www.safen2.co.za Open in urlscan Pro
154.0.160.107 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.safen2.co.za/
Submission: On September 20 via automatic, source certstream-suspicious (September 20th 2021, 3:58:13 pm UTC) — Scanned from DE

Summary HTTP 52 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 12 domains to perform 52 HTTP transactions. The main IP is 154.0.160.107, located in South Africa and belongs to Afrihost, ZA. The main domain is www.safen2.co.za.
TLS certificate: Issued by R3 on September 20th 2021. Valid for: 3 months.

This is the only time www.safen2.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	154.0.160.107 154.0.160.107	37611 (Afrihost) (Afrihost)
1	192.229.133.221 192.229.133.221	15133 (EDGECAST) (EDGECAST)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
3	172.67.214.69 172.67.214.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
13	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
2	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
3	173.194.188.72 173.194.188.72	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
8	74.125.162.8 74.125.162.8	15169 (GOOGLE) (GOOGLE)
1	142.250.186.86 142.250.186.86	15169 (GOOGLE) (GOOGLE)
2	173.194.150.233 173.194.150.233	() ()
52	18

7 154.0.160.107 (South Africa)

ASN37611 (Afrihost, ZA)
PTR: host12.axxesslocal.co.za

www.safen2.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.133.221 (United States)

ASN15133 (EDGECAST, US)

www.w3schools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.214.69 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.188.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s32-in-f8.1e100.net

r3---sn-4g5ednsl.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.162.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s16-in-f8.1e100.net

r3---sn-4g5lzned.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.86 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.150.233 (None, )

ASN- ()

r3---sn-2gb7sn7s.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googlevideo.com r3---sn-4g5ednsl.googlevideo.com r3---sn-4g5lzned.googlevideo.com r3---sn-2gb7sn7s.googlevideo.com	970 KB
13	youtube.com www.youtube.com	709 KB
7	safen2.co.za www.safen2.co.za	2 MB
4	gstatic.com fonts.gstatic.com www.gstatic.com	54 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
3	fontawesome.com use.fontawesome.com	106 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	32 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	32 KB
1	ytimg.com i.ytimg.com	13 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	google.com www.google.com	14 KB
1	w3schools.com www.w3schools.com	5 KB
52	12

	Domain	Requested by
13	www.youtube.com	www.safen2.co.za www.youtube.com
8	r3---sn-4g5lzned.googlevideo.com	www.youtube.com
7	www.safen2.co.za	www.safen2.co.za
3	r3---sn-4g5ednsl.googlevideo.com	www.youtube.com
3	use.fontawesome.com	www.safen2.co.za use.fontawesome.com
2	r3---sn-2gb7sn7s.googlevideo.com	www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	maxcdn.bootstrapcdn.com	www.safen2.co.za
1	i.ytimg.com	www.safen2.co.za
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	ajax.googleapis.com	www.safen2.co.za
1	fonts.googleapis.com	www.safen2.co.za
1	www.w3schools.com	www.safen2.co.za
52	17

This site contains links to these domains. Also see Links.

Domain
safen2.co.za

Subject Issuer	Validity	Valid
www.safen2.co.za R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
*.w3schools.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-27` - `2022-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-17` - `2021-10-26`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.safen2.co.za/
Frame ID: F65A38AE5DA83567D819BA2582573C9F
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
Frame ID: 4AE3C7781DF88B990274918C201428CC
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Safe N2

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

52
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

18
IPs

3
Countries

3780 kB
Transfer

5985 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://safen2.co.za/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

52 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.safen2.co.za/ 11 KB
12 KB 1083ms
371ms Document
text/html 154.0.160.107
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safen2.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.0.160.107 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS: host12.axxesslocal.co.za
Software: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips / PHP/7.2.28
Resource Hash: 5269a4e27286754332aec877cf8ed4ab4cc13edcfc9351f203b080638793bfaf

Request headers

Host: www.safen2.co.za
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 20 Sep 2021 15:58:06 GMT
Server: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.2.28
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=4fb2f15eb85d23c515e432ab3bac1d0e; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 w3.css
www.w3schools.com/w3css/4/ 23 KB
5 KB 53ms
7ms Stylesheet
text/css 192.229.133.221
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.w3schools.com/w3css/4/w3.css

Requested by

Host: www.safen2.co.za
URL: https://www.safen2.co.za/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.221 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) / ASP.NET

