ticketurf.onlc.fr Open in urlscan Pro
2606:4700:20::681a:1f9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ticketurf.onlc.fr/
Submission: On October 31 via manual (October 31st 2023, 2:53:30 pm UTC) from ML — Scanned from FR

Summary HTTP 64 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 64 HTTP transactions. The main IP is 2606:4700:20::681a:1f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is ticketurf.onlc.fr.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.

This is the only time ticketurf.onlc.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:20:... 2606:4700:20::681a:1f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:7a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
1	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::ac43:4a21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.18.40.34 104.18.40.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	172.67.191.226 172.67.191.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:ba61:0:1... 2a00:ba61:0:126::c	35625 (EURAFIBRE-AS) (EURAFIBRE-AS)
64	18

1 2606:4700:20::681a:1f9 (United States)

ASN13335 (CLOUDFLARENET, US)

ticketurf.onlc.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:7a2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.onlc.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.91 (United States) 1 redirects

ASN54113 (FASTLY, US)

f.eu1.jwwb.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.91 (United States)

ASN54113 (FASTLY, US)

primary.jwwb.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a21 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.40.34 (None, )

ASN13335 (CLOUDFLARENET, US)

ticketurf.carrd.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.191.226 (United States)

ASN13335 (CLOUDFLARENET, US)

ssp.zryydi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tradeadexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:ba61:0:126::c (France)

ASN35625 (EURAFIBRE-AS, FR)

rr1---sn-apaapm4g-apae.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	1017 KB
10	gstatic.com fonts.gstatic.com	222 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	95 KB
7	carrd.co ticketurf.carrd.co	319 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 jnn-pa.googleapis.com — Cisco Umbrella Rank: 207	38 KB
4	onlc.eu static.onlc.eu	33 KB
3	googlevideo.com rr1---sn-apaapm4g-apae.googlevideo.com — Cisco Umbrella Rank: 903526	305 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
2	shorte.st cdn.shorte.st	46 KB
2	jwwb.nl 1 redirects f.eu1.jwwb.nl primary.jwwb.nl — Cisco Umbrella Rank: 240229	2 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	4 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	tradeadexchange.com www.tradeadexchange.com	500 B
1	zryydi.com ssp.zryydi.com
1	onlc.fr ticketurf.onlc.fr	4 KB
64	15

	Domain	Requested by
15	www.youtube.com	ticketurf.carrd.co www.youtube.com
10	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
8	cdnjs.cloudflare.com	ticketurf.onlc.fr
7	ticketurf.carrd.co	ticketurf.onlc.fr ticketurf.carrd.co
4	jnn-pa.googleapis.com	www.youtube.com
4	static.onlc.eu	ticketurf.onlc.fr
3	rr1---sn-apaapm4g-apae.googlevideo.com	www.youtube.com
3	fonts.googleapis.com	ticketurf.onlc.fr cdnjs.cloudflare.com ticketurf.carrd.co
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	cdn.shorte.st	ticketurf.onlc.fr cdn.shorte.st
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.tradeadexchange.com	cdn.shorte.st
1	ssp.zryydi.com	cdn.shorte.st
1	primary.jwwb.nl	ticketurf.onlc.fr
1	f.eu1.jwwb.nl	1 redirects
1	ticketurf.onlc.fr
64	18

This site contains links to these domains. Also see Links.

Domain
ai.onlinecreation.pro
www.onlinecreation.me
shorte.st

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
carrd.co Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
zryydi.com E1	`2023-09-11` - `2023-12-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tradeadexchange.com E1	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2023-10-10` - `2023-12-19`	2 months	crt.sh

This page contains 3 frames:

Primary Page: https://ticketurf.onlc.fr/
Frame ID: F03E3C3447EC2E8B6AA11FACCE3D87C4
Requests: 21 HTTP requests in this frame

Frame: https://ticketurf.carrd.co/
Frame ID: 4EE11D6702033696C93ADB9A9E8A77B9
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
Frame ID: 25D34D79F98E6D1CD93CC14AA66C840C
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ticketurf

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

64
Requests

97 %
HTTPS

78 %
IPv6

15
Domains

18
Subdomains

18
IPs

4
Countries

2100 kB
Transfer

5115 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://ai.onlinecreation.pro/
Title: Publicité servant à financer l'hébergement de ce site 🤖 Une Intelligence Artificielle français révolutionnaire d'une facilité extrême qui ridiculise les géants du secteur ! 🇫🇷 Découvrez AI•, votre assistant d'automatisation de texte et d'images! Laissez l'intelligence artificielle transformer vos idées en réalités visuelles. Pas besoin d'être un expert, AI• est à la portée de tous. Commencez dès maintenant!

Search URL Search Domain Scan URL

URL: https://www.onlinecreation.me/?p=ticketurfNDD
Title: Site créé gratuitement grâce à OnlineCreation.me

Search URL Search Domain Scan URL

URL: https://www.onlinecreation.me/mentionslegalessites.php?NomSite=ticketurfNDD
Title: Tous droits réservés

Search URL Search Domain Scan URL

URL: https://www.onlinecreation.me/abuse.php?NomSite=ticketurfNDD
Title: Abuse

Search URL Search Domain Scan URL

URL: https://shorte.st/?utm_source=ticketurf.onlc.fr&utm_medium=overlay&utm_campaign=bottom
Title: Shorte.st

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://f.eu1.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png HTTP 301
https://primary.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png

Request Chain 41

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ticketurf.onlc.fr/ 10 KB
4 KB 108ms
55ms Document
text/html 2606:4700:20::681a:1f9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d34fa358258bf31fc8c74a79dbcfa3bd717d25d12a40d54b2d9ee69cd4d341

