urlscan.io logo urlscan.io
SecurityTrails logo

squareblogs.net Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://squareblogs.net/nepalaunt7/send-flowers-to-netherlands-in-christmas-holidays
Submission: On December 02 via manual from LT — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 35 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is squareblogs.net.
TLS certificate: Issued by GTS CA 1P5 on October 24th 2023. Valid for: 3 months.
This is the only time squareblogs.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
squareblogs.net
1    188.40.129.169 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.169.129.40.188.clients.your-server.de
admin.anthemionflowers.com
8    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
8    104.18.117.121 (None, )

ASN13335 (CLOUDFLARENET, US)
static.typepad.com
farwest.typepad.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.rawgit.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
8 typepad.com
static.typepad.com — Cisco Umbrella Rank: 145984
farwest.typepad.com
15 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
3 MB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
55 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 203
32 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
static.doubleclick.net — Cisco Umbrella Rank: 248
1 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
2 KB
2 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 11597
1 KB
2 squareblogs.net
squareblogs.net
4 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
5 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 89
42 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
1 anthemionflowers.com
admin.anthemionflowers.com
407 KB
35 12
Domain Requested by
8 www.youtube.com squareblogs.net
www.youtube.com
7 static.typepad.com squareblogs.net
static.typepad.com
4 jnn-pa.googleapis.com www.youtube.com
3 fonts.gstatic.com www.youtube.com
2 cdn.jsdelivr.net static.typepad.com
2 cdn.rawgit.com 2 redirects
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 squareblogs.net squareblogs.net
1 farwest.typepad.com squareblogs.net
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 admin.anthemionflowers.com squareblogs.net
35 15

This site contains links to these domains. Also see Links.

Domain
anthemionflowers.com
Subject Issuer Validity Valid
squareblogs.net
GTS CA 1P5		 2023-10-24 -
2024-01-22		 3 months crt.sh
admin.anthemionflowers.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-31 -
2024-07-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://squareblogs.net/nepalaunt7/send-flowers-to-netherlands-in-christmas-holidays
Frame ID: 8705CFC71604BDD5CCB36D2952E81149
Requests: 13 HTTP requests in this frame

Frame: https://www.youtube.com/embed/8QY2cNaLgTc
Frame ID: 3D315214DB1C68BA6EEE796F2F773E6A
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Send flowers to Netherlands in Christmas holidays — nepalaunt7

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

35
Requests

91 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

14
IPs

3
Countries

3225 kB
Transfer

4092 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 31
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.min.css HTTP 301
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
Request Chain 32
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.gallery.min.css HTTP 301
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request send-flowers-to-netherlands-in-christmas-holidays
squareblogs.net/nepalaunt7/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://squareblogs.net/nepalaunt7/send-flowers-to-netherlands-in-christmas-holidays
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5366a9684ecc9054be940d8a63615f66696736152201d7c72b1b4b851b2bdab0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82f229a8eb454c46-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 08:22:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAFMMQjLTGcQ3YjNojU%2FAbSbBxVNDma%2FZk9mBIc%2B%2Bm3G14FzPkNWdec79P8v%2BIGfOuNPqyMSZmSQ8I1FUj2%2BbBrKgTqFt6bqVOzLeoZttsCiycKYVy6vcUoObdTisGa8lsynlGcV79m4eC29%2FRs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-served-by
squareblogs.net
styles.css
squareblogs.net/farwest/ 		2 KB
935 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://squareblogs.net/farwest/styles.css?v=6
Requested by
Host: squareblogs.net
URL: https://squareblogs.net/nepalaunt7/send-flowers-to-netherlands-in-christmas-holidays
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a88c9c91a3c4aed81a28ae4517a3dbb2bb6125705850a0dd5fedf4953f6aa38

