urlscan.io logo urlscan.io
SecurityTrails logo

www.tirsod.com Open in urlscan Pro
185.199.109.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tirsod.com/
Effective URL: https://www.tirsod.com/
Submission: On April 30 via api from US — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 8 domains to perform 32 HTTP transactions. The main IP is 185.199.109.153, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.tirsod.com.
TLS certificate: Issued by R10 on March 7th 2025. Valid for: 3 months.
This is the only time www.tirsod.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    185.199.109.153 (San Francisco, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com
tirsod.com
www.tirsod.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
Apex Domain
Subdomains		 Transfer
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
892 KB
6 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 742
fonts.googleapis.com — Cisco Umbrella Rank: 120
jnn-pa.googleapis.com — Cisco Umbrella Rank: 420
76 KB
6 tirsod.com
tirsod.com
www.tirsod.com
506 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 10
play.google.com — Cisco Umbrella Rank: 61
23 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
47 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 72
static.doubleclick.net — Cisco Umbrella Rank: 374
664 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 239
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 110
43 KB
32 8
Domain Requested by
8 www.youtube.com www.tirsod.com
www.youtube.com
5 www.tirsod.com www.tirsod.com
4 play.google.com www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 fonts.gstatic.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.googleapis.com www.tirsod.com
1 ajax.googleapis.com www.tirsod.com
1 tirsod.com 1 redirects
32 14

This site contains links to these domains. Also see Links.

Domain
tirdelusion.crd.co
new.tirsod.com
Subject Issuer Validity Valid
www.tirsod.com
R10		 2025-03-07 -
2025-06-05		 3 months crt.sh
upload.video.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.gstatic.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.doubleclick.net
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
edgestatic.com
WR2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.googleusercontent.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.tirsod.com/
Frame ID: 3E7CD99160AF3B01D47BDA210A74EC6C
Requests: 7 HTTP requests in this frame

Frame: https://www.youtube.com/embed/F-xedRKs_Ok
Frame ID: 29F539BF5DD55ABCEFDF98812D556CCB
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EMERGENCY_PROTOCOL_ACTIVE

Page URL History Show full URLs

  1. http://tirsod.com/ HTTP 307
    https://tirsod.com/ HTTP 301
    https://www.tirsod.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

92 %
IPv6

8
Domains

14
Subdomains

14
IPs

2
Countries

1589 kB
Transfer

4410 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tirsod.com/ HTTP 307
    https://tirsod.com/ HTTP 301
    https://www.tirsod.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.tirsod.com/
Redirect Chain
  • http://tirsod.com/
  • https://tirsod.com/
  • https://www.tirsod.com/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tirsod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
0f9ba254c2267f14bb10bd27f0203189be6987e91762324645df98a39cf3d110

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
1502
content-type
text/html; charset=utf-8
date
Wed, 30 Apr 2025 07:49:19 GMT
etag
W/"67d5f9b8-1014"
expires
Wed, 30 Apr 2025 07:59:19 GMT
last-modified
Sat, 15 Mar 2025 22:05:44 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
814d4aba38b99bd6da37120954aa84ad55c5016c
x-github-request-id
63FC:6EDF6:2FB9E97:302FB5B:6811D5FE
x-proxy-cache
MISS
x-served-by
cache-cph2320027-CPH
x-timer
S1745999360.583479,VS0,VE125

Redirect headers

accept-ranges
bytes
age
0
content-length
162
content-type
text/html
date
Wed, 30 Apr 2025 07:49:19 GMT
location
https://www.tirsod.com/
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
4b44b8a3f1e2f5ea69b36de02f8d2fc2d72560a7
x-github-request-id
F3E8:776E9:2EDF94A:2F55412:6811D5FF
x-served-by
cache-cph2320027-CPH
x-timer
S1745999359.424513,VS0,VE105
style.css
www.tirsod.com/ast/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tirsod.com/ast/style.css
Requested by
Host: www.tirsod.com
URL: https://www.tirsod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
8825283ad467fb0cbd4c8cdb9ba840b1df3f20cb91902ff2579effe007bb5f82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.tirsod.com/

