5cb4c1db8cd27348a3b189db86d02fb6fcd0c51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 30 Jun 2022 14:37:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 30 Jun 2022 14:37:28 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame D238 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/bc3f94c3/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Xk6zqnE_FxY
X-YouTube-Client-Version
1.20220628.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgt3WUQyODdVOUkzVSin6vaVBg%3D%3D
X-YouTube-Ad-Signals
dt=1656599847576&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 30 Jun 2022 14:37:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 30 Jun 2022 14:37:30 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

3 Cookies

Domain/Path Name / Value
kmobifatetsteam.ga/ Name: ch1c
Value: b
.youtube.com/ Name: YSC
Value: oQj2jeK800M
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: wYD287U9I3U

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tomsguide.fr
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
infoidevice.fr
jnn-pa.googleapis.com
kmobifatetsteam.ga
static.doubleclick.net
www.google.com
www.gstatic.com
www.tomsguide.fr
www.youtube.com
yt3.ggpht.com
109.234.162.26
2606:4700:20::681a:969
2a00:1450:4001:803::200a
2a00:1450:4001:808::2004
2a00:1450:4001:809::200e
2a00:1450:4001:811::2016
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
2a06:98c1:3120::3
1ffa93b2895bb2829c0e6578ad64b58e3cc966c2b15c1beed8188e03f78c4fe5
204853e82a5b643fb971a6fa5cb4c1db8cd27348a3b189db86d02fb6fcd0c51f
20a9c6a34056688558ad52cc6ccffb58e8e476db537c3489c9db8d2d8f351b1e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40fa4a1763e8d698fc91232ef7255fc2dfed9e0ce8738f25059a5995ec06639e
45a2c0aecc6fcd9bd60d269d89a3e41ba4b445c5fbfef071f105da074e3d151f
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
5225f5d56c014cf4f12066f68e45b992fd02f2dd58f65b5c2fe6b4e650783b08
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6870d2c2e9b9d849521d37b2faa406f6c9c1246fd6800f206207384ec28d278f
72b120c8fa02e48539e9f1f97a016525ce98c2b237b1ebaba1eeee9089928a8d
763d712353363cb09f53d04958f1cffd72b8fdbfc991e320bb58d293ccee1e95
7c4994ef8ff44c918b860b131b3b9130247ce171826f1a722047fce7c14668f6
b35dcb8b506b4a9b35709fcf945196ce0cf3bad71549d0d506441f578e1eecc4
ccd538935153e1aecacf9584e54435477c0c7692e25a94ba9334ad536b2394ed
cd46e809f37664665b67394303719ba31f518c6c03b6bc3c7a401c1c952001af
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f2ee340cf1a4b30732535ffcdeb736f23493f306735e06cc4cffd2106a4fbc
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef9df007e565d49fdf185b2a86f0d4b687955c2c73917c6b1be40c34cc4af0e0