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://squareblogs.net/nepalaunt7/send-flowers-to-netherlands-in-christmas-holidays
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 05 Aug 2021 09:52:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcG9elGPlwVg6LnNfi3RtwFdYHAPYfdgSpouFOwYS3GbrFV3z8naj2sOvfT3kIpp54CoXjEy%2Fu58cEIKm1qFh3EIGFLohgaazIa1KAy4qyK9%2FiH2ThO285hLbl1SASx2wHATltCvSGCz2%2FuIGMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
82f229a9bc2a4c46-MXP
alt-svc
h3=":443"; ma=86400
x-served-by
squareblogs.net
red-roses-1.jpg
admin.anthemionflowers.com/pub/media/images_2021/ 		407 KB
407 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.anthemionflowers.com/pub/media/images_2021/red-roses-1.jpg
Requested by
Host: squareblogs.net
URL: https://squareblogs.net/nepalaunt7/send-flowers-to-netherlands-in-christmas-holidays
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.129.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.129.40.188.clients.your-server.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
00ef25b7c4dc6c42d980bd2431bf6dc495ce5ab484942d3247cbb880ef565727
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://squareblogs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 08:22:33 GMT
Last-Modified
Mon, 22 Feb 2021 10:14:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"65a6d-5bbea0f99cde6"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
416365
8QY2cNaLgTc
www.youtube.com/embed/ Frame 3D31 		90 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/8QY2cNaLgTc
Requested by
Host: squareblogs.net
URL: https://squareblogs.net/nepalaunt7/send-flowers-to-netherlands-in-christmas-holidays
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b5217065c02b2770c57a0664bcbf396adbd0578f751879947dd15f38d15ee3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squareblogs.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-kcJoJEPkp5vDCTvxaePRew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 08:22:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
base-weblog.css
static.typepad.com/.shared/themes/common/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/themes/common/base-weblog.css
Requested by
Host: squareblogs.net
URL: https://squareblogs.net/farwest/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.117.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eea8d407f0202d9259a6c90073ef4468302bc8849bbc385ae921c740cb52a88

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://squareblogs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
content-type
text/css
cache-control
public
cf-ray
82f229aadc08233d-ZRH
expires
Sun, 01 Dec 2024 08:22:33 GMT
bxslider.css
static.typepad.com/.shared/themes/common/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/themes/common/bxslider.css
Requested by
Host: squareblogs.net
URL: https://squareblogs.net/farwest/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.117.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0f4fa86583a0a58c0563dbc4b4a3c0a098cb8e84eb64944f3f3cf3573eef832

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://squareblogs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
content-type
text/css
cache-control
public
cf-ray
82f229aadc0f233d-ZRH
expires
Sun, 01 Dec 2024 08:22:33 GMT
widgets.css
static.typepad.com/.shared/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/css/widgets.css
Requested by
Host: squareblogs.net
URL: https://squareblogs.net/farwest/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.117.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d38ce5ab2ba14dea397402c77b564e4b5cb4e523737dc80e23ff67b89a53271e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://squareblogs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 31 Oct 2019 22:14:35 GMT
server
cloudflare
content-type
text/css
cache-control
public
cf-ray
82f229aadc17233d-ZRH
expires
Sun, 01 Dec 2024 08:22:33 GMT
recentpostsfancy.css
static.typepad.com/.shared/themes/common/ 		3 KB
741 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/themes/common/recentpostsfancy.css
Requested by
Host: squareblogs.net
URL: https://squareblogs.net/farwest/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.117.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e5463e69299c1f178458aeca09dc49ea7480ef7cb4548e054674c1be4f9389

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://squareblogs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
content-type
text/css
cache-control
public
cf-ray
82f229aadc11233d-ZRH
expires
Sun, 01 Dec 2024 08:22:33 GMT
tipjar.css
static.typepad.com/.shared/themes/common/ 		4 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/themes/common/tipjar.css
Requested by
Host: squareblogs.net
URL: https://squareblogs.net/farwest/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.117.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72d1f8931da5426f1684455f51fc1fba22ae78bc43f647c77924bea68d5d75d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://squareblogs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
content-type
text/css
cache-control
public
cf-ray
82f229aadc15233d-ZRH
expires
Sun, 01 Dec 2024 08:22:33 GMT
screen.css
static.typepad.com/.shared/themes/vox/starlight-orange/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/themes/vox/starlight-orange/screen.css
Requested by
Host: squareblogs.net
URL: https://squareblogs.net/farwest/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.117.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e96518c66e20f81dd6fc51cc4b7366464f76f8548b0d92a3d90b9848c4cbb9db

