urlscan.io logo urlscan.io
SecurityTrails logo

healthglenmasdetepa.cf Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: http://healthglenmasdetepa.cf/
Submission: On November 01 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 28 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is healthglenmasdetepa.cf.
This is the only time healthglenmasdetepa.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
healthglenmasdetepa.cf
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:b6e0:1:210:226::1 (France)

ASN60362 (ALWAYSDATA, FR)
moncoachingseduction.com
1    69.90.60.47 (Toronto, Canada)

ASN196962 (NSI, GB)
PTR: shared-2-1-to.ropot.net
nsiholdingsltd.com
2    138.201.81.170 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.170.81.201.138.clients.your-server.de
slideplayer.fr
8    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    188.165.251.41 (France)

ASN16276 (OVH, FR)
PTR: pancake.ecookie.fr
static.hitek.fr
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
991 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
jnn-pa.googleapis.com — Cisco Umbrella Rank: 207
33 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
62 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
static.doubleclick.net — Cisco Umbrella Rank: 255
1 KB
2 hitek.fr
static.hitek.fr
51 KB
2 slideplayer.fr
slideplayer.fr
79 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 219
4 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 87
20 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
1 nsiholdingsltd.com
nsiholdingsltd.com
54 KB
1 moncoachingseduction.com
moncoachingseduction.com
10 KB
1 healthglenmasdetepa.cf
healthglenmasdetepa.cf
16 KB
0 2018calendrier.fr Failed
www.2018calendrier.fr Failed
28 13
Domain Requested by
8 www.youtube.com healthglenmasdetepa.cf
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 static.hitek.fr 1 redirects healthglenmasdetepa.cf
2 slideplayer.fr 1 redirects healthglenmasdetepa.cf
1 www.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 nsiholdingsltd.com healthglenmasdetepa.cf
1 moncoachingseduction.com healthglenmasdetepa.cf
1 fonts.googleapis.com healthglenmasdetepa.cf
1 healthglenmasdetepa.cf
0 www.2018calendrier.fr Failed healthglenmasdetepa.cf
28 16

This site contains no links.

Subject Issuer Validity Valid
moncoachingseduction.com
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
www.nsiholdingsltd.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://healthglenmasdetepa.cf/
Frame ID: 9B3A5C42406B66BDAEE238379F0DE2F3
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mong54no2TI
Frame ID: 27630737BB65C2D64075C542F1243076
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Site de rencontres : Réussir son Profil