Response headers

x-fastly-request-id
dbf016ec952c7cb36ddd049572bcf0588edde987
content-encoding
gzip
etag
W/"67d5f9b8-1a7e"
age
0
x-github-request-id
F3E8:776E9:2EDF9F3:2F554AB:6811D5FF
expires
Wed, 30 Apr 2025 07:59:19 GMT
x-proxy-cache
MISS
x-cache
MISS
date
Wed, 30 Apr 2025 07:49:19 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 15 Mar 2025 22:05:44 GMT
x-served-by
cache-cph2320027-CPH
x-cache-hits
0
vary
Accept-Encoding
cache-control
max-age=600
x-timer
S1745999360.745700,VS0,VE123
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
1913
server
GitHub.com
tv.js
www.tirsod.com/ast/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tirsod.com/ast/tv.js
Requested by
Host: www.tirsod.com
URL: https://www.tirsod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
966e2446928081f8be540bf3c58d76cada02137af4da5d91ec35bc4ba6195085

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.tirsod.com/

Response headers

x-fastly-request-id
68b691098b70836416d42ce77f9a4aa40d0a8246
content-encoding
gzip
etag
W/"67d5f9b8-8f5"
age
0
x-github-request-id
6A0C:118E:F43756:F6AA54:6811D5FF
expires
Wed, 30 Apr 2025 07:59:19 GMT
x-proxy-cache
MISS
x-cache
MISS
date
Wed, 30 Apr 2025 07:49:19 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 15 Mar 2025 22:05:44 GMT
x-served-by
cache-cph2320027-CPH
x-cache-hits
0
vary
Accept-Encoding
cache-control
max-age=600
x-timer
S1745999360.745761,VS0,VE119
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
1134
server
GitHub.com
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: www.tirsod.com
URL: https://www.tirsod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.tirsod.com/

Response headers

content-encoding
gzip
age
85412
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 29 Apr 2026 08:05:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Apr 2025 08:05:47 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
29671
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&display=swap
Requested by
Host: www.tirsod.com
URL: https://www.tirsod.com/ast/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3462aa6b1f77daa3958d92ca5ea55f0b71795ba8862ab3b274281cfc29729b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.tirsod.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 30 Apr 2025 07:49:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Apr 2025 07:49:20 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 30 Apr 2025 06:11:42 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
F-xedRKs_Ok
www.youtube.com/embed/ Frame 29F5 		101 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/F-xedRKs_Ok
Requested by
Host: www.tirsod.com
URL: https://www.tirsod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9924641f21eacb37f0d8644db2faf61c25db73e1580b21118bed55cfa3712944
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.tirsod.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Apr 2025 07:49:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=da for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
staticbg3.gif
www.tirsod.com/ast/ 		499 KB
499 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tirsod.com/ast/staticbg3.gif
Requested by
Host: www.tirsod.com
URL: https://www.tirsod.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
d094695d5260114fb1e67de65e796f350286a10863d835517e5df05801c57a72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.tirsod.com/

Response headers

x-fastly-request-id
03e1cbc5e51bb034b524ec5b25c3b995c4df5741
etag
"67d5f9b8-7cb64"
age
0
x-github-request-id
3EB2:2FA52D:64AD07:65A48B:6811D5F6
expires
Wed, 30 Apr 2025 07:59:20 GMT
x-proxy-cache
MISS
x-cache
MISS
date
Wed, 30 Apr 2025 07:49:20 GMT
content-type
image/gif
last-modified
Sat, 15 Mar 2025 22:05:44 GMT
x-cache-hits
0
x-served-by
cache-cph2320027-CPH
vary
Accept-Encoding
cache-control
max-age=600
x-timer
S1745999360.125877,VS0,VE144
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
510820
server
GitHub.com
www-player.css
www.youtube.com/s/player/fded239a/ Frame 29F5 		440 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fded239a/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/F-xedRKs_Ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb4bf63f90087a5f7434064089247863bcd6eb1e991649ceb19689e1437f270a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/F-xedRKs_Ok

Response headers

content-encoding
br
age
6469
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 30 Apr 2026 06:01:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Apr 2025 06:01:31 GMT
last-modified
Mon, 28 Apr 2025 04:08:56 GMT
content-type
text/css
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
54378
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 29F5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/F-xedRKs_Ok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.youtube.com
Referer
https://www.youtube.com/

