urlscan.io logo urlscan.io
SecurityTrails logo

blogfreely.net Open in urlscan Pro
2606:4700:3034::6815:3253  Public Scan

Go To Rescan Add Verdict Report
URL: https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Submission: On January 12 via manual from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3034::6815:3253, located in United States and belongs to CLOUDFLARENET, US. The main domain is blogfreely.net. The Cisco Umbrella rank of the primary domain is 516795.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 29th 2021. Valid for: a year.
This is the only time blogfreely.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2606:4700:3034::6815:3253 (United States)

ASN13335 (CLOUDFLARENET, US)
blogfreely.net
1    209.182.193.32 (United States)

ASN22611 (INMOTION, US)
PTR: server.napervillewebsites.com
www.roofingbyhernandez.com
1    34.197.240.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: cp.providersite.net
www.chicagoroofingsolution.com
1    2606:4700:3034::6815:3058 (United States)

ASN13335 (CLOUDFLARENET, US)
acaroofing.com
1    2606:4700:3037::ac43:83f4 (United States)

ASN13335 (CLOUDFLARENET, US)
peterroofrepairnj.com
9    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4019:802::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
722 KB
6 blogfreely.net
blogfreely.net — Cisco Umbrella Rank: 516795
151 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
static.doubleclick.net — Cisco Umbrella Rank: 341
1 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
32 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 112
35 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 224
5 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 8
14 KB
1 peterroofrepairnj.com
peterroofrepairnj.com
115 KB
1 acaroofing.com
acaroofing.com
1 chicagoroofingsolution.com
www.chicagoroofingsolution.com
25 KB
1 roofingbyhernandez.com
www.roofingbyhernandez.com
172 KB
27 11
Domain Requested by
9 www.youtube.com blogfreely.net
www.youtube.com
6 blogfreely.net blogfreely.net
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects blogfreely.net
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 peterroofrepairnj.com blogfreely.net
1 acaroofing.com blogfreely.net
1 www.chicagoroofingsolution.com blogfreely.net
1 www.roofingbyhernandez.com blogfreely.net
27 13

This site contains links to these domains. Also see Links.

Domain
drinkmath18.werite.net
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-29 -
2022-08-28		 a year crt.sh
roofingbyhernandez.com
cPanel, Inc. Certification Authority		 2022-01-05 -
2022-04-05		 3 months crt.sh
www.chicagoroofingsolution.com
R3		 2021-11-05 -
2022-02-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Frame ID: 6D819650B25AAE51B7046EE27B873BDB
Requests: 10 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5muLY6gy9BY
Frame ID: 28AACA4279457C27F4634F188D16152E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Indicators on NIR Roof Care, Inc- Chicago & Chicagoland Commercial You Should Know — orchidthrill23

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

27
Requests

96 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

14
IPs

3
Countries

1272 kB
Transfer

3295 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
blogfreely.net/orchidthrill23/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d6666b3ce8e9e98676758bb23e45b912217ec4a7e2489ce1b2b2922136aa5a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9

Response headers

date
Wed, 12 Jan 2022 07:04:02 GMT
content-type
text/html; charset=utf-8
x-served-by
blogfreely.net
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CrfiBuJZhgozflI%2FXeOiqiKdejPzzaJaPEs%2Fv6sCu6NV5p%2BZfXi847WmdO7XrZPCqXLTcMGVAGTydbN4RIBUx9VselL6aH9%2F9FiOyzVixIcdr%2FxfcP2cetXtfbTLFtEU%2B4UxBMW1xJsKfGx2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cc487459c2f0e06-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
write.css
blogfreely.net/css/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogfreely.net/css/write.css
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19194360f69da1a7c5fe2e5e79f5452b3b8cbff371e3a08e95344b3c6aee258a

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Jan 2019 11:31:45 GMT
server
cloudflare
age
731
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFN1QBTQ%2F1%2FUfWro0JkdW0bPjytzwBg3TJMcT8vslsmlcKNB%2B3H4HRPClD0BC5AqDijcCD0KRZSlfPKaHAVoPPEbHbl7utrOs3qdyuDBxU44TAod6u%2FUZBiV07bOVZF3icaR5Ih9Ygm%2FZ0fZ8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cc487467d1c0e06-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
blogfreely.net
Photo-Jul-14-2-02-11-PM-1.png
www.roofingbyhernandez.com/wp-content/uploads/2016/11/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.roofingbyhernandez.com/wp-content/uploads/2016/11/Photo-Jul-14-2-02-11-PM-1.png
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.193.32 , United States, ASN22611 (INMOTION, US),
Reverse DNS
server.napervillewebsites.com
Software
Apache /
Resource Hash
311efefd7e0f9a5c534ca78808ba891c66f26f32479c74385c54a213e2ee72c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://blogfreely.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 12 Jan 2022 07:04:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Thu, 24 Oct 2019 01:49:46 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=10368000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
175648
X-XSS-Protection
1; mode=block
Expires
Thu, 12 May 2022 07:04:03 GMT
8.jpg
www.chicagoroofingsolution.com/wp-content/uploads/2016/04/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chicagoroofingsolution.com/wp-content/uploads/2016/04/8.jpg
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.197.240.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
cp.providersite.net
Software
Apache /
Resource Hash
f9be4caaa51bf461c650f6cdc20d77bef98ec5c1a8f1eddfe7a842afdfe52369