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://squareblogs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:41 GMT
server
cloudflare
content-type
text/css
cache-control
public
cf-ray
82f229aadc0e233d-ZRH
expires
Sun, 01 Dec 2024 08:22:33 GMT
www-player.css
www.youtube.com/s/player/31e0b6d9/ Frame 3D31 		378 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31e0b6d9/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/8QY2cNaLgTc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 06:35:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
6427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48920
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 03:10:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 01 Dec 2024 06:35:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3D31 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options
nosniff
age
118537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Nov 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3D31 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:01:27 GMT
x-content-type-options
nosniff
age
213666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:01:27 GMT
embed.js
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 3D31 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/8QY2cNaLgTc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 04:32:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
186617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16591
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 03:10:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Nov 2024 04:32:16 GMT
www-embed-player.js
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/ Frame 3D31 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/8QY2cNaLgTc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 07:47:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
2105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98499
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 03:10:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 01 Dec 2024 07:47:28 GMT
base.js
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 3D31 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/8QY2cNaLgTc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 04:32:16 GMT
x-content-type-options
nosniff
age
186617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2469974
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 03:10:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Nov 2024 04:32:16 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 3D31
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H2
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
053774750784516ca58c9e6ee0eb6f6bcb1a73396cf06e5506f9583499a6cf75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 02 Dec 2023 08:22:33 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 3D31 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:08:55 GMT
x-content-type-options
nosniff
age
818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Dec 2023 08:23:55 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 02 Dec 2023 08:22:33 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3D31 		70 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b591689d2cc09a243c2fd8852b6b8a0e86e20eb2f25668c04f01e9ce6ba6488e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 02 Dec 2023 08:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32607
x-xss-protection
0
remote.js
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 3D31 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a80bd413f7dd15ff49d22ce8b5e99be2cea10ad2021f6408949ccf4d0a49191f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/8QY2cNaLgTc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 17:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
54111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33684
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 03:10:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 30 Nov 2024 17:20:42 GMT
Cz7e-VR341EnRw5g1wAl9brpVe2wOP5KsPJPm-1eumg.js
www.google.com/js/th/ Frame 3D31 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Cz7e-VR341EnRw5g1wAl9brpVe2wOP5KsPJPm-1eumg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b3edef95477e35127470e60d70025f5bae955edb038fe4ab0f24f9bed5eba68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
74045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15072
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 11:48:28 GMT
sddefault.webp
i.ytimg.com/vi_webp/8QY2cNaLgTc/ Frame 3D31 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/8QY2cNaLgTc/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bfdbd63a5a226be431f7fe60b74b004f981a26057ac27cfacb2c14eb0a75955
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 06:27:47 GMT
x-content-type-options
nosniff
age
6886
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42794
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 02 Dec 2023 08:27:47 GMT
truncated
/ Frame 3D31 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
VjKKqTMv29qapTVXYTGwCtoo8zRWGVFkJ0GBARNOdrwoXQEQ4t5ymNWpwq-y7Yj5b8JPfoxvmQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 3D31 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/VjKKqTMv29qapTVXYTGwCtoo8zRWGVFkJ0GBARNOdrwoXQEQ4t5ymNWpwq-y7Yj5b8JPfoxvmQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
046a4b5184fa298d1ab8dc950c95382f6d3094026de55167dda9fc469bef3725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 06:27:47 GMT
x-content-type-options
nosniff
age
6886
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4666
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 03 Dec 2023 06:27:47 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 3D31 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 08:22:33 GMT
KFOmCnqEu92Fr1Mu4WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3D31 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4WxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ca415df2c57b1f26947351c66ccfaf99d2f8f01b4b8de019a3ae6f3a9c780c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 16:48:15 GMT
x-content-type-options
nosniff
age
574458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7276
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 16:48:15 GMT
generate_204
www.youtube.com/ Frame 3D31 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?AP3qtg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/8QY2cNaLgTc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/embed/8QY2cNaLgTc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/89/ Frame 3D31 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/89/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14262
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:19:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 02 Dec 2023 19:33:52 GMT
featherlight-gallery.css
static.typepad.com/.shared/css/ 		3 KB
704 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.typepad.com/.shared/css/featherlight-gallery.css
Requested by
Host: static.typepad.com
URL: https://static.typepad.com/.shared/themes/common/base-weblog.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.117.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce32915eab5229db622223aeaecc7bd704160d4d3fde1d8d09b3c05a174b506