Response headers

age
128773
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 28 Apr 2026 20:03:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 28 Apr 2025 20:03:07 GMT
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15344
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 29F5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/F-xedRKs_Ok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.youtube.com
Referer
https://www.youtube.com/

Response headers

age
85127
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Apr 2026 08:10:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Apr 2025 08:10:33 GMT
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15552
x-xss-protection
0
server
sffe
embed.js
www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/ Frame 29F5 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/F-xedRKs_Ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80816babfbd4b01a79c6913051c9617479af40262c1a12b2362286f0fade23a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/F-xedRKs_Ok

Response headers

content-encoding
br
age
86300
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Wed, 29 Apr 2026 07:51:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Apr 2025 07:51:00 GMT
last-modified
Mon, 28 Apr 2025 04:08:56 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
9629
x-xss-protection
0
server
sffe
www-embed-player.js
www.youtube.com/s/player/fded239a/www-embed-player.vflset/ Frame 29F5 		339 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fded239a/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/F-xedRKs_Ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f59770a231d8eb13ca4f07037ae136bb1c0eeecfc832ed5b70929e8940ca3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/F-xedRKs_Ok

Response headers

content-encoding
br
age
8000
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 30 Apr 2026 05:36:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Apr 2025 05:36:00 GMT
last-modified
Mon, 28 Apr 2025 04:08:56 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
103140
x-xss-protection
0
server
sffe
base.js
www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/ Frame 29F5 		2 MB
648 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/F-xedRKs_Ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f735bac6483a3af395d9a8baef81aa4c034e51182e6ee6e22328fa0ce51851c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/F-xedRKs_Ok

Response headers

content-encoding
br
age
85470
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Wed, 29 Apr 2026 08:04:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Apr 2025 08:04:50 GMT
last-modified
Mon, 28 Apr 2025 04:08:56 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
663581
x-xss-protection
0
server
sffe
id
googleads.g.doubleclick.net/pagead/ Frame 29F5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/F-xedRKs_Ok
Protocol
H3
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3881d1a856a6841cca6ade5dd68451d02717dc72c74d6d87e51c6dd074b49808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 30 Apr 2025 07:49:21 GMT
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
content-length
120
x-xss-protection
0
server
cafe

Redirect headers

x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 30 Apr 2025 07:49:21 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
content-length
0
x-xss-protection
0
server
cafe
ad_status.js
static.doubleclick.net/instream/ Frame 29F5 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

age
254
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Wed, 30 Apr 2025 08:00:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Apr 2025 07:45:07 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
content-type
text/javascript
cache-control
public, max-age=900
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
29
x-xss-protection
0
server
sffe
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 30 Apr 2025 07:49:21 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
remote.js
www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/ Frame 29F5 		121 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22fafb914174daf06899e7e3fc0667557256b3c9ecd83a58954cb57ce6010d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/F-xedRKs_Ok

Response headers

content-encoding
br
age
86299
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Wed, 29 Apr 2026 07:51:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Apr 2025 07:51:01 GMT
last-modified
Mon, 28 Apr 2025 04:08:56 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
36132
x-xss-protection
0
server
sffe
zy9rNhS9wlhNVTKoH2dvsgD5_XMSUSRS4-UwaGEJmsU.js
www.google.com/js/th/ Frame 29F5 		58 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/zy9rNhS9wlhNVTKoH2dvsgD5_XMSUSRS4-UwaGEJmsU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2f6b3614bdc2584d5532a81f676fb200f9fd7312512452e3e5306861099ac5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
br
age
85261
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Wed, 29 Apr 2026 08:08:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Apr 2025 08:08:20 GMT
last-modified
Mon, 07 Apr 2025 13:30:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
22410
x-xss-protection
0
server
sffe
sddefault.webp
i.ytimg.com/vi_webp/F-xedRKs_Ok/ Frame 29F5 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/F-xedRKs_Ok/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/F-xedRKs_Ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0250b9fd9581a04606643c5fa15ccc7b0a6218304f6b8b18110be005873fef83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

cache-control
public, max-age=7200
etag
"1607881417"
cross-origin-resource-policy
cross-origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Wed, 30 Apr 2025 09:49:21 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
43238
date
Wed, 30 Apr 2025 07:49:21 GMT
x-xss-protection
0
content-type
image/webp
vary
Origin
server
sffe
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 29F5 		98 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
436722de8a1441304753087f95819045bcd1088724df7e12b215cea8d5a89c64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
application/json+protobuf

