urlscan.io logo urlscan.io
SecurityTrails logo

exes.doka.mefound.com Open in urlscan Pro
185.38.185.225  Public Scan

Go To Rescan Add Verdict Report
URL: http://exes.doka.mefound.com/6zY4nE8yK.html
Submission: On October 11 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 7 domains to perform 10 HTTP transactions. The main IP is 185.38.185.225, located in Budva, Montenegro and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is exes.doka.mefound.com.
This is the only time exes.doka.mefound.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

0q3OhsU31wc.swf 89 KB application/x-shockwave-flash
MIME: Macromedia Flash data, version 9
1y6smkh6c-0.swf 104 KB application/x-shockwave-flash
MIME: Macromedia Flash data, version 9
8z-U2pmJi4s.swf 217 KB application/x-shockwave-flash
MIME: Macromedia Flash data, version 9
tL-aHf3nztc.swf 70 KB application/x-shockwave-flash
MIME: Macromedia Flash data, version 9

Domain & IP information

IP Address AS Autonomous System
1 185.38.185.225 60781 (LEASEWEB-...)
1 2a02:26f0:10:... 20940 (AKAMAI-ASN1)
1 1 66.6.33.149 26101 (YAHOO-3)
1 2a00:1288:7c:... 43428 (YAHOO-ULS)
1 151.101.122.2 54113 (FASTLY)
1 1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
10 7
1    185.38.185.225 (Budva, Montenegro)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
exes.doka.mefound.com
1    2a02:26f0:10::214:8f1f (European Union)

ASN20940 (AKAMAI-ASN1, US)
cdn.faxonautoliterature.com
1    66.6.33.149 (New York, United States)

ASN26101 (YAHOO-3 - Yahoo!, US)
31.media.tumblr.com
1    2a00:1288:7c:800::5001 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)
78.media.tumblr.com
1    151.101.122.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
i157.photobucket.com
1    2a02:26f0:6c00:18f::39ca (European Union)

ASN20940 (AKAMAI-ASN1, US)
www.theage.com.au
1    2a02:26f0:6c00:18b::39ca (European Union)

ASN20940 (AKAMAI-ASN1, US)
www.theage.com.au
4    2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
Domain Requested by
4 www.youtube.com exes.doka.mefound.com
2 www.theage.com.au 1 redirects exes.doka.mefound.com
1 i157.photobucket.com exes.doka.mefound.com
1 78.media.tumblr.com exes.doka.mefound.com
1 31.media.tumblr.com 1 redirects
1 cdn.faxonautoliterature.com exes.doka.mefound.com
1 exes.doka.mefound.com
0 https Failed exes.doka.mefound.com
10 8

This site contains links to these domains. Also see Links.

Domain
abim.otme.ddns.info
xiou.wrsg.mynumber.org
Subject Issuer Validity Valid
fairfaxmedia.com.au
COMODO RSA Organization Validation Secure Server CA		 2018-04-19 -
2019-04-19		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-09-25 -
2018-12-18		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://exes.doka.mefound.com/6zY4nE8yK.html
Frame ID: 077EBE0E5C50E26277733BEE9EC46258
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/v/8z-U2pmJi4s?fs=1&hl=ru_RU
Frame ID: 58E2EAC1831E587D16249B1EE2EC40B1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/v/tL-aHf3nztc?fs=1&hl=ru_RU
Frame ID: 31E19BA7A1F3FF114BBA2B3096B6D1D1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/v/1y6smkh6c-0?fs=1&hl=ru_RU
Frame ID: F4C27F75F1D3170296103B36EBAA991C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/v/0q3OhsU31wc?fs=1&hl=ru_RU
Frame ID: 9F85F4DF89FF69BD9498316AACD846E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