Resource Hash

c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding: gzip
etag: "0f1e901aaed71:0"
last-modified: Mon, 20 Sep 2021 12:25:14 GMT
server: ECS (frb/6796)
age: 11063
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=14400,public
date: Mon, 20 Sep 2021 15:58:07 GMT
accept-ranges: bytes
content-length: 5258
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1004 B 61ms
23ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: www.safen2.co.za
URL: https://www.safen2.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

f2961ef025e9598bbc17229d642d373a9eb7feaa927ac1149a1bfc546d31caed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 15:24:03 GMT
server: ESF
date: Mon, 20 Sep 2021 15:58:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Sep 2021 15:58:07 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.13.0/css/ 57 KB
13 KB 58ms
23ms Stylesheet
text/css 172.67.214.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Requested by: Host: www.safen2.co.za
URL: https://www.safen2.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6551416
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: ZKG6DB8JZEEHGZB3
x-amz-id-2: Z7I1xCnT+Sbk2+iqaBk81zFVwJqzfZCwUkf5IyTUgeqgVbQJ0pzm4/cZpC4B86OpH0zUWMTnbDo=
last-modified: Wed, 30 Jun 2021 15:38:38 GMT
server: cloudflare
etag: W/"76cb46c10b6c0293433b371bae2414b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEebEW9CXA7DeZOuL5V0HnO3G92z7kZqxcBaDOLPMOOrBKWv5n%2Bi0o4KLIW%2B00ESrsR0zZYOrx89nfJ2IHLrKiUOQ065Ab0DM2FGt9jpHwC8KsvOHnzECrPDykL3bGbvZ6Zgl7sQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 691c40df6b7e278c-PRG

GET
H/1.1 404
Not Found style.css
www.safen2.co.za/ 0
0 189ms
188ms Stylesheet
text/html 154.0.160.107
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL: https://www.safen2.co.za/style.css
Requested by: Host: www.safen2.co.za
URL: https://www.safen2.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.0.160.107 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS: host12.axxesslocal.co.za
Software: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.safen2.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.safen2.co.za/
Cookie: PHPSESSID=4fb2f15eb85d23c515e432ab3bac1d0e
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 15:58:06 GMT
Server: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 207
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
21 KB 42ms
24ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: www.safen2.co.za
URL: https://www.safen2.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 15705948
cdn-cachedat: 2021-03-11 11:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5cb63f9f95ecf095082c5daadbee8506
cf-ray: 691c40df48a768ef-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 51ms
15ms Script
text/javascript 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.safen2.co.za
URL: https://www.safen2.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 14:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sun, 18 Sep 2022 14:01:43 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
11 KB 45ms
27ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: www.safen2.co.za
URL: https://www.safen2.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 15705494
cdn-cachedat: 2021-03-11 11:58:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: be000bfdd4f127260b29957f966b0f38
cf-ray: 691c40df48aa68ef-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK sfp_logo.png
www.safen2.co.za/img/ 48 KB
48 KB 191ms
191ms Image
image/png 154.0.160.107
Afrihost

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safen2.co.za/img/sfp_logo.png
Requested by: Host: www.safen2.co.za
URL: https://www.safen2.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.0.160.107 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS: host12.axxesslocal.co.za
Software: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 733488b7d99dbc6f65739172bbcff720f8ccb3cc8b485a3179c8f32c304adb49

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.safen2.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.safen2.co.za/
Cookie: PHPSESSID=4fb2f15eb85d23c515e432ab3bac1d0e
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 15:58:06 GMT
Last-Modified: Thu, 16 Sep 2021 12:59:24 GMT
Server: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag: "bf14-5cc1c625083e8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 48916

GET
H/1.1 200
OK sfp_logo_white.png
www.safen2.co.za/img/ 288 KB
289 KB 187ms
187ms Image
image/png 154.0.160.107
Afrihost

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safen2.co.za/img/sfp_logo_white.png
Requested by: Host: www.safen2.co.za
URL: https://www.safen2.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.0.160.107 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS: host12.axxesslocal.co.za
Software: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: ac312f622930f222ea25915848bd0349f415c69f2acc2d0c9200e8bfdefb136e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.safen2.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.safen2.co.za/
Cookie: PHPSESSID=4fb2f15eb85d23c515e432ab3bac1d0e
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 15:58:06 GMT
Last-Modified: Thu, 16 Sep 2021 12:59:29 GMT
Server: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag: "4812e-5cc1c62a308e8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 295214

GET
H/1.1 200
OK tsfp_soteria.png
www.safen2.co.za/img/ 168 KB
169 KB 554ms
189ms Image
image/png 154.0.160.107
Afrihost

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safen2.co.za/img/tsfp_soteria.png
Requested by: Host: www.safen2.co.za
URL: https://www.safen2.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.0.160.107 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS: host12.axxesslocal.co.za
Software: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 1e3cc30bbc4f42feee09e027dde594be72eb2feeec8aab321c91e2f89f7ca27c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.safen2.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.safen2.co.za/
Cookie: PHPSESSID=4fb2f15eb85d23c515e432ab3bac1d0e
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 15:58:07 GMT
Last-Modified: Thu, 16 Sep 2021 12:59:38 GMT
Server: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag: "2a169-5cc1c63284260"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 172393