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46106
date
Wed, 30 Apr 2025 07:49:21 GMT
x-xss-protection
0
content-type
application/json+protobuf; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
truncated
/ Frame 29F5 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
AIdro_k9F5SUja1oWEmoqWAK5R0K9s4mnBUYHh7WaC8EobVxN6s=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 29F5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIdro_k9F5SUja1oWEmoqWAK5R0K9s4mnBUYHh7WaC8EobVxN6s=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/F-xedRKs_Ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
44d3e0885960b577ca0d7ce9e004513a9bc2bcb81f9a5149ead941a66da5d84c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

access-control-expose-headers
Content-Length
etag
"ve1"
x-content-type-options
nosniff
expires
Thu, 01 May 2025 07:49:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Apr 2025 07:49:21 GMT
content-type
image/jpeg
vary
Origin
content-disposition
inline;filename="unnamed.jpg"
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
2624
x-xss-protection
0
server
fife
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 29F5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
x-content-type-options
nosniff
expires
Wed, 30 Apr 2025 07:49:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Apr 2025 07:49:21 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="cloudview"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
accept-ranges
bytes
content-length
2007
x-xss-protection
0
server
sffe
generate_204
www.youtube.com/ Frame 29F5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?ScPWhg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/F-xedRKs_Ok
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/embed/F-xedRKs_Ok

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 30 Apr 2025 07:49:21 GMT
cross-origin-resource-policy
cross-origin
log
play.google.com/ Frame 29F5 		131 B
420 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?hasfast=true&authuser=0&format=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.youtube.com/

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 30 Apr 2025 07:49:21 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
cast_sender.js
www.gstatic.com/eureka/clank/135/ Frame 29F5 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/135/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
978c0005866b49f1cd5971cfabe015f3750d6c5a6c7ca43c54e7e57ba4429dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.youtube.com/

Response headers

content-encoding
gzip
age
56598
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
x-content-type-options
nosniff
expires
Wed, 30 Apr 2025 16:06:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Apr 2025 16:06:03 GMT
last-modified
Mon, 03 Mar 2025 16:07:17 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
accept-ranges
bytes
content-length
14174
x-xss-protection
0
server
sffe
skull.ico
www.tirsod.com/ast/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tirsod.com/ast/skull.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
ad5822a4291051bec117d48cba935eda42c1dd7e00ba31344a5e42001227fe44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.tirsod.com/

Response headers

x-fastly-request-id
2472ef23ea47c64bc0b9c042e1c7f8d39322955b
content-encoding
gzip
etag
W/"67d5f9b8-47e"
age
0
x-github-request-id
6A0A:2FA52D:64AF44:65A6C9:6811D600
expires
Wed, 30 Apr 2025 07:59:21 GMT
x-proxy-cache
MISS
x-cache
MISS
date
Wed, 30 Apr 2025 07:49:21 GMT
content-type
image/vnd.microsoft.icon
last-modified
Sat, 15 Mar 2025 22:05:44 GMT
x-served-by
cache-cph2320027-CPH
x-cache-hits
0
vary
Accept-Encoding
cache-control
max-age=600
x-timer
S1745999361.352274,VS0,VE119
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
767
server
GitHub.com
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 30 Apr 2025 07:49:21 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 29F5 		90 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a418755e6c5556825744337ce1ac32b33543bb5ad959a9c98859f7e31e3a6776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
application/json+protobuf

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
date
Wed, 30 Apr 2025 07:49:21 GMT
x-xss-protection
0
content-type
application/json+protobuf; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
log
play.google.com/ Frame 29F5 		131 B
195 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?hasfast=true&authuser=0&format=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.youtube.com/

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 30 Apr 2025 07:49:21 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 29F5 		131 B
195 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?hasfast=true&authuser=0&format=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.youtube.com/