Page Statistics

10
Requests

50 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

7
IPs

5
Countries

333 kB
Transfer

318 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://31.media.tumblr.com/tumblr_m361w2Ulq91qhnkvco1_500.jpg HTTP 301
  • http://78.media.tumblr.com/tumblr_m361w2Ulq91qhnkvco1_500.jpg
Request Chain 4
  • http://www.theage.com.au/content/dam/images/1/a/x/u/5/image.related.articleLeadwide.620x349.1axt9.png/1297938373413.jpg HTTP 301
  • https://www.theage.com.au/content/dam/images/1/a/x/u/5/image.related.articleLeadwide.620x349.1axt9.png/1297938373413.jpg
Request Chain 5
  • http://www.youtube.com/v/8z-U2pmJi4s?fs=1&hl=ru_RU HTTP 307
  • https://www.youtube.com/v/8z-U2pmJi4s?fs=1&hl=ru_RU
Request Chain 6
  • http://www.youtube.com/v/tL-aHf3nztc?fs=1&hl=ru_RU HTTP 307
  • https://www.youtube.com/v/tL-aHf3nztc?fs=1&hl=ru_RU
Request Chain 7
  • http://www.youtube.com/v/1y6smkh6c-0?fs=1&hl=ru_RU HTTP 307
  • https://www.youtube.com/v/1y6smkh6c-0?fs=1&hl=ru_RU
Request Chain 8
  • http://www.youtube.com/v/0q3OhsU31wc?fs=1&hl=ru_RU HTTP 307
  • https://www.youtube.com/v/0q3OhsU31wc?fs=1&hl=ru_RU

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 6zY4nE8yK.html
exes.doka.mefound.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://exes.doka.mefound.com/6zY4nE8yK.html
Protocol
HTTP/1.1
Server
185.38.185.225 Budva, Montenegro, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx/1.6.2 /
Resource Hash
52a4c3f94ed313674004d1f67f4b5b54b156cdb30cde891449bfd880bd6a7a5f

Request headers

Host
exes.doka.mefound.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.6.2
Date
Thu, 11 Oct 2018 20:22:25 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
track=1539289345.24;Version=1
Last-Modified
Tue, 28 Mar 2017 01:34:03 GMT
Content-Encoding
gzip
1966CorvairROM.jpg
cdn.faxonautoliterature.com/Assets/ProductImages/ 		193 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.faxonautoliterature.com/Assets/ProductImages/1966CorvairROM.jpg
Requested by
Host: exes.doka.mefound.com
URL: http://exes.doka.mefound.com/6zY4nE8yK.html
Protocol
HTTP/1.1
Server
2a02:26f0:10::214:8f1f , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
1631a648bf9a22072be65f8990741cc5fec0a684253b1198b5fceafd40506dc7

Request headers

Referer
http://exes.doka.mefound.com/6zY4nE8yK.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 11 Oct 2018 20:22:25 GMT
Last-Modified
Sun, 20 Jan 2013 06:30:33 GMT
X-Trans-Id
txb1e9775497354ab0a4743-005bbfb101dfw1
ETag
9cdc962e9d93f142ac0dff7000b0508a
Content-Type
image/jpeg
X-Timestamp
1358663432.70885
Cache-Control
public, max-age=259151
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
197836
Expires
Sun, 14 Oct 2018 20:21:36 GMT
buntarka-stick-it-2006-dvdrip-tpekep-3.png
https//fullsite.org/uploads/posts/12-2008/07XOpYqmcLfgxprQ5qpluTlt6PweOC3tLRepiriKZ5hqWUp93Uqp2Y5cO13sjnxta63KOJnnWFrJxj2tl8YKfbj7zeug/ 		0
0
tumblr_m361w2Ulq91qhnkvco1_500.jpg
78.media.tumblr.com/
Redirect Chain
  • http://31.media.tumblr.com/tumblr_m361w2Ulq91qhnkvco1_500.jpg
  • http://78.media.tumblr.com/tumblr_m361w2Ulq91qhnkvco1_500.jpg
47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://78.media.tumblr.com/tumblr_m361w2Ulq91qhnkvco1_500.jpg
Requested by
Host: exes.doka.mefound.com
URL: http://exes.doka.mefound.com/6zY4nE8yK.html
Protocol
HTTP/1.1
Server
2a00:1288:7c:800::5001 , United Kingdom, ASN43428 (YAHOO-ULS, GB),
Reverse DNS
Software
ATS /
Resource Hash
e8b51d2196f687a1e2241be6e0bab31fefe8c00afb9a712d13c1d95449e4e6fd