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: https://www.onlinecreation.me
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81ecba3a9afb036d-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 31 Oct 2023 14:53:25 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7MXKGCSnNHP0G8uDzI7YNeN4jlYCLhiECVlePNUhGPFFepuP9LRcSb5G%2FV%2F6KjUWUz5tHBCWH91AUNAh2LMS8%2F9Srj6Umk%2BUANiQyoDwYI6AtAHwykVHqEdTDgmis2ugdd0Fb%2F0msj3MDLU5EE%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 82 KB
26 KB 158ms
41ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 39618
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26646
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1499c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XuzciFmVUmg1nKCzMouS2cgoUUtACO2fFw57kf2DqixnKCAlPIdYFdrCADJrIH2kcnat%2FRplNWsXDZoRq6NvWLDnsjuSEWoLtn0za5Z5XDoNdSzhGyWfjKsGuGhUUnbgjFL2r%2BEw0dHPM%2Frx%2FeWWMQM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecba3bda1e229c-CDG
expires: Sun, 20 Oct 2024 14:53:25 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/ 7 KB
3 KB 155ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/jquery-migrate.min.js

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8284088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2687
last-modified: Thu, 22 Jun 2023 11:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1a-a7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FhBBlWF9kCuBg9xAkzM0TcIeSuoFe%2BAY3ZhsbZUGM5Pe0x9KIXHCyoZLlRHBGZay%2FK6s9ka9Qj9QI7kCBI57e8Yd7N6v8zWYccq056VTHyyGkNdZllBxjTNcEIVK0FVvUXXsnjZpiOEhcWahKbPOxHD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecba3bda21229c-CDG
expires: Sun, 20 Oct 2024 14:53:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 89 KB
4 KB 179ms
64ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

960ffb23b887779d6f02c9fd745a8b2cd1ba8bdc15415a55e35d6daca4ada8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 14:53:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 14:53:25 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/css/ 120 KB
16 KB 201ms
86ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/css/bootstrap.min.css

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 28702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16223
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-1deac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yE9xtCbmWC%2F9vkz9RBq2BICCpJADbWfdldIYCLgjvs1Ha8oB%2B7zpjcueJtIZB1nUNzkFfJVnY2uT7pPGonbFPAQNia2HwlQpGEWuu5kjZArPSfllu3bMqnr9WjxLk7s2GjgkvpDLTWEc11NL37UfJmc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecba3bda1d229c-CDG
expires: Sun, 20 Oct 2024 14:53:25 GMT

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootswatch/3.3.5/simplex/ 125 KB
17 KB 163ms
48ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootswatch/3.3.5/simplex/bootstrap.min.css

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22da8d88b991a65fbe510fd298a0bbf96e561f2e0bd286aa0af381b5bd8b72ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20453032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16909
last-modified: Mon, 04 May 2020 16:06:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d90-1f4c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2%2BqEHntghwObuFGhJlhF%2BoBWbRwbzcGYa4KRsSCcTHXeUwdeFJw1kSunECcEsGdSOT1N%2F11BEz4LWjWjMzt7eIpk%2FJsCUijivZFPmVrPMlHWyrpqSo11yzSedyl3NM5pQ5Pr3dn0SyNsmbL%2FI9673Re"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecba3bda1c229c-CDG
expires: Sun, 20 Oct 2024 14:53:25 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 27 KB
6 KB 151ms
36ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2278968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4972
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-6b4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wa7RtTYt4tJEWI7kkY3U%2Fn%2B4EvlynbhLve01oGLdtg2IOY%2BU0r7E%2BfCrGXY4bpfV8G5%2FSKyMF0wxiWl3Ifu1aw6SBPzPV6TiqyHp%2BC0jjzRdYEuP0XIhC%2Br9v6HBqQoP1Ry2WKJKo%2BqcrU07Ys%2BKMOO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecba3bda16229c-CDG
expires: Sun, 20 Oct 2024 14:53:25 GMT

GET
H2 200 vanilla_bigfooter.css
static.onlc.eu/designs/bootstrap/contents/ 403 B
781 B 140ms
28ms Stylesheet
text/css 2606:4700:20::681a:7a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onlc.eu/designs/bootstrap/contents/vanilla_bigfooter.css
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff728822fc51255ff253b4b8555782eaf2e35d9fa2ef9b905ce3f570197f621

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2376
cf-polished: origSize=512
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 18:10:51 GMT
server: cloudflare
etag: W/"925758259"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9iH7HamByz%2BudkfsbnUFZx79Fx6IQqDmqnywOrvZcGT3d6Nl0uR%2Be5oxI%2FwnvKKZgzOBdUvpa%2FgIuj%2B%2Br%2BWAC1uyRDxdxTU%2FGVUmo7%2F7dkqP11%2FoYEce5vyOluJjWO%2FfGrLSCyUs8fwXCL2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 81ecba3bd9e0d4fe-CDG

GET
H2 200 pills.css
static.onlc.eu/designs/bootstrap/menus/ 387 B
539 B 146ms
34ms Stylesheet
text/css 2606:4700:20::681a:7a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onlc.eu/designs/bootstrap/menus/pills.css
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f83d8cd0c14bccf28c8c3f780b50e3879952e7e9eea8af16cbdec8635d82de08

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4543
cf-polished: origSize=478
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 Feb 2016 18:09:02 GMT
server: cloudflare
etag: W/"864654470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORKJTAPl%2B7bE8dZv3O%2FLqaLCccx5Klf02nNKvhup3b12BPc7iSABpndiBmRyOrhyLrxqpELaf8a6YjxexLZsuzNQ7Xi3uaRU4TYO97rNGdPH%2BqrU0%2BXECRLkzUGHwh49gGC60BECDNW%2BdVs5"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 81ecba3bd9e3d4fe-CDG

GET
H2 200 mediaelementplayer.min.css
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/ 17 KB
3 KB 172ms
61ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelementplayer.min.css

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ticketurf.onlc.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2731917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2265
last-modified: Mon, 04 May 2020 16:13:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f1f-4392"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1X8Z5h0UOD2%2F4lGlGSJsUbuQX750z%2Fz6bNMCFjbjXYSN1%2F28DS5EhAzqteQPAA78swPpVyr3r9Kp%2Bk8gESgcyLB5Zm7c3tS%2BYw%2Bj4ZwOu%2Bs%2FoQLB3c%2FdbbCrFqozVahn42Si%2BY8k8oxT0m665ciKwq%2F0"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecba3bde5f2a31-CDG
expires: Sun, 20 Oct 2024 14:53:25 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/ 61 KB
15 KB 163ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mediaelement/2.9.5/mediaelement-and-player.min.js