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

28
Requests

75 %
HTTPS

80 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

1334 kB
Transfer

3769 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://slideplayer.fr/5493660/17/images/7/Le%20site%20pour%20rencontrer%20des%20militaires.jpg HTTP 301
  • http://slideplayer.fr/slide/5493660/17/images/7/Le%20site%20pour%20rencontrer%20des%20militaires.jpg
Request Chain 6
  • http://static.hitek.fr/img/actualite/petites-annonces9.jpg HTTP 301
  • https://static.hitek.fr/img/actualite/petites-annonces9.jpg
Request Chain 14
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
healthglenmasdetepa.cf/ 		50 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://healthglenmasdetepa.cf/
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2267d0a90a701af05e604bf2ea0cc56608b36a1724f2f329a77fe21bd4d07a2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
81f09df81fdd0095-AMS
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Nov 2023 02:13:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCz91xwIoDpOo5cmahU9cSryF3qdkXla0K9mFGoe0TWKrZKmAGD1h5n5BaXKaYpuZrYCoCe7RDLBdcDZGqA1OQOhMUrVvC4Zywuqr3jZS7ZDwlCdaoogZjxNlUAJv81jbp9rGkHQV%2FOrafQXWiDOqrTffT46"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Requested by
Host: healthglenmasdetepa.cf
URL: http://healthglenmasdetepa.cf/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6402c24aab06940f5be9bd249dabc0a2d89143ac6b2763b9f070aebe7520cc07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://healthglenmasdetepa.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 02:13:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 01 Nov 2023 02:13:11 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 01 Nov 2023 02:13:11 GMT
presentation-site-de-rencontre-exemple-cool-erreurs-a-eviter-sur-votre-profil-sur-les-sites-de-rencontres-of-presentation-site-de-rencontre-exemple.png
www.2018calendrier.fr/wp-content/uploads/2019/01/ 		0
0
Histoire-2.png
moncoachingseduction.com/wp-content/uploads/2016/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moncoachingseduction.com/wp-content/uploads/2016/02/Histoire-2.png
Requested by
Host: healthglenmasdetepa.cf
URL: http://healthglenmasdetepa.cf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:b6e0:1:210:226::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software
Apache /
Resource Hash
ffb7ac27b5eb8e620849734ba0d251e090511065a529ef565c802a2cbfc3f8fc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://healthglenmasdetepa.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:13:11 GMT
via
2.0 alproxy
last-modified
Tue, 15 Nov 2022 09:13:52 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=10368000, public
accept-ranges
bytes
content-length
10336
expires
Thu, 29 Feb 2024 02:13:11 GMT
la-page.jpg
nsiholdingsltd.com/wp-content/themes/nsi/images/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsiholdingsltd.com/wp-content/themes/nsi/images/la-page.jpg
Requested by
Host: healthglenmasdetepa.cf
URL: http://healthglenmasdetepa.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.90.60.47 Toronto, Canada, ASN196962 (NSI, GB),
Reverse DNS
shared-2-1-to.ropot.net
Software
nginx /
Resource Hash
42c3a60f511fd8d76dbb803bfb3ceb9a6db24c207ef11432f881e58c1c9c3c1c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: 'unsafe-inline' data: https://secure.gravatar.com https://s.w.org https://wordpress.org https://ps.w.org data:; font-src 'self' fonts.gstatic.com data:; object-src 'none'; script-src 'self' https://*.google.com *.gstatic.com 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' wss://kittpress.com; child-src 'self'; frame-src https: gstatic.com
Strict-Transport-Security max-age=63072000
X-Content-Security-Policy allow 'self'; media-src *; img-src * 'self'; script-src 'self' https://ajax.googleapis.com; https://*.google.com; style-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://healthglenmasdetepa.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:13:11 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
content-security-policy
default-src 'self'; img-src 'self' data: 'unsafe-inline' data: https://secure.gravatar.com https://s.w.org https://wordpress.org https://ps.w.org data:; font-src 'self' fonts.gstatic.com data:; object-src 'none'; script-src 'self' https://*.google.com *.gstatic.com 'unsafe-inline' 'unsafe-eval' https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' wss://kittpress.com; child-src 'self'; frame-src https: gstatic.com
last-modified
Thu, 31 Jan 2019 13:24:59 GMT
server
nginx
referrer-policy
strict-origin
etag
"d550-580c0f3fbe0c0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
54608
x-xss-protection
1; mode=block
x-content-security-policy
allow 'self'; media-src *; img-src * 'self'; script-src 'self' https://ajax.googleapis.com; https://*.google.com; style-src 'self';
Le%20site%20pour%20rencontrer%20des%20militaires.jpg
slideplayer.fr/slide/5493660/17/images/7/
Redirect Chain
  • http://slideplayer.fr/5493660/17/images/7/Le%20site%20pour%20rencontrer%20des%20militaires.jpg
  • http://slideplayer.fr/slide/5493660/17/images/7/Le%20site%20pour%20rencontrer%20des%20militaires.jpg
78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://slideplayer.fr/slide/5493660/17/images/7/Le%20site%20pour%20rencontrer%20des%20militaires.jpg
Requested by
Host: healthglenmasdetepa.cf
URL: http://healthglenmasdetepa.cf/
Protocol
HTTP/1.1
Server
138.201.81.170 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.170.81.201.138.clients.your-server.de
Software
nginx /
Resource Hash
381bf57fe734b12e3997d6e7b053a19fac62e798789bc7f7723e6b723513386d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://healthglenmasdetepa.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 02:13:11 GMT
Last-Modified
Sun, 19 Jul 2015 03:36:57 GMT
Server
nginx
Cloud-Cache-Backend-Server
nginx-135
ETag
"55ab1b59-13959"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Link
<https://slideplayer.fr/slide/5493660/17/images/7/Le%20site%20pour%20rencontrer%20des%20militaires.jpg>; rel="canonical"
Content-Length
80217