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://blogfreely.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:02 GMT
last-modified
Sun, 12 Mar 2017 07:00:00 GMT
server
Apache
accept-ranges
bytes
content-length
25520
content-type
image/jpeg
roofing-2.jpg
acaroofing.com/wp-content/uploads/2018/02/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acaroofing.com/wp-content/uploads/2018/02/roofing-2.jpg
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://blogfreely.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
14991166_791095304363481_5471288892509217390_o-1024x610.jpg
peterroofrepairnj.com/wp-content/uploads/2018/03/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://peterroofrepairnj.com/wp-content/uploads/2018/03/14991166_791095304363481_5471288892509217390_o-1024x610.jpg
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:83f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d394dba0e2ac7fd63e1ed889ea165ccd5d40d55bfdf7b9aa530d893c7a3f9847

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://blogfreely.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info
DT:1
host-header
8441280b0c35cbc1147f8ba998a563a7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
117330
last-modified
Tue, 26 Oct 2021 18:56:27 GMT
server
cloudflare
etag
"61784f5b-1ca52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BDwNJ6ofOuK0636dkfBZIM3EA8eE908R4WNMR71ZLtcZ00asVUIWWS0RglClqSfRZA%2FH%2BBUhl9Mfq49cnDr3viGBv%2FpIbkhe7j6Jde0DB1vahGqA3e%2FCoJX9TbTQuPjci1tOF%2BkPvcjDoYnDHUePlLqfyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6cc48746fa6459fb-MXP
expires
Thu, 12 Jan 2023 07:04:02 GMT
5muLY6gy9BY
www.youtube.com/embed/ Frame 28AA 		59 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/5muLY6gy9BY
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e61f0fcd1ca6fb684fea4433e708912c64205957d7bc1755acb668eea7c34798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
it-IT,it;q=0.9
Referer
https://blogfreely.net/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 12 Jan 2022 07:04:02 GMT
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
webfont.js
blogfreely.net/js/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blogfreely.net/js/webfont.js
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Jan 2019 10:57:28 GMT
server
cloudflare
age
731
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2hrZFtiszu%2Ft8u2LdRkVd42qNJgujIn%2By3PcDgVQ4jApAggVLRNQO7gBouChwOoRrjlgSCLYtC%2FKb7gkHsIVEqyoFD4cvxUnEyM68AcIigiQ9XwpIx2wSEThCZ0bCrhQbzoF1METyxRUJtJoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cc48746edb90e16-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
blogfreely.net
fonts.css
blogfreely.net/css/ 		2 KB
957 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blogfreely.net/css/fonts.css
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/js/webfont.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1119cb35793ecd895e0cd5f1a2894fa14994c703412a9b5c8c229abcdd1ffb8

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Jan 2019 11:31:45 GMT
server
cloudflare
age
731
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjNo9HeshIWFsuh6VFPl%2FDx3qbEAXvORYHxamODRyP%2B9ttEznp5p2j%2Bto2eViUWzYWP3rMMhdT9AFdWpiiexM9alzGRXZVODWDfxPaPrPcagtaAGJ0WTrXGHVqcpLRa05UjXK4eE1smTZJoeHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cc487471e2c0e16-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
blogfreely.net
Lora-Regular.woff2
blogfreely.net/fonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blogfreely.net/fonts/Lora-Regular.woff2
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26ee6f80607aa285386fc2132073fda3639fddfb3c139d7e92490de306d2b8d1

Request headers

Referer
https://blogfreely.net/css/fonts.css
Origin
https://blogfreely.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
731
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
63668
x-served-by
blogfreely.net
last-modified
Tue, 15 Jan 2019 10:57:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kc%2Bnf9soY7SkSJpS35ZNfW3oYOfkzRafuOX1QRVvKHsLXHyC%2B1uFXoaEUa7Tt%2BQtEdbxTUPsmUz0%2BdeaDqLzKD%2B4U9dkXgw%2FLm1BQH7uYl5QWDT8%2BctTSG0WcagfW4knO38ZqljNkit233pI%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cc487474e5b0e16-MXP
Lora-Bold.woff2
blogfreely.net/fonts/ 		67 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blogfreely.net/fonts/Lora-Bold.woff2
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/css/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad84fd548b01f6f96d44b6254b68a247e5d12800b5284c72a5310d05746ee5