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://ticketurf.onlc.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 12690172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15089
last-modified: Mon, 04 May 2020 16:13:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f1f-f42f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AG%2FNlCbynJqaLTwwakPI4Cw8t8pF%2FLLgLLMmDT4BWmN29MC75IJIYrhcU%2Fd5ZnowgCnm1T2pker21u4GY23NLD08Ez6IyJqMEyZC9%2B%2BtMoDa65UIXmdi6DQ1ditANK7J0rxjlh%2FPpq%2FUYLOpitIaJ1UW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecba3bde612a31-CDG
expires: Sun, 20 Oct 2024 14:53:25 GMT

GET
H2

200

Pmubann.png
primary.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/
Redirect Chain

https://f.eu1.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png
https://primary.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png

1 KB
1 KB

94ms
19ms

Image
image/webp

151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://primary.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Server

151.101.1.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9041530bf582d9ce662f425bdf07bad4dfdaadb41830f4ef8e1b46a3b216d69d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
server: UploadServer
age: 1047825
etag: "dJB/VVzLnXEGWDRZjqAFiLi4Ps5A+OwrDx0TXdLSWys"
x-goog-meta-fl-original-last-modified: 2020-11-30T16:04:45Z
vary: Accept
content-type: image/webp
fastly-io-info: ifsz=1430 idim=329x20 ifmt=png ofsz=1048 odim=329x20 ofmt=webp
cache-control: public, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1048

Redirect headers

x-served-by: cache-lcy-eglc8600030-LCY
date: Tue, 31 Oct 2023 14:53:25 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1698764006.741535,VS0,VE1
x-cache: HIT
location: https://primary.jwwb.nl/public/n/c/r/temp-nfkgknlmqfnnrdgtnswy/Pmubann.png
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/ 36 KB
9 KB 65ms
31ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 37877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8641
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-8fd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRO8%2F9UUr9VSeeZzIs8zI2qOfWRWMv7yvJygR5B91yqrLb5EnHY3%2Bdvsc1a9slSeDxV%2B%2BzYAoVXn6vS%2FU8J0neiUrUo9I3OPYA%2FClurf6wsCiM88rlgYlSQbxtT2iBPAjw0VTfp5CrD2nc4UpbVt%2B%2F%2BH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81ecba3c7b47229c-CDG
expires: Sun, 20 Oct 2024 14:53:25 GMT

GET
H2 200 images-sizer.js Show response
static.onlc.eu/designs/bootstrap/scripts/ 465 B
592 B 37ms
36ms Script
application/javascript 2606:4700:20::681a:7a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.onlc.eu/designs/bootstrap/scripts/images-sizer.js
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76239ac4f24cf0979baa27e7a5a25c712ebc3c7c5934754c19358c2e96afc5c5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2376
cf-polished: origSize=620
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 07 Feb 2016 13:48:36 GMT
server: cloudflare
etag: W/"3994891144"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3bMMQJKNzmzFn%2FRw98bHdZGTzh7HjaZqNzt%2FffkutGfVgCqDGsHJ8gpUUUGfMzQ2rCLVyw6yPYFEGLjj6pJOBbJr9diz2ibWkd6mRGth5dX6C%2FF4K3gLoLjIZn7mEL9ZtxW%2FWIy38JeBknj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 81ecba3cbb3fd4fe-CDG

GET
H2 200 css
fonts.googleapis.com/ 5 KB
774 B 37ms
34ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bootswatch/3.3.5/simplex/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d81372d24594f6fc20de51c71f80266e35bf19666316ab3de588145fe7bd39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cdnjs.cloudflare.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:32:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 14:53:25 GMT

GET
H2 200 link-converter.min.js Show response
cdn.shorte.st/ 116 KB
45 KB 133ms
40ms Script
application/javascript 2606:4700:20::ac43:4a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/link-converter.min.js
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1041
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-1d196"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upQeUK4uh0d3HH3dTH%2Bg0uMhocZ9NEQ6zszF1DhrSz7SgiQdPMf0LP2yj4po5bPQhu03ljiOwqaVbdgixktiHuoVT9lmuGOXYmvgYVgfzI6LoW5l6T8L0ZgmipoQj3lWtPC8eVUUxJIHjRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-id: shn08
cache-control: max-age=14400
cf-ray: 81ecba3d5b1dd646-CDG
expires: Tue, 31 Oct 2023 15:36:04 GMT

GET
H2 200 / Show response
ticketurf.carrd.co/ Frame 4EE1 31 KB
8 KB 409ms
307ms Document
text/html 104.18.40.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ticketurf.carrd.co/
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b2b09c529194a3cba6460ceef689e4bc2b34ed5a8be77e9557b130c7d976c74

Request headers

Referer: https://ticketurf.onlc.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 81ecba3d6b9600c8-CDG
content-encoding: gzip
content-type: text/html
date: Tue, 31 Oct 2023 14:53:26 GMT
expires: Tue, 31 Oct 2023 14:53:26 GMT
last-modified: Mon, 30 Oct 2023 21:02:09 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 163339832361.png
static.onlc.eu/ticketurfNDD/ 30 KB
31 KB 60ms
60ms Image
image/webp 2606:4700:20::681a:7a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.onlc.eu/ticketurfNDD/163339832361.png
Requested by: Host: ticketurf.onlc.fr
URL: https://ticketurf.onlc.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f281b5cd43af5b46678768a3d7d7105e546c3afbdff2a0ec5f09dc9d5b0b8c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 288
cf-polished: origFmt=png, origSize=37064
content-disposition: inline; filename="163339832361.webp"
alt-svc: h3=":443"; ma=86400
content-length: 31056
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Oct 2021 01:45:23 GMT
server: cloudflare
etag: "3612979649"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuYTUSU%2BIUfCdQsiC3ltqh5lK7F6WYzZwbtE0p8bvCRKnCKZgcMNP7YJBsuT2gq2vkSZGjNpd81R9mfkGpXKZUpToEerYmxg%2BcgAxnhdNXNTiJHwjoSUOzhFRghADI%2FRYfIW71ioaDqq9dS7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 81ecba3ceb83d4fe-CDG