Redirect headers

Location
http://slideplayer.fr/slide/5493660/17/images/7/Le%20site%20pour%20rencontrer%20des%20militaires.jpg
Date
Wed, 01 Nov 2023 02:13:11 GMT
Server
nginx
Connection
keep-alive
Link
<https://slideplayer.fr/5493660/17/images/7/Le%20site%20pour%20rencontrer%20des%20militaires.jpg>; rel="canonical"
Content-Length
162
Content-Type
text/html
mong54no2TI
www.youtube.com/embed/ Frame 2763 		91 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/mong54no2TI
Requested by
Host: healthglenmasdetepa.cf
URL: http://healthglenmasdetepa.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a9a1045352e4c16baa3fe43c3fa39f884bafd116b376aeda016d8c899b6ebe0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://healthglenmasdetepa.cf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 02:13:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
petites-annonces9.jpg
static.hitek.fr/img/actualite/
Redirect Chain
  • http://static.hitek.fr/img/actualite/petites-annonces9.jpg
  • https://static.hitek.fr/img/actualite/petites-annonces9.jpg
50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.hitek.fr/img/actualite/petites-annonces9.jpg
Requested by
Host: healthglenmasdetepa.cf
URL: http://healthglenmasdetepa.cf/
Protocol
HTTP/1.1
Server
188.165.251.41 , France, ASN16276 (OVH, FR),
Reverse DNS
pancake.ecookie.fr
Software
nginx/1.2.1 /
Resource Hash
2a339c1c73ad8cb3d50d5459e35c1b437cb10dd0116cfbe2f639a81afd36d5c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://healthglenmasdetepa.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 01 Nov 2023 02:12:25 GMT
Last-Modified
Tue, 10 Jun 2014 16:02:49 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51269
Expires
Thu, 31 Oct 2024 02:12:25 GMT

Redirect headers

Location
https://static.hitek.fr/img/actualite/petites-annonces9.jpg
Date
Wed, 01 Nov 2023 02:12:25 GMT
Server
nginx/1.2.1
Connection
keep-alive
Content-Length
184
Content-Type
text/html
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v14/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://healthglenmasdetepa.cf
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Fri, 27 Oct 2023 01:10:53 GMT
X-Content-Type-Options
nosniff
Age
435738
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
28224
X-XSS-Protection
0
Last-Modified
Wed, 13 Sep 2023 23:23:38 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 26 Oct 2024 01:10:53 GMT
www-player.css
www.youtube.com/s/player/0b285984/ Frame 2763 		377 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b285984/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mong54no2TI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/mong54no2TI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 00:47:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
5125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48897
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:55:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 31 Oct 2024 00:47:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2763 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mong54no2TI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 02:58:03 GMT
x-content-type-options
nosniff
age
342908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2763 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mong54no2TI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 18:06:30 GMT
x-content-type-options
nosniff
age
461201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 18:06:30 GMT
embed.js
www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/ Frame 2763 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mong54no2TI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
731f6885e3fad5585b6fa119f25c3a4f28f4ea7036b6c48cae554a1b126c31f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/mong54no2TI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 20:16:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
21390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17032
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:55:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Oct 2024 20:16:41 GMT
www-embed-player.js
www.youtube.com/s/player/0b285984/www-embed-player.vflset/ Frame 2763 		320 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b285984/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mong54no2TI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23cd64209deba79ee3ab329d31eb8838ad83fdede8463828a702fd0fca2ac676
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/mong54no2TI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 01:44:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
1710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98088
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:55:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 31 Oct 2024 01:44:41 GMT
base.js
www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/ Frame 2763 		2 MB
757 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mong54no2TI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4564c669a80655c8b2066bb173b7abce15e3f8362660dabaaa85f9ead0305d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/mong54no2TI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 20:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
774827
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:55:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Oct 2024 20:29:47 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 2763
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mong54no2TI
Protocol
H2
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac89decb6b500c65e956fdeac45e5673997f0945e1c138f20a360a725ec99f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 01 Nov 2023 02:13:11 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2763 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:05:08 GMT
x-content-type-options
nosniff
age
483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 01 Nov 2023 02:20:08 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 01 Nov 2023 02:13:11 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2763 		69 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de9b02833a860c78f2cea89c511264b5b24c9d82e19287e493cb3e2d5bb7e9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 01 Nov 2023 02:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32210
x-xss-protection
0
remote.js
www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/ Frame 2763 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4b8e1f3bf00eb0c1fbf8fb9ae44acbd0f30cf75010db14bc2d4c00846116a7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/mong54no2TI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 20:58:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
18895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33681
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 01:55:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 30 Oct 2024 20:58:16 GMT
zEfCWrJsF8GWq2CtYueXG8skkVl11z8HN4Cg9ySc7ro.js
www.google.com/js/th/ Frame 2763 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/zEfCWrJsF8GWq2CtYueXG8skkVl11z8HN4Cg9ySc7ro.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc47c25ab26c17c196ab60ad62e7971bcb24915975d73f073780a0f7249ceeba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 09:12:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
61221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14861
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Oct 2024 09:12:50 GMT
sddefault.webp
i.ytimg.com/vi_webp/mong54no2TI/ Frame 2763 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/mong54no2TI/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mong54no2TI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d014c678f2b9504c7c06a96105977db418baa85bfc1e306904f0e0ea5313fc2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:13:11 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19686
x-xss-protection
0
server
sffe
etag
"1550747152"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 01 Nov 2023 04:13:11 GMT
truncated
/ Frame 2763 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
APkrFKaSdq4LTtUaPN-Qh49GweC6lnwpsCztled8oaVa=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2763 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/APkrFKaSdq4LTtUaPN-Qh49GweC6lnwpsCztled8oaVa=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mong54no2TI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
145a28c8d4554771e864beed8b06bbc3851395a31b1b2f8d09d38537ff272944
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 23:08:38 GMT
x-content-type-options
nosniff
age
11073
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3311
x-xss-protection
0
server
fife
etag
"v5c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 01 Nov 2023 23:08:38 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2763 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 01 Nov 2023 02:13:11 GMT
generate_204
www.youtube.com/ Frame 2763 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?_6SOAA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/mong54no2TI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/mong54no2TI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:13:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 01 Nov 2023 02:13:11 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2763 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da1d46960e0b950f8d9e22767be85b6120ea6f71e88f9b50b3a62020ab7acba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 01 Nov 2023 02:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 2763 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Goog-Request-Time
1698804793462
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/mong54no2TI
X-YouTube-Client-Version
1.20231029.00.00
X-YouTube-Time-Zone
Europe/Amsterdam
X-Goog-Visitor-Id
CgtjZHJZTlhqTFdSRSi36IaqBjIICgJOTBICEgA%3D
X-YouTube-Ad-Signals
dt=1698804791323&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 01 Nov 2023 02:13:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Wed, 01 Nov 2023 02:13:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.2018calendrier.fr
URL
https://www.2018calendrier.fr/wp-content/uploads/2019/01/presentation-site-de-rencontre-exemple-cool-erreurs-a-eviter-sur-votre-profil-sur-les-sites-de-rencontres-of-presentation-site-de-rencontre-exemple.png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Domain/Path Name / Value
healthglenmasdetepa.cf/ Name: ch1c
Value: b
.youtube.com/ Name: YSC
Value: 2UfZY4WJAVw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: cdrYNXjLWRE