Request headers

Referer
https://blogfreely.net/css/fonts.css
Origin
https://blogfreely.net
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
731
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
68656
x-served-by
blogfreely.net
last-modified
Tue, 15 Jan 2019 10:57:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqq67Fy4kx75l2hESqDhgi39OyISSKBXu64QmtWPxvFZ%2B0Fz3vFBNZrzGbD2GqO4DV%2BQVPIKGkkL8%2BNjJY%2FS0ScQE2tz1fbs4ikQu6w%2BLt5Nv0OYgINFIQ%2B%2FnNuj%2BicHjB26CcVHWWDvX7LmWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cc487475e6a0e16-MXP
www-player-webp.css
www.youtube.com/s/player/f93a7034/ Frame 28AA 		339 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f93a7034/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5muLY6gy9BY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1afd161f225dbcc0dff0b62e1bc5dfd2c4fca43859894e382b9859e5d24f4752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/5muLY6gy9BY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 16:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
137710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47512
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 01:13:45 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 10 Jan 2023 16:48:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 28AA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5muLY6gy9BY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 11:18:05 GMT
x-content-type-options
nosniff
age
71157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Jan 2023 11:18:05 GMT
www-embed-player.js
www.youtube.com/s/player/f93a7034/www-embed-player.vflset/ Frame 28AA 		249 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f93a7034/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5muLY6gy9BY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54a52338fcc47bcd79acc27ee10591995e186f38d2a7ed74300444594c9103ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/5muLY6gy9BY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 00:59:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
21843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81671
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 01:13:45 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 12 Jan 2023 00:59:59 GMT
base.js
www.youtube.com/s/player/f93a7034/player_ias.vflset/it_IT/ Frame 28AA 		2 MB
531 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f93a7034/player_ias.vflset/it_IT/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5muLY6gy9BY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff57921d7e50a2f7bb6a0f1f045ea473e0f730f06a04c4a6f516fd810a076d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/5muLY6gy9BY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
137185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
543634
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 01:13:45 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 10 Jan 2023 16:57:37 GMT
fetch-polyfill.js
www.youtube.com/s/player/f93a7034/fetch-polyfill.vflset/ Frame 28AA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f93a7034/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5muLY6gy9BY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/5muLY6gy9BY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 22:00:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
32642
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 01:13:45 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 11 Jan 2023 22:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 28AA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: blogfreely.net
URL: https://blogfreely.net/orchidthrill23/indicators-on-nir-roof-care-inc-chicago-and-chicagoland-commercial-you-should
Protocol
H3
Server
2a00:1450:4019:802::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dcb6a7d0939ead2862132de4b9e4b3f6ded44f315e28a44b0930330462d2b03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 12 Jan 2022 07:04:03 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 28AA 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f93a7034/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 06:57:14 GMT
x-content-type-options
nosniff
age
408
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Jan 2022 07:12:14 GMT
remote.js
www.youtube.com/s/player/f93a7034/player_ias.vflset/it_IT/ Frame 28AA 		94 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f93a7034/player_ias.vflset/it_IT/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f93a7034/player_ias.vflset/it_IT/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17640e0745a5d2d5ae60b6d38c492ec5d998e16b56c80e54ee431393021c557b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/5muLY6gy9BY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 17:43:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
134410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29798
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 01:13:45 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 10 Jan 2023 17:43:52 GMT
iK-9bLNKlZxFTMEfw0t4-YbphAZM8Rh5iYoIV-fnsXQ.js
www.google.com/js/th/ Frame 28AA 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/iK-9bLNKlZxFTMEfw0t4-YbphAZM8Rh5iYoIV-fnsXQ.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f93a7034/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88afbd6cb34a959c454cc11fc34b78f986e984064cf11879898a0857e7e7b174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 06:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
3157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13425
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Jan 2023 06:11:25 GMT
embed.js
www.youtube.com/s/player/f93a7034/player_ias.vflset/it_IT/ Frame 28AA 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f93a7034/player_ias.vflset/it_IT/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f93a7034/player_ias.vflset/it_IT/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d71d742284bd6cd687e33204c813732e5ac2c0266630309a2b1b2a1ca761141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/5muLY6gy9BY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 16:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
137185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7616
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 01:13:45 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 10 Jan 2023 16:57:37 GMT
truncated
/ Frame 28AA 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AKedOLRnlYHruh7SRGXaHodxg6F_QzNz807fal1wPJ7g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 28AA 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLRnlYHruh7SRGXaHodxg6F_QzNz807fal1wPJ7g=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5muLY6gy9BY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6233a13e4ae1c5ac79829a74c8587a5479b2a08e6740020d0c9ce227e1a4a126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v3c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4274
x-xss-protection
0
expires
Thu, 13 Jan 2022 07:04:02 GMT
sddefault.webp
i.ytimg.com/vi_webp/5muLY6gy9BY/ Frame 28AA 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/5muLY6gy9BY/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5muLY6gy9BY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd877d3a1328040255c41bf7c4233404c52bb20b5ce51666f5d7557681c9eb7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 06:51:52 GMT
x-content-type-options
nosniff
age
730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35584
x-xss-protection
0
server
sffe
etag
"1628023474"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 12 Jan 2022 08:51:52 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 28AA 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f93a7034/player_ias.vflset/it_IT/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 12 Jan 2022 07:04:02 GMT
generate_204
www.youtube.com/ Frame 28AA 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?Vp-2lQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/5muLY6gy9BY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/embed/5muLY6gy9BY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 07:04:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/89/ Frame 28AA 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/89/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 16:02:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14262
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:19:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Wed, 12 Jan 2022 16:02:47 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 28AA 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f93a7034/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/5muLY6gy9BY
X-YouTube-Client-Version
1.20220109.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtWOUVFQlVQdC1SNCji-vmOBg%3D%3D
X-YouTube-Ad-Signals
dt=1641971042630&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 12 Jan 2022 07:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 12 Jan 2022 07:04:05 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange boolean| pinning function| unpinPost object| WebFontConfig object| WebFont