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://static.typepad.com/.shared/themes/common/base-weblog.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Apr 2019 19:40:39 GMT
server
cloudflare
content-type
text/css
cache-control
public
cf-ray
82f229aebb3e233d-ZRH
expires
Sun, 01 Dec 2024 08:22:34 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 02 Dec 2023 08:22:34 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3D31 		94 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bace373a2731412da9277406dc2c68884fda5cedb9aba0f782321c3df9f8fed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 02 Dec 2023 08:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114
x-xss-protection
0
featherlight.min.css
cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/
Redirect Chain
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.min.css
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
Requested by
Host: static.typepad.com
URL: https://static.typepad.com/.shared/css/featherlight-gallery.css
Protocol
H2
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://static.typepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
201385
x-jsd-version
1.7.13
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230105-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"74c-qn7jgwM1oqqgU91VxAG6wby5T0s"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jO8XEVPXc7EFEIth3C%2FVxYxiqLcVK9MJBFAwsrQrndHHvEnsYMO6y52jcZf0jbn223RGFN21LIBGCQU6mks4SWMLPJxMvRbPt3fKhwaDyzHfBAIxU6MOqNT0bS0pM2UVQBTmMDBuFJbQbLG4tMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82f229b14811233d-ZRH

Redirect headers

date
Sat, 02 Dec 2023 08:22:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1082
age
83582
x-cache
MISS, HIT
cdn-cachedat
12/02/2023 08:22:34
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
119
x-served-by
cache-fra-etou8220087-FRA, cache-chi-kigq8000069-CHI
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.min.css
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
c84daf8fea1aa741d51ccfe8cb3e5ee3
timing-allow-origin
*
cdn-requestcountrycode
CH
cdn-status
301
cdn-requestpullsuccess
True
featherlight.gallery.min.css
cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/
Redirect Chain
  • https://cdn.rawgit.com/noelboss/featherlight/1.7.13/release/featherlight.gallery.min.css
  • https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
2 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
Requested by
Host: static.typepad.com
URL: https://static.typepad.com/.shared/css/featherlight-gallery.css
Protocol
H2
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
906daba3c69c8916903c60c8be7174649f9294db224ee5388ea29d40faf226b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://static.typepad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 08:22:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
264191
x-jsd-version
1.7.13
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230076-FRA, cache-mxp6949-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"6f6-uWXKx3271iZqaEhqpW3Julyb3c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BRcvM%2BYbvh1Jonc3I5Je6tAh7qOydYqSDWMKtxkPoWU9sdTsIpWNenCdnQH2%2Bas3QtzBjP3VqW1jeuP39tM8H6dlnsGF%2Fxyn9M2n9nWrRpWn8DzlWk%2BdRGYK4kcoGVKeULQf1%2FxZ5HnDfQeddw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82f229b1480f233d-ZRH