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 123ms
26ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.onlc.fr
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 419732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:17:53 GMT

GET
H2 404 /
ssp.zryydi.com/bid/ 0
0 699ms
637ms Script
text/html 172.67.191.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.zryydi.com/bid/?tag_id=90&sub_id=ba935990d51070c1473f34dccb0914e4&url=https%3A%2F%2Fticketurf.onlc.fr%2F&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1698764006061
Requested by: Host: cdn.shorte.st
URL: https://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.191.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

GET
H2 200 sh-overlay.css
cdn.shorte.st/css/ 3 KB
1 KB 66ms
65ms Stylesheet
text/css 2606:4700:20::ac43:4a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/css/sh-overlay.css
Requested by: Host: cdn.shorte.st
URL: https://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 425
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-dd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LbhQ1Ni9LyvvMNII2rwdnCmJvEnQghgY%2FFlVodb%2FBQ5Xd2xK4%2FyZyNLjuT7lldlPF9OImxyXN3su3bOJWPxIWlc1puBE%2F8Gbgo%2F26fH9BncrfpnYoLEEx94iz5pHtEst03o516NxF60p%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-server-id: shn08
cache-control: max-age=14400
cf-ray: 81ecba3dfc51d646-CDG
expires: Tue, 31 Oct 2023 15:46:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 4EE1 24 KB
1 KB 37ms
36ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Roboto+Slab:ital,wght@0,400;0,700;1,400;1,700&family=Red+Hat+Text:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Roboto:ital,wght@0,100;0,400;0,700;1,100;1,400;1,700&family=Rozha+One:ital,wght@0,400;1,400

Requested by

Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c647eebd5f54c0b6123aae7f93307f3b8d61efe9da88e462627643dce35a87c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Oct 2023 14:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 14:53:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Oct 2023 14:53:26 GMT

GET
H2 200 image05.jpg
ticketurf.carrd.co/assets/images/ Frame 4EE1 19 KB
19 KB 33ms
32ms Image
image/jpeg 104.18.40.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/image05.jpg?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e59d1a8b0ad29ff122aec2f40f5d87cbde1f5817d205d97b8dccf87f50b13e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:26 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sun, 29 Oct 2023 19:09:27 GMT
server: cloudflare
age: 64059
etag: "4cf8-608dfa91830c0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecba3f5eb500c8-CDG
content-length: 19704
expires: Tue, 07 Nov 2023 14:53:26 GMT

GET
H2 200 image03.gif
ticketurf.carrd.co/assets/images/ Frame 4EE1 21 KB
21 KB 44ms
43ms Image
image/gif 104.18.40.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/image03.gif?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b242e6c66ae210740511e7719910bff0122d861698221c8a34262ee25ce5b17d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:26 GMT
cf-cache-status: HIT
last-modified: Sun, 29 Oct 2023 19:43:49 GMT
server: cloudflare
age: 64059
etag: "5251-608e023f5e918"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecba3f5eb700c8-CDG
content-length: 21073
expires: Tue, 07 Nov 2023 14:53:26 GMT

GET
H2 200 image07.gif
ticketurf.carrd.co/assets/images/ Frame 4EE1 739 B
817 B 63ms
49ms Image
image/gif 104.18.40.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/image07.gif?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cbea78d5474714bd51b0195ee65be709e8cdfad9bd9b4c02f82d065b7eaa9bd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:26 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 02:36:03 GMT
server: cloudflare
age: 64059
etag: "2e3-601e7865a02d8"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecba3f7ed500c8-CDG
content-length: 739
expires: Tue, 07 Nov 2023 14:53:26 GMT

GET
H2 200 image04.gif
ticketurf.carrd.co/assets/images/ Frame 4EE1 36 KB
36 KB 57ms
43ms Image
image/gif 104.18.40.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/image04.gif?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec8e6c921954a15b064e7aa23783df4ffb7ea8fe3a1e1e6e5d2e8be0bbe27ee3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:26 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 02:36:03 GMT
server: cloudflare
age: 64059
etag: "8e1f-601e7865b3b58"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecba3f7ed700c8-CDG
content-length: 36383
expires: Tue, 07 Nov 2023 14:53:26 GMT

GET
H2 200 image01.jpg
ticketurf.carrd.co/assets/images/ Frame 4EE1 25 KB
25 KB 49ms
35ms Image
image/jpeg 104.18.40.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/image01.jpg?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaef72238a71c5bfebcad0d1d17e648eb40b45951ed771c55148770e2f4d88dd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:26 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 02 Aug 2023 03:45:22 GMT
server: cloudflare
age: 64059
etag: "64bb-601e87e3b6898"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecba3f7ed800c8-CDG
content-length: 25787
expires: Tue, 07 Nov 2023 14:53:26 GMT

GET
H2 200 XSho6acgbtE Show response
www.youtube.com/embed/ Frame 25D3 94 KB
42 KB 213ms
117ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Requested by

Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe6974ed14495d20d98e0f424bedb7adc0fabd87f808052aed4c750f2f51b269

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ticketurf.carrd.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Oct 2023 14:53:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bg.jpg
ticketurf.carrd.co/assets/images/ Frame 4EE1 209 KB
209 KB 50ms
49ms Image
image/jpeg 104.18.40.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketurf.carrd.co/assets/images/bg.jpg?v=503d0d41
Requested by: Host: ticketurf.carrd.co
URL: https://ticketurf.carrd.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.40.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a93cbab2025cad0e835b226fc0b3978a2bcec8856d56c9cbf38dbfdc2913af1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.carrd.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:26 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Wed, 02 Aug 2023 02:36:03 GMT
server: cloudflare
age: 64058
etag: "342ea-601e786586c98"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 81ecba3f8ee700c8-CDG
content-length: 213738
expires: Tue, 07 Nov 2023 14:53:26 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ Frame 4EE1 34 KB
34 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Roboto+Slab:ital,wght@0,400;0,700;1,400;1,700&family=Red+Hat+Text:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Roboto:ital,wght@0,100;0,400;0,700;1,100;1,400;1,700&family=Rozha+One:ital,wght@0,400;1,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 17:13:42 GMT
x-content-type-options: nosniff
age: 337184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34328
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 17:13:42 GMT