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 0x8tcYYG39I
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: V9EEBUPt-R4

1 Console Messages

Source Level URL
Text
network error URL: https://acaroofing.com/wp-content/uploads/2018/02/roofing-2.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acaroofing.com
blogfreely.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
peterroofrepairnj.com
static.doubleclick.net
www.chicagoroofingsolution.com
www.google.com
www.gstatic.com
www.roofingbyhernandez.com
www.youtube.com
yt3.ggpht.com
209.182.193.32
2606:4700:3034::6815:3058
2606:4700:3034::6815:3253
2606:4700:3037::ac43:83f4
2a00:1450:4001:802::2004
2a00:1450:4001:803::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2016
2a00:1450:4001:830::2006
2a00:1450:4019:802::2002
34.197.240.17
17640e0745a5d2d5ae60b6d38c492ec5d998e16b56c80e54ee431393021c557b
19194360f69da1a7c5fe2e5e79f5452b3b8cbff371e3a08e95344b3c6aee258a
1afd161f225dbcc0dff0b62e1bc5dfd2c4fca43859894e382b9859e5d24f4752
1dcb6a7d0939ead2862132de4b9e4b3f6ded44f315e28a44b0930330462d2b03
26ee6f80607aa285386fc2132073fda3639fddfb3c139d7e92490de306d2b8d1
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
311efefd7e0f9a5c534ca78808ba891c66f26f32479c74385c54a213e2ee72c3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
54a52338fcc47bcd79acc27ee10591995e186f38d2a7ed74300444594c9103ed
5aad84fd548b01f6f96d44b6254b68a247e5d12800b5284c72a5310d05746ee5
5d71d742284bd6cd687e33204c813732e5ac2c0266630309a2b1b2a1ca761141
6233a13e4ae1c5ac79829a74c8587a5479b2a08e6740020d0c9ce227e1a4a126
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ff57921d7e50a2f7bb6a0f1f045ea473e0f730f06a04c4a6f516fd810a076d4
88afbd6cb34a959c454cc11fc34b78f986e984064cf11879898a0857e7e7b174
9d6666b3ce8e9e98676758bb23e45b912217ec4a7e2489ce1b2b2922136aa5a9
b1119cb35793ecd895e0cd5f1a2894fa14994c703412a9b5c8c229abcdd1ffb8
d394dba0e2ac7fd63e1ed889ea165ccd5d40d55bfdf7b9aa530d893c7a3f9847
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61f0fcd1ca6fb684fea4433e708912c64205957d7bc1755acb668eea7c34798
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f9be4caaa51bf461c650f6cdc20d77bef98ec5c1a8f1eddfe7a842afdfe52369
fd877d3a1328040255c41bf7c4233404c52bb20b5ce51666f5d7557681c9eb7f