Request headers

Referer
http://exes.doka.mefound.com/6zY4nE8yK.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 11 Oct 2018 20:22:25 GMT
Via
http/1.1 sc10.ycpi.bf1.yahoo.com (ApacheTrafficServer [cSsNfU]), http/1.1 sc3.ycpi.bf1.yahoo.com (ApacheTrafficServer [cMsSf ]), https/1.1 e4.ycpi.lob.yahoo.com (ApacheTrafficServer [cMsSfW]), http/1.1 e8.ycpi.lob.yahoo.com (ApacheTrafficServer [cMsSf ])
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 22 Jun 2017 00:00:00 GMT
Server
ATS
Age
0
Etag
"828d17027eb9c6461fe5ef7bfc74c8ce-1498089600-62a0294"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
48414

Redirect headers

Location
http://78.media.tumblr.com/tumblr_m361w2Ulq91qhnkvco1_500.jpg
Date
Thu, 11 Oct 2018 20:22:25 GMT
Server
openresty
Connection
keep-alive
Content-Length
182
Content-Type
text/html
rooftent.jpg
i157.photobucket.com/albums/t53/ProjectPatt587/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i157.photobucket.com/albums/t53/ProjectPatt587/rooftent.jpg
Requested by
Host: exes.doka.mefound.com
URL: http://exes.doka.mefound.com/6zY4nE8yK.html
Protocol
HTTP/1.1
Server
151.101.122.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
e17e872a7c65d03fefbde318b230d1b10d104bb2a5d2b0e5e91b1b6eb2eb9f6c

Request headers

Referer
http://exes.doka.mefound.com/6zY4nE8yK.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 11 Oct 2018 20:22:25 GMT
Via
1.1 varnish, 1.1 varnish
Age
0
X-Cache
MISS, MISS
Fastly-Io-Info
ifsz=150641 idim=800x634 ifmt=jpeg ofsz=70852 odim=800x634 ofmt=webp
Connection
keep-alive
Content-Length
70852
X-Served-By
cache-den19620-DEN, cache-cdg20725-CDG
Server
Apache
X-Timer
S1539289345.461329,VS0,VE375
Etag
"L28orXO0uaQfDv/2dqLdPY8YUM5gbtzaXf2G0qCHLD0"
Vary
Accept
Content-Type
image/webp
Access-Control-Allow-Origin
*
Fastly-Stats
io=1
Expires
Fri, 12 Oct 2018 02:22:25 GMT
Cache-Control
max-age=21600
Accept-Ranges
bytes
X-Cache-Hits
0, 0
1297938373413.jpg
www.theage.com.au/content/dam/images/1/a/x/u/5/image.related.articleLeadwide.620x349.1axt9.png/
Redirect Chain
  • http://www.theage.com.au/content/dam/images/1/a/x/u/5/image.related.articleLeadwide.620x349.1axt9.png/1297938373413.jpg
  • https://www.theage.com.au/content/dam/images/1/a/x/u/5/image.related.articleLeadwide.620x349.1axt9.png/1297938373413.jpg
0
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theage.com.au/content/dam/images/1/a/x/u/5/image.related.articleLeadwide.620x349.1axt9.png/1297938373413.jpg
Requested by
Host: exes.doka.mefound.com
URL: http://exes.doka.mefound.com/6zY4nE8yK.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:18b::39ca , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://exes.doka.mefound.com/6zY4nE8yK.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type
text/html;charset=utf-8
cache-control
public, max-age=604800
expires
Thu, 18 Oct 2018 20:22:25 GMT