GET
H2 200 RrQXbohi_ic6B3yVSzGBrMxQaKct.woff2
fonts.gstatic.com/s/redhattext/v14/ Frame 4EE1 27 KB
27 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/redhattext/v14/RrQXbohi_ic6B3yVSzGBrMxQaKct.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b2f5ac43898b79c2fddba6968f281fe471838e5a3573bcf3ea25ea7f9d3c708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 22:34:34 GMT
x-content-type-options: nosniff
age: 404332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27980
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:17:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 22:34:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4EE1 15 KB
15 KB 40ms
38ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 384394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 04:06:52 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4EE1 15 KB
16 KB 49ms
47ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 05:27:12 GMT
x-content-type-options: nosniff
age: 293174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 05:27:12 GMT

GET
H2 200 KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4EE1 17 KB
17 KB 51ms
51ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 04:08:21 GMT
x-content-type-options: nosniff
age: 470705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17060
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 04:08:21 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4EE1 17 KB
17 KB 53ms
53ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 16:18:35 GMT
x-content-type-options: nosniff
age: 254091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 16:18:35 GMT

GET
H2 200 AlZy_zVFtYP12Zncg2kRcn35.woff2
fonts.gstatic.com/s/rozhaone/v15/ Frame 4EE1 18 KB
18 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rozhaone/v15/AlZy_zVFtYP12Zncg2kRcn35.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ticketurf.carrd.co
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 18:03:21 GMT
x-content-type-options: nosniff
age: 334205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18176
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 18:03:21 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/9e328581/ Frame 25D3 377 KB
48 KB 107ms
89ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e145fd39385252b9692e8a022fd599d62542a548ace6423dd9bc9abb07e1dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48749
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Oct 2024 14:26:46 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25D3 15 KB
15 KB 92ms
88ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 03:12:15 GMT
x-content-type-options: nosniff
age: 387671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 03:12:15 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 25D3 15 KB
15 KB 94ms
85ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 408411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 21:26:35 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/9e328581/www-embed-player.vflset/ Frame 25D3 318 KB
95 KB 163ms
154ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

837ff4d2018dbb14f63f899c3479035f7a986d5f36b9a5603c872b624afbbf19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97578
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Oct 2024 14:44:44 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame 25D3 2 MB
756 KB 191ms
182ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

863f9756bfa22af1dfb2edf9112a893b6f0bbd158d32335eea4d8a9beae440a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 21:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 773515
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 26 Oct 2024 21:06:11 GMT

GET
H2 204 display.php Show response
www.tradeadexchange.com/a/ 0
500 B 216ms
138ms Script
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=ba935990d51070c1473f34dccb0914e4&sub2=0
Requested by: Host: cdn.shorte.st
URL: https://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ticketurf.onlc.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:26 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCSh3wfr0KbwynAFivJ2brBWVnQjrsjIU4YpW5%2BggAAhuwV%2BA363DA%2F1aZ91KJWDco4o3tpmfiuclCCdF%2FaBPj9ax8dLfSl%2FRpa%2BKWsZ66IqWDOyxUXzZC5MDUzTz5gA%2FrDtIFvZuXdJB5J%2Bhgkrg33VUfUe6w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 81ecba42defa03f9-CDG
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 25D3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

46ms
38ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

441ff9df386dd1c23ebc9aacf58ce7f2b342d65acea8c4e1ab81620e1cba7571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Oct 2023 14:53:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 25D3 29 B
495 B 91ms
25ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:43:23 GMT
x-content-type-options: nosniff
age: 604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Oct 2023 14:58:23 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 110ms
42ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Oct 2023 14:53:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 25D3 68 KB
31 KB 42ms
40ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e115d3388a4d51bc47cc176166d5e8b2af900b9337baca80bb0974d16e54247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 31 Oct 2023 14:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31944
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 25D3 69 KB
30 KB 117ms
116ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

b4af2bf83d68b72ea013c93bd37c622a786f8d5725ee4036c5ec448ebfe7ded0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231024.01.02
X-Goog-Visitor-Id: CgtQbnpxT29qYnhFMCjmqYSqBjIICgJGUhICEgA%3D

Response headers

date: Tue, 31 Oct 2023 14:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30502
x-xss-protection: 0
expires: Tue, 31 Oct 2023 14:53:27 GMT

GET
H2 200 87YGUa-CtHzGh2dX4WqK9TGwOTgC4_iw-Ct0WwzLfDU.js Show response
www.google.com/js/th/ Frame 25D3 37 KB
15 KB 85ms
24ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/87YGUa-CtHzGh2dX4WqK9TGwOTgC4_iw-Ct0WwzLfDU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3b60651af82b47cc6876757e16a8af531b0393802e3f8b0f82b745b0ccb7c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 11:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 184006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14760
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 28 Oct 2024 11:46:41 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame 25D3 54 KB
17 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19bd5a56f4259144bffb64cb8d11218e8710fceedd00f35dc7aa750c19ef4305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 480243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17018
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Oct 2024 01:29:24 GMT