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 30 Apr 2025 07:49:21 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 29F5 		131 B
151 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?hasfast=true&authuser=0&format=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/player_ias.vflset/da_DK/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.youtube.com/

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.youtube.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 30 Apr 2025 07:49:22 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log_event
www.youtube.com/youtubei/v1/ Frame 29F5 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fded239a/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-YouTube-Page-CL
752129847
X-YouTube-Utc-Offset
120
Referer
https://www.youtube.com/embed/F-xedRKs_Ok
X-YouTube-Device
cbr=Chrome&cbrver=135.0.0.0&ceng=WebKit&cengver=537.36&cos=X11&cplatform=DESKTOP
X-YouTube-Client-Name
56
X-YouTube-Ad-Signals
dt=1745999360643&flash=0&frm=2&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C600%2C340&vis=1&wgl=true&ca_type=image
X-Goog-Event-Time
1745999363331
X-YouTube-Client-Version
1.20250427.21.00
X-Goog-Visitor-Id
Cgs0UGJXTTZBaTJzQSiArMfABjInCgJESxIhEh0SGwsMDg8QERITFBUWFxgZGhscHR4fICEiIyQlJiAe
X-Goog-Request-Time
1745999363331
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
X-YouTube-Time-Zone
Europe/Copenhagen
Content-Type
application/json
X-YouTube-Page-Label
youtube.player.web_20250427_21_RC00

Response headers

content-encoding
br
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
date
Wed, 30 Apr 2025 07:49:23 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| welcome string| selectedMessage string| printedMessage function| addLetter function| $ function| jQuery object| welcomeMessages number| n

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: aHBHtMATbKU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 4PbWM6Ai2sA
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJESxIhEh0SGwsMDg8QERITFBUWFxgZGhscHR4fICEiIyQlJiAe
.youtube.com/ Name: __Secure-ROLLOUT_TOKEN
Value: CODNpaTEhfKrzAEQ79yXvaL_jAMY79yXvaL_jAM%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
play.google.com
static.doubleclick.net
tirsod.com
www.google.com
www.gstatic.com
www.tirsod.com
www.youtube.com
yt3.ggpht.com
185.199.109.153
2a00:1450:4001:801::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::2016
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2006
0250b9fd9581a04606643c5fa15ccc7b0a6218304f6b8b18110be005873fef83
0f9ba254c2267f14bb10bd27f0203189be6987e91762324645df98a39cf3d110
22fafb914174daf06899e7e3fc0667557256b3c9ecd83a58954cb57ce6010d67
3462aa6b1f77daa3958d92ca5ea55f0b71795ba8862ab3b274281cfc29729b1a
3881d1a856a6841cca6ade5dd68451d02717dc72c74d6d87e51c6dd074b49808
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
436722de8a1441304753087f95819045bcd1088724df7e12b215cea8d5a89c64
44d3e0885960b577ca0d7ce9e004513a9bc2bcb81f9a5149ead941a66da5d84c
4f735bac6483a3af395d9a8baef81aa4c034e51182e6ee6e22328fa0ce51851c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
64f59770a231d8eb13ca4f07037ae136bb1c0eeecfc832ed5b70929e8940ca3f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
80816babfbd4b01a79c6913051c9617479af40262c1a12b2362286f0fade23a2
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8825283ad467fb0cbd4c8cdb9ba840b1df3f20cb91902ff2579effe007bb5f82
966e2446928081f8be540bf3c58d76cada02137af4da5d91ec35bc4ba6195085
978c0005866b49f1cd5971cfabe015f3750d6c5a6c7ca43c54e7e57ba4429dba
9924641f21eacb37f0d8644db2faf61c25db73e1580b21118bed55cfa3712944
a418755e6c5556825744337ce1ac32b33543bb5ad959a9c98859f7e31e3a6776
ad5822a4291051bec117d48cba935eda42c1dd7e00ba31344a5e42001227fe44
cf2f6b3614bdc2584d5532a81f676fb200f9fd7312512452e3e5306861099ac5
d094695d5260114fb1e67de65e796f350286a10863d835517e5df05801c57a72
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fb4bf63f90087a5f7434064089247863bcd6eb1e991649ceb19689e1437f270a