Redirect headers

Date
Thu, 11 Oct 2018 20:22:25 GMT
Server
AkamaiGHost
Content-Security-Policy-Report-Only
default-src https: data: blob: 'unsafe-inline' 'unsafe-eval' 'report-sample'; img-src http: https: data: blob:; media-src http: https: data: blob:; report-uri https://csp.ffx.io/
Location
https://www.theage.com.au/content/dam/images/1/a/x/u/5/image.related.articleLeadwide.620x349.1axt9.png/1297938373413.jpg
Cache-Control
max-age=0
Content-Security-Policy
upgrade-insecure-requests;
Connection
keep-alive
Content-Length
0
Expires
Thu, 11 Oct 2018 20:22:25 GMT
8z-U2pmJi4s
www.youtube.com/v/ Frame 58E2
Redirect Chain
  • http://www.youtube.com/v/8z-U2pmJi4s?fs=1&hl=ru_RU
  • https://www.youtube.com/v/8z-U2pmJi4s?fs=1&hl=ru_RU
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/v/8z-U2pmJi4s?fs=1&hl=ru_RU
Requested by
Host: exes.doka.mefound.com
URL: http://exes.doka.mefound.com/6zY4nE8yK.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/v/8z-U2pmJi4s?fs=1&hl=ru_RU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://exes.doka.mefound.com/6zY4nE8yK.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://exes.doka.mefound.com/6zY4nE8yK.html

Response headers

status
200
strict-transport-security
max-age=31536000
content-length
221289
content-encoding
gzip
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ru for more info."
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 EST
content-security-policy-report-only
connect-src https:; default-src 'self' 'unsafe-inline' 'unsafe-eval' https:; img-src https: data:; media-src https: blob:; report-uri https://www.youtube.com/csp_204?t=https&pcl=216543162&plabel=youtube.ytfe.desktop_20181009_4_RC1&vcs=cb1b6981464c8ab8298a03d5b5121afc
cache-control
no-store
content-type
application/x-shockwave-flash
date
Thu, 11 Oct 2018 20:22:25 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=3w62OHvcn98; path=/; domain=.youtube.com; expires=Tue, 09-Apr-2019 20:22:25 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 11-Oct-2018 20:52:25 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 12-Jun-2019 08:15:25 GMT VISITOR_INFO1_LIVE=3w62OHvcn98; path=/; domain=.youtube.com; expires=Tue, 09-Apr-2019 20:22:25 GMT; httponly YSC=qI3GLx1WdcU; path=/; domain=.youtube.com; httponly
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

Location
https://www.youtube.com/v/8z-U2pmJi4s?fs=1&hl=ru_RU
Non-Authoritative-Reason
HSTS
tL-aHf3nztc
www.youtube.com/v/ Frame 31E1
Redirect Chain
  • http://www.youtube.com/v/tL-aHf3nztc?fs=1&hl=ru_RU
  • https://www.youtube.com/v/tL-aHf3nztc?fs=1&hl=ru_RU
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/v/tL-aHf3nztc?fs=1&hl=ru_RU
Requested by
Host: exes.doka.mefound.com
URL: http://exes.doka.mefound.com/6zY4nE8yK.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/v/tL-aHf3nztc?fs=1&hl=ru_RU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://exes.doka.mefound.com/6zY4nE8yK.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://exes.doka.mefound.com/6zY4nE8yK.html

Response headers

status
200
strict-transport-security
max-age=31536000
cache-control
no-store
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
x-content-type-options
nosniff
content-length
68135
expires
Tue, 27 Apr 1971 19:44:06 EST
content-type
application/x-shockwave-flash
content-encoding
gzip
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ru for more info."
date
Thu, 11 Oct 2018 20:22:25 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=j4qSd1U4NNU; path=/; domain=.youtube.com; expires=Tue, 09-Apr-2019 20:22:25 GMT; httponly VISITOR_INFO1_LIVE=j4qSd1U4NNU; path=/; domain=.youtube.com; expires=Tue, 09-Apr-2019 20:22:25 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 12-Jun-2019 08:15:25 GMT YSC=lvZt_48MbJg; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 11-Oct-2018 20:52:25 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