GET
DATA 200
OK truncated
/ Frame 25D3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0KKpZc2AwAF9CYENxJWas_PEG_guprrRGy4V1fWljQWjtP1wS9qQ4kArD9K22JudFEO9pM2bUA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 25D3 4 KB
4 KB 97ms
25ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/0KKpZc2AwAF9CYENxJWas_PEG_guprrRGy4V1fWljQWjtP1wS9qQ4kArD9K22JudFEO9pM2bUA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2e2769814731a347b4da1baebf585d87a3ac7405f5637eb37f6d4afc42db142c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:51:54 GMT
x-content-type-options: nosniff
age: 93
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3895
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Nov 2023 14:51:54 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 25D3 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?yK8mlA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:53:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 25D3 90 B
134 B 53ms
53ms XHR
application/json+protobuf 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55d3d6a25ff171eace57fbeedced1361e0b5e5550f188dd11cd8ba9f9739af6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 31 Oct 2023 14:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 33ms
33ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Oct 2023 14:53:27 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 25D3 0
19 B 65ms
65ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&cpn=yKEVNZAm8rb_PZIF&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153865%2C76731%2C84737%2C17227%2C8461%2C9542%2C1088%2C5877%2C394%2C3200%2C18465%2C6%2C26417823%2C4054%2C1253%2C677%2C5181%2C1522%2C4448%2C4219%2C471%2C265%2C2040%2C7229%2C859%2C3410%2C5837&cl=576683619&seq=1&docid=XSho6acgbtE&ei=5xRBZdCNB4qs6dsPitauoA4&event=streamingstats&plid=AAYJBFE0G1RNXTWU&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FXSho6acgbtE%3Fautoplay%3D1%26mute%3D1%26rel%3D0%26loop%3D1%26controls%3D0%26cc_load_policy%3D0%26playlist%3DXSho6acgbtE&qclc=ChB5S0VWTlpBbThyYl9QWklGEAE&embargoed=0&cbr=Chrome&cbrver=118.0.5993.117&c=WEB_EMBEDDED_PLAYER&cver=1.20231024.01.02&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.023:B,0.306:B,0.306:B&cat=streaming&cmt=0.023:0.000,0.306:0.000&vfs=0.306:243:243::r&view=0.306:260:146&bwe=0.306:130000&bat=0.306:1:1&vis=0.306:0&bh=0.306:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtQbnpxT29qYnhFMCjmqYSqBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698764006943&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C146&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 14:53:27 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr1---sn-apaapm4g-apae.googlevideo.com/ Frame 25D3 64 KB
65 KB 100ms
36ms Fetch
application/vnd.yt-ump 2a00:ba61:0:126::c
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1698785607&ei=5xRBZdCNB4qs6dsPitauoA4&ip=2001%3A41d0%3A8%3Ad154%3A%3A14&id=o-AMfTz1-P7G4vhZxsJPGCFzwB-vfFyJBERjUr2alRPGlD&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Zj&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-4g5edn6y&ms=au%2Crdu&mv=m&mvi=1&pl=45&initcwndbps=237500&spc=UWF9f7k6Hdy1ZG3AS6-EOMvG7XqwlXi4DuarPxXVaw&vprv=1&svpuc=1&mime=video%2Fwebm&ns=TG9s4521T47sEe-XHP0XiYwP&gir=yes&clen=636441&dur=39.999&lmt=1676808640318824&mt=1698763755&fvip=2&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=DHzaZXN_w1UCIA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhAKzlV5AEyDZKW4zph_u0dUN5H6CAAOk0_tTklsRG8S_hAiBm_uHUQkyZ0na5PmpJkBP9qNOPAE4pdsq9Uzuv31WAag%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRQIhAPM47YrE8U_TbHN4Q6JKRWOLLHf71d7-85QHd0_5ZsW-AiB5vj4a6pUSsdR9pO_5uE5TcKamH3YuMYQ9erccxRqYNg%3D%3D&alr=yes&cpn=yKEVNZAm8rb_PZIF&cver=1.20231024.01.02&range=0-65884&rn=1&rbuf=0&pot=IjJsr2ypCe54SC_IGP4OwRzXOJ1V3jXBBOkh7AbCHfY_3i7FJeYvyCboOccl7CnILYpf6w==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

96a7aa2e94a4b25abaa8376bac84bc50a03a7bbacb06ce2c57964d08c0383166

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 14:53:27 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Sun, 19 Feb 2023 12:10:40 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 31 Oct 2023 14:53:27 GMT

POST
H/1.1 200
OK videoplayback Show response
rr1---sn-apaapm4g-apae.googlevideo.com/ Frame 25D3 18 KB
19 KB 96ms
33ms Fetch
application/vnd.yt-ump 2a00:ba61:0:126::c
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1698785607&ei=5xRBZdCNB4qs6dsPitauoA4&ip=2001%3A41d0%3A8%3Ad154%3A%3A14&id=o-AMfTz1-P7G4vhZxsJPGCFzwB-vfFyJBERjUr2alRPGlD&itag=250&source=youtube&requiressl=yes&mh=Zj&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-4g5edn6y&ms=au%2Crdu&mv=m&mvi=1&pl=45&initcwndbps=237500&spc=UWF9f7k6Hdy1ZG3AS6-EOMvG7XqwlXi4DuarPxXVaw&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=TG9s4521T47sEe-XHP0XiYwP&gir=yes&clen=18403&dur=40.021&lmt=1676808632319953&mt=1698763755&fvip=2&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=DHzaZXN_w1UCIA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRAIgGVeqzFfJKFq89WQ1yDaJfFkcYxZV89E08qE1FcrxuvUCIFhah-HU0rCraKs5SuZbpp5W6g6-ReDfr8kFCbGne21k&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRQIhAPM47YrE8U_TbHN4Q6JKRWOLLHf71d7-85QHd0_5ZsW-AiB5vj4a6pUSsdR9pO_5uE5TcKamH3YuMYQ9erccxRqYNg%3D%3D&alr=yes&cpn=yKEVNZAm8rb_PZIF&cver=1.20231024.01.02&range=0-18402&rn=2&rbuf=0&pot=IjIy4zLlV6ImBHGERrJQjUKbZtELkmuNWqV_oFiOQ7phknCJe6pxhHikZ4t7oHeEc8YBpw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0adced9f977b72f3e34e77eb2967077b696db4e44616de31885cc8aaa0ace625

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Tue, 31 Oct 2023 14:53:27 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Sun, 19 Feb 2023 12:10:32 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Tue, 31 Oct 2023 14:53:27 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame 25D3 33 KB
8 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6b1baea291fdd592e3277eb5345c0b9d0707eed3370e6029e9796aa7e0b5eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 20:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 324106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8353
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 26 Oct 2024 20:51:41 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/ Frame 25D3 68 KB
18 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

202c54801c24c0dcd0a06cf21417fe62332416eb44aaef98dd8d0438f7db04a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 479869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18890
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:11:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 25 Oct 2024 01:35:38 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 25D3 8 KB
3 KB 522ms
521ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

8c9481966c4514edf9056520725ccb1cfe4e106267a345858644fe52284c9548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231024.01.02
X-Goog-Visitor-Id: CgtQbnpxT29qYnhFMCjmqYSqBjIICgJGUhICEgA%3D