Redirect headers

date
Sat, 02 Dec 2023 08:22:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1081
age
8592
x-cache
MISS, HIT
cdn-cachedat
12/02/2023 08:22:34
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
127
x-served-by
cache-fra-eddf8230041-FRA, cache-chi-kigq8000050-CHI
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/noelboss/featherlight@1.7.13/release/featherlight.gallery.min.css
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
b97ac4a512a95910317238609922f1a2
timing-allow-origin
*
cdn-requestcountrycode
CH
cdn-status
301
cdn-requestpullsuccess
True
FARWEST-HEAD-NEW2.jpg
farwest.typepad.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://farwest.typepad.com/FARWEST-HEAD-NEW2.jpg
Requested by
Host: squareblogs.net
URL: https://squareblogs.net/farwest/styles.css?v=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.117.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://squareblogs.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log_event
www.youtube.com/youtubei/v1/ Frame 3D31 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time
1701505356495
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/8QY2cNaLgTc
X-YouTube-Client-Version
1.20231128.01.01
X-YouTube-Time-Zone
Europe/Zurich
X-Goog-Visitor-Id
CgtBWG9hdGY3UmlEQSjJ0qurBjIICgJDSBICGgA%3D
X-YouTube-Ad-Signals
dt=1701505353562&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 02 Dec 2023 08:22:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Sat, 02 Dec 2023 08:22:36 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: kiXiLQhAIVk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: AXoatf7RiDA
.typepad.com/ Name: __cf_bm
Value: 97qG3BAURufuoGlZD5byOnUV4TCdXL.Zpmx8dRhvNWc-1701505354-0-ASTIMSgPBYTzD96sTsRLEo3ErDLfiCFsWaUMG2gvNPVIc3oXP615uAioBCYe1WJsH5gx3H+r+/cVcNPLVp4fYCI=

2 Console Messages

Source Level URL
Text
security warning URL: https://squareblogs.net/nepalaunt7/send-flowers-to-netherlands-in-christmas-holidays
Message:
Mixed Content: The page at 'https://squareblogs.net/nepalaunt7/send-flowers-to-netherlands-in-christmas-holidays' was loaded over HTTPS, but requested an insecure element 'http://farwest.typepad.com/FARWEST-HEAD-NEW2.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://farwest.typepad.com/FARWEST-HEAD-NEW2.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.anthemionflowers.com
cdn.jsdelivr.net
cdn.rawgit.com
farwest.typepad.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
squareblogs.net
static.doubleclick.net
static.typepad.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.18.117.121
188.40.129.169
2400:52e0:1e00::1081:1
2606:4700::6810:5714
2a00:1450:4001:802::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2016
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2006
2a06:98c1:3121::3
00ef25b7c4dc6c42d980bd2431bf6dc495ce5ab484942d3247cbb880ef565727
046a4b5184fa298d1ab8dc950c95382f6d3094026de55167dda9fc469bef3725
053774750784516ca58c9e6ee0eb6f6bcb1a73396cf06e5506f9583499a6cf75
0b3edef95477e35127470e60d70025f5bae955edb038fe4ab0f24f9bed5eba68
2ce32915eab5229db622223aeaecc7bd704160d4d3fde1d8d09b3c05a174b506
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec
45e5463e69299c1f178458aeca09dc49ea7480ef7cb4548e054674c1be4f9389
45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e
4a88c9c91a3c4aed81a28ae4517a3dbb2bb6125705850a0dd5fedf4953f6aa38
4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e
4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd
5366a9684ecc9054be940d8a63615f66696736152201d7c72b1b4b851b2bdab0
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6eea8d407f0202d9259a6c90073ef4468302bc8849bbc385ae921c740cb52a88
7bfdbd63a5a226be431f7fe60b74b004f981a26057ac27cfacb2c14eb0a75955
906daba3c69c8916903c60c8be7174649f9294db224ee5388ea29d40faf226b9
9b5217065c02b2770c57a0664bcbf396adbd0578f751879947dd15f38d15ee3c
9ca415df2c57b1f26947351c66ccfaf99d2f8f01b4b8de019a3ae6f3a9c780c7
a0f4fa86583a0a58c0563dbc4b4a3c0a098cb8e84eb64944f3f3cf3573eef832
a80bd413f7dd15ff49d22ce8b5e99be2cea10ad2021f6408949ccf4d0a49191f
b591689d2cc09a243c2fd8852b6b8a0e86e20eb2f25668c04f01e9ce6ba6488e
bace373a2731412da9277406dc2c68884fda5cedb9aba0f782321c3df9f8fed1
bc462b8920124b34fffa9f466debcfb0e097317ed6b76b73a547ad39c374fe34
c72d1f8931da5426f1684455f51fc1fba22ae78bc43f647c77924bea68d5d75d
d38ce5ab2ba14dea397402c77b564e4b5cb4e523737dc80e23ff67b89a53271e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e96518c66e20f81dd6fc51cc4b7366464f76f8548b0d92a3d90b9848c4cbb9db
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9