Location
https://www.youtube.com/v/tL-aHf3nztc?fs=1&hl=ru_RU
Non-Authoritative-Reason
HSTS
1y6smkh6c-0
www.youtube.com/v/ Frame F4C2
Redirect Chain
  • http://www.youtube.com/v/1y6smkh6c-0?fs=1&hl=ru_RU
  • https://www.youtube.com/v/1y6smkh6c-0?fs=1&hl=ru_RU
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/v/1y6smkh6c-0?fs=1&hl=ru_RU
Requested by
Host: exes.doka.mefound.com
URL: http://exes.doka.mefound.com/6zY4nE8yK.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/v/1y6smkh6c-0?fs=1&hl=ru_RU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://exes.doka.mefound.com/6zY4nE8yK.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://exes.doka.mefound.com/6zY4nE8yK.html

Response headers

status
200
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ru for more info."
content-encoding
gzip
content-type
application/x-shockwave-flash
cache-control
no-store
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires
Tue, 27 Apr 1971 19:44:06 EST
x-content-type-options
nosniff
content-length
103883
strict-transport-security
max-age=31536000
date
Thu, 11 Oct 2018 20:22:25 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=w8DG1ugs62g; path=/; domain=.youtube.com; expires=Tue, 09-Apr-2019 20:22:25 GMT; httponly YSC=RlEkbIDqMmk; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 12-Jun-2019 08:15:25 GMT VISITOR_INFO1_LIVE=w8DG1ugs62g; path=/; domain=.youtube.com; expires=Tue, 09-Apr-2019 20:22:25 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 11-Oct-2018 20:52:25 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

Location
https://www.youtube.com/v/1y6smkh6c-0?fs=1&hl=ru_RU
Non-Authoritative-Reason
HSTS
0q3OhsU31wc
www.youtube.com/v/ Frame 9F85
Redirect Chain
  • http://www.youtube.com/v/0q3OhsU31wc?fs=1&hl=ru_RU
  • https://www.youtube.com/v/0q3OhsU31wc?fs=1&hl=ru_RU
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/v/0q3OhsU31wc?fs=1&hl=ru_RU
Requested by
Host: exes.doka.mefound.com
URL: http://exes.doka.mefound.com/6zY4nE8yK.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/v/0q3OhsU31wc?fs=1&hl=ru_RU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://exes.doka.mefound.com/6zY4nE8yK.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://exes.doka.mefound.com/6zY4nE8yK.html

Response headers

status
200
content-type
application/x-shockwave-flash
x-content-type-options
nosniff
content-length
89309
cache-control
no-store
expires
Tue, 27 Apr 1971 19:44:06 EST
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ru for more info."
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 11 Oct 2018 20:22:25 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=hzx5d7MLkkk; path=/; domain=.youtube.com; expires=Tue, 09-Apr-2019 20:22:25 GMT; httponly YSC=v_dF-mreMRA; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Thu, 11-Oct-2018 20:52:25 GMT VISITOR_INFO1_LIVE=hzx5d7MLkkk; path=/; domain=.youtube.com; expires=Tue, 09-Apr-2019 20:22:25 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 12-Jun-2019 08:15:25 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

Location
https://www.youtube.com/v/0q3OhsU31wc?fs=1&hl=ru_RU
Non-Authoritative-Reason
HSTS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
https
URL
http://https//fullsite.org/uploads/posts/12-2008/07XOpYqmcLfgxprQ5qpluTlt6PweOC3tLRepiriKZ5hqWUp93Uqp2Y5cO13sjnxta63KOJnnWFrJxj2tl8YKfbj7zeug/buntarka-stick-it-2006-dvdrip-tpekep-3.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
exes.doka.mefound.com/ Name: track
Value: 1539289345.24