Response headers

date: Tue, 31 Oct 2023 14:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2652
x-xss-protection: 0
expires: Tue, 31 Oct 2023 14:53:27 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 25D3 28 B
54 B 41ms
38ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Goog-Request-Time: 1698764007502
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtQbnpxT29qYnhFMCjmqYSqBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698764006759&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C146&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 31 Oct 2023 14:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 31 Oct 2023 14:53:27 GMT

POST
H3 200 videoplayback Show response
rr1---sn-apaapm4g-apae.googlevideo.com/ Frame 25D3 221 KB
221 KB 39ms
19ms Fetch
application/vnd.yt-ump 2a00:ba61:0:126::c
EURAFIBRE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-apaapm4g-apae.googlevideo.com/videoplayback?expire=1698785607&ei=5xRBZdCNB4qs6dsPitauoA4&ip=2001%3A41d0%3A8%3Ad154%3A%3A14&id=o-AMfTz1-P7G4vhZxsJPGCFzwB-vfFyJBERjUr2alRPGlD&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Zj&mm=31%2C29&mn=sn-apaapm4g-apae%2Csn-4g5edn6y&ms=au%2Crdu&mv=m&mvi=1&pl=45&initcwndbps=237500&spc=UWF9f7k6Hdy1ZG3AS6-EOMvG7XqwlXi4DuarPxXVaw&vprv=1&svpuc=1&mime=video%2Fwebm&ns=TG9s4521T47sEe-XHP0XiYwP&gir=yes&clen=636441&dur=39.999&lmt=1676808640318824&mt=1698763755&fvip=2&keepalive=yes&fexp=24007246&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=DHzaZXN_w1UCIA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AGM4YrMwRQIhAKzlV5AEyDZKW4zph_u0dUN5H6CAAOk0_tTklsRG8S_hAiBm_uHUQkyZ0na5PmpJkBP9qNOPAE4pdsq9Uzuv31WAag%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AK1ks_kwRQIhAPM47YrE8U_TbHN4Q6JKRWOLLHf71d7-85QHd0_5ZsW-AiB5vj4a6pUSsdR9pO_5uE5TcKamH3YuMYQ9erccxRqYNg%3D%3D&alr=yes&cpn=yKEVNZAm8rb_PZIF&cver=1.20231024.01.02&range=65885-291869&rn=3&rbuf=8302&pot=Mm5YpuRwzLcm81ieUEhAlIeKnAd1WzYOQ_wM88K_2h3PlXesqXpxeFFLkXwGurx8DRBlrltoEyfntN36YnBPEaaT0xUH6x5X4eS8F4MRcxmqkCCMiOYKv3ErHcc31anh3Tgpx1gpb9gM4L2ntzrpdw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:ba61:0:126::c , France, ASN35625 (EURAFIBRE-AS, FR),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fb1066a8e7ccabbaf0b307cff3a48820ca84a2a3460d756e0386e320997ae73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