1 Console Messages

Source Level URL
Text
network error URL: https://www.2018calendrier.fr/wp-content/uploads/2019/01/presentation-site-de-rencontre-exemple-cool-erreurs-a-eviter-sur-votre-profil-sur-les-sites-de-rencontres-of-presentation-site-de-rencontre-exemple.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
healthglenmasdetepa.cf
i.ytimg.com
jnn-pa.googleapis.com
moncoachingseduction.com
nsiholdingsltd.com
slideplayer.fr
static.doubleclick.net
static.hitek.fr
www.2018calendrier.fr
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
www.2018calendrier.fr
138.201.81.170
188.165.251.41
2a00:1450:4001:800::200a
2a00:1450:4001:801::2016
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:b6e0:1:210:226::1
2a06:98c1:3121::3
69.90.60.47
145a28c8d4554771e864beed8b06bbc3851395a31b1b2f8d09d38537ff272944
2267d0a90a701af05e604bf2ea0cc56608b36a1724f2f329a77fe21bd4d07a2c
23cd64209deba79ee3ab329d31eb8838ad83fdede8463828a702fd0fca2ac676
2a339c1c73ad8cb3d50d5459e35c1b437cb10dd0116cfbe2f639a81afd36d5c7
381bf57fe734b12e3997d6e7b053a19fac62e798789bc7f7723e6b723513386d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42c3a60f511fd8d76dbb803bfb3ceb9a6db24c207ef11432f881e58c1c9c3c1c
4564c669a80655c8b2066bb173b7abce15e3f8362660dabaaa85f9ead0305d82
4a9a1045352e4c16baa3fe43c3fa39f884bafd116b376aeda016d8c899b6ebe0
59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6402c24aab06940f5be9bd249dabc0a2d89143ac6b2763b9f070aebe7520cc07
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
731f6885e3fad5585b6fa119f25c3a4f28f4ea7036b6c48cae554a1b126c31f9
ac89decb6b500c65e956fdeac45e5673997f0945e1c138f20a360a725ec99f74
c4b8e1f3bf00eb0c1fbf8fb9ae44acbd0f30cf75010db14bc2d4c00846116a7c
cc47c25ab26c17c196ab60ad62e7971bcb24915975d73f073780a0f7249ceeba
d014c678f2b9504c7c06a96105977db418baa85bfc1e306904f0e0ea5313fc2e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da1d46960e0b950f8d9e22767be85b6120ea6f71e88f9b50b3a62020ab7acba0
de9b02833a860c78f2cea89c511264b5b24c9d82e19287e493cb3e2d5bb7e9a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ffb7ac27b5eb8e620849734ba0d251e090511065a529ef565c802a2cbfc3f8fc