expires: Tue, 31 Oct 2023 14:53:27 GMT
date: Tue, 31 Oct 2023 14:53:27 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Sun, 19 Feb 2023 12:10:40 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 25D3 0
17 B 35ms
34ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=yKEVNZAm8rb_PZIF&ver=2&cmt=0.051&fmt=243&fs=0&rt=0.547&euri=https%3A%2F%2Fticketurf.carrd.co%2F&lact=595&cl=576683619&mos=1&volume=100&cbr=Chrome&cbrver=118.0.5993.117&c=WEB_EMBEDDED_PLAYER&cver=1.20231024.01.02&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=fr_FR&cr=FR&len=40.021&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C153865%2C76731%2C84737%2C17227%2C8461%2C9542%2C1088%2C5877%2C394%2C3200%2C18465%2C6%2C26417823%2C4054%2C1253%2C677%2C5181%2C1522%2C4448%2C4219%2C471%2C265%2C2040%2C7229%2C859%2C3410%2C5837&rtn=5&afmt=250&size=260%3A146&inview=0&muted=1&docid=XSho6acgbtE&ei=5xRBZdCNB4qs6dsPitauoA4&plid=AAYJBFE0G1RNXTWU&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FXSho6acgbtE%3Fautoplay%3D1%26mute%3D1%26rel%3D0%26loop%3D1%26controls%3D0%26cc_load_policy%3D0%26playlist%3DXSho6acgbtE&list=TLGGkoMxQwxL0vczMTEwMjAyMw&of=yX5RpBYBJLP7Tad9VVBxKA&vm=CAEQABgEOjJBRzZGdTI0WkNrRlBIR3QwMXBRak4tZldfS0sxYVZCXy1PdThMZWZqeXFPWjlJSE4yUWJ2QVBta0tESmt3aVQtbzItQ2pLT3hhdGtFM2xUaV9tckZiX29MVVBNa2RsOWFsaTMwTmE0Vm94QmFYQW1QaTVZN1R1ck8ycU1waEtVSTk5SDFmYTc3WllzaklMaXJDMHJZM1JsbjU3eUtDaHM2ZzNSRGpleUdLQWgB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtQbnpxT29qYnhFMCjmqYSqBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698764006943&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C146&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 14:53:27 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 25D3 0
19 B 34ms
33ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=XSho6acgbtE&cpn=yKEVNZAm8rb_PZIF&ei=5xRBZdCNB4qs6dsPitauoA4&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtQbnpxT29qYnhFMCjmqYSqBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698764006943&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C146&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Tue, 31 Oct 2023 14:53:27 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 25D3 28 B
54 B 39ms
38ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e328581/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Goog-Request-Time: 1698764008987
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XSho6acgbtE?autoplay=1&mute=1&rel=0&loop=1&controls=0&cc_load_policy=0&playlist=XSho6acgbtE
X-YouTube-Client-Version: 1.20231024.01.02
X-YouTube-Time-Zone: Europe/Paris
X-Goog-Visitor-Id: CgtQbnpxT29qYnhFMCjmqYSqBjIICgJGUhICEgA%3D
X-YouTube-Ad-Signals: dt=1698764006759&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C146&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 31 Oct 2023 14:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 31 Oct 2023 14:53:29 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ticketurf.onlc.fr/	1970-01-20 15:53:20	Name: PHPSESSID Value: le0ound10so1ifb5mtsbgpgcc0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: lzJPrmswLmU
.youtube.com/	1970-01-20 20:11:56	Name: VISITOR_INFO1_LIVE Value: PnzqOojbxE0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ssp.zryydi.com/bid/?tag_id=90&sub_id=ba935990d51070c1473f34dccb0914e4&url=https%3A%2F%2Fticketurf.onlc.fr%2F&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1698764006061 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.shorte.st
cdnjs.cloudflare.com
f.eu1.jwwb.nl
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
primary.jwwb.nl
rr1---sn-apaapm4g-apae.googlevideo.com
ssp.zryydi.com
static.doubleclick.net
static.onlc.eu
ticketurf.carrd.co
ticketurf.onlc.fr
www.google.com
www.tradeadexchange.com
www.youtube.com
yt3.ggpht.com
104.18.40.34
151.101.1.91
151.101.129.91
172.67.191.226
2606:4700:20::681a:1f9
2606:4700:20::681a:7a2
2606:4700:20::ac43:4a21
2606:4700::6811:180e
2a00:1450:4001:800::2004
2a00:1450:4001:800::200e
2a00:1450:4001:802::200a
2a00:1450:4001:808::200a
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:830::2006
2a00:ba61:0:126::c
2a06:98c1:3121::3
0adced9f977b72f3e34e77eb2967077b696db4e44616de31885cc8aaa0ace625
0e115d3388a4d51bc47cc176166d5e8b2af900b9337baca80bb0974d16e54247
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
19bd5a56f4259144bffb64cb8d11218e8710fceedd00f35dc7aa750c19ef4305
202c54801c24c0dcd0a06cf21417fe62332416eb44aaef98dd8d0438f7db04a6
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
22da8d88b991a65fbe510fd298a0bbf96e561f2e0bd286aa0af381b5bd8b72ab
2b2f5ac43898b79c2fddba6968f281fe471838e5a3573bcf3ea25ea7f9d3c708
2d81372d24594f6fc20de51c71f80266e35bf19666316ab3de588145fe7bd39c
2e2769814731a347b4da1baebf585d87a3ac7405f5637eb37f6d4afc42db142c
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471
3a93cbab2025cad0e835b226fc0b3978a2bcec8856d56c9cbf38dbfdc2913af1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
441ff9df386dd1c23ebc9aacf58ce7f2b342d65acea8c4e1ab81620e1cba7571
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4b2b09c529194a3cba6460ceef689e4bc2b34ed5a8be77e9557b130c7d976c74
4ff728822fc51255ff253b4b8555782eaf2e35d9fa2ef9b905ce3f570197f621
55d3d6a25ff171eace57fbeedced1361e0b5e5550f188dd11cd8ba9f9739af6f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e145fd39385252b9692e8a022fd599d62542a548ace6423dd9bc9abb07e1dca
63f281b5cd43af5b46678768a3d7d7105e546c3afbdff2a0ec5f09dc9d5b0b8c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6cbea78d5474714bd51b0195ee65be709e8cdfad9bd9b4c02f82d065b7eaa9bd
75d34fa358258bf31fc8c74a79dbcfa3bd717d25d12a40d54b2d9ee69cd4d341
76239ac4f24cf0979baa27e7a5a25c712ebc3c7c5934754c19358c2e96afc5c5
837ff4d2018dbb14f63f899c3479035f7a986d5f36b9a5603c872b624afbbf19
863f9756bfa22af1dfb2edf9112a893b6f0bbd158d32335eea4d8a9beae440a4
8c9481966c4514edf9056520725ccb1cfe4e106267a345858644fe52284c9548
9041530bf582d9ce662f425bdf07bad4dfdaadb41830f4ef8e1b46a3b216d69d
960ffb23b887779d6f02c9fd745a8b2cd1ba8bdc15415a55e35d6daca4ada8c3
96a7aa2e94a4b25abaa8376bac84bc50a03a7bbacb06ce2c57964d08c0383166
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a3ecfe4da73d3f04f54aca493982a068a9e328942a64100bfc976cbae9cafb10
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
aaef72238a71c5bfebcad0d1d17e648eb40b45951ed771c55148770e2f4d88dd
b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa
b242e6c66ae210740511e7719910bff0122d861698221c8a34262ee25ce5b17d
b4af2bf83d68b72ea013c93bd37c622a786f8d5725ee4036c5ec448ebfe7ded0
c190fd4534143b46005a1fb176e61c80c6dc36b7893ba45f2d5480217dfcb8c3
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c647eebd5f54c0b6123aae7f93307f3b8d61efe9da88e462627643dce35a87c7
c6b1baea291fdd592e3277eb5345c0b9d0707eed3370e6029e9796aa7e0b5eca
c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59d1a8b0ad29ff122aec2f40f5d87cbde1f5817d205d97b8dccf87f50b13e49
ec8e6c921954a15b064e7aa23783df4ffb7ea8fe3a1e1e6e5d2e8be0bbe27ee3
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f3b60651af82b47cc6876757e16a8af531b0393802e3f8b0f82b745b0ccb7c35
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f83d8cd0c14bccf28c8c3f780b50e3879952e7e9eea8af16cbdec8635d82de08
fb1066a8e7ccabbaf0b307cff3a48820ca84a2a3460d756e0386e320997ae73f
fe6974ed14495d20d98e0f424bedb7adc0fabd87f808052aed4c750f2f51b269

ticketurf.onlc.fr Open in urlscan Pro 2606:4700:20::681a:1f9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

78 %IPv6

15 Domains

18 Subdomains

18 IPs

4 Countries

2100 kBTransfer

5115 kBSize

3 Cookies

5 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ticketurf.onlc.fr Open in urlscan Pro
2606:4700:20::681a:1f9 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

78 %
IPv6

15
Domains

18
Subdomains

18
IPs

4
Countries

2100 kB
Transfer

5115 kB
Size

3
Cookies

64 HTTP transactions
1 data transactions