GET
H/1.1 200
OK sis_banner.jpg
www.safen2.co.za/img/ 1021 KB
1021 KB 558ms
189ms Image
image/jpeg 154.0.160.107
Afrihost

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safen2.co.za/img/sis_banner.jpg
Requested by: Host: www.safen2.co.za
URL: https://www.safen2.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.0.160.107 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS: host12.axxesslocal.co.za
Software: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 550214f7b02c4461dfbb08dc321a2f487f21e70cd9ea3f135184bd25c75395ea

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.safen2.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.safen2.co.za/
Cookie: PHPSESSID=4fb2f15eb85d23c515e432ab3bac1d0e
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 15:58:07 GMT
Last-Modified: Thu, 16 Sep 2021 12:59:31 GMT
Server: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag: "ff3d5-5cc1c62bc3250"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1045461

GET
H2 200 IxFcVEghujs Show response
www.youtube.com/embed/ Frame 4AE3 56 KB
25 KB 127ms
85ms Document
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/IxFcVEghujs?autoplay=1

Requested by

Host: www.safen2.co.za
URL: https://www.safen2.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

30057034d95f07344c0c2b4c481b04ba2fb9d8859805b18fb48e41f187b53418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/IxFcVEghujs?autoplay=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.safen2.co.za/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Sep 2021 15:58:07 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=t5mnJKnT63s; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=JjslFEhScXU; Domain=.youtube.com; Expires=Sat, 19-Mar-2022 15:58:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Traffic2dark.jpg
www.safen2.co.za/img/ 303 KB
304 KB 555ms
188ms Image
image/jpeg 154.0.160.107
Afrihost

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.safen2.co.za/img/Traffic2dark.jpg
Requested by: Host: www.safen2.co.za
URL: https://www.safen2.co.za/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 154.0.160.107 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS: host12.axxesslocal.co.za
Software: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash: 576e3e1b3a9f63f06af6ab002bc5d6f096db454b1c1024ca7790b12da8333247

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.safen2.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.safen2.co.za/
Cookie: PHPSESSID=4fb2f15eb85d23c515e432ab3bac1d0e
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.safen2.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 15:58:07 GMT
Last-Modified: Thu, 16 Sep 2021 12:59:32 GMT
Server: Apache/2.4.39 (Unix) OpenSSL/1.0.2k-fips
ETag: "4bd59-5cc1c62ccc480"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 310617

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 78 KB
78 KB 157ms
138ms Font
font/woff2 172.67.214.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Origin: https://www.safen2.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:07 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 09X4D7Q3Q6W2H5TV
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 79444
x-amz-id-2: lVEuNV7bX4sRP8LycJlo+3PL1icTMQoYEqkoxupOiMFtEghIUsU3YlgSXUU/rqzAcE/fOdyGAcg=
last-modified: Wed, 30 Jun 2021 15:39:01 GMT
server: cloudflare
etag: "b15db15f746f29ffa02638cb455b8ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JC0w8aTj8VqfEedCGHoAYiZFJuSK%2BT2kE1JIwyoG7iRMs9hOm%2F9%2BbG0etEKaFam%2F9NpcHvjBtFdFIF99dxVK3PxRWoBRCFYDMr1ZrTB9edCkAMbIbH5uwTPbapLscxJguij7zcKr"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 691c40e09b0a4126-PRG

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v22/ 21 KB
21 KB 28ms
7ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.safen2.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 14:59:01 GMT
x-content-type-options: nosniff
age: 3546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21028
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 14:59:01 GMT

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 13 KB
14 KB 280ms
262ms Font
font/woff2 172.67.214.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Origin: https://www.safen2.co.za
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:07 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 09X8DTFN07W3V341
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13584
x-amz-id-2: sNYHGloYr41SVbQhd9p1CjF6bLWNKrpE0mF+cLGkw2Yeue+bRXHbYKnqtlitVS/dZAusZTHPE/g=
last-modified: Wed, 30 Jun 2021 15:39:01 GMT
server: cloudflare
etag: "c20b5b7362d8d7bb7eddf94344ace33e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32YLxcl4%2FNW98x5QQ8gkTYIVrM2xi7yyoD5Q%2F1cpCRONHZxxSASqbaDAWfu1FAjoa4J0WgDFJhRc4lvTActMf4rZJLCythKz1W1HvXISP6Gn4yw%2BooFoQfheoQ6QabkroR1Ju8D0"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 691c40e09b0b4126-PRG

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/d7a19ed1/ Frame 4AE3 329 KB
45 KB 52ms
18ms Stylesheet
text/css 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 04:24:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46352
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 04:24:12 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/ Frame 4AE3 201 KB
66 KB 68ms
35ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 319574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67291
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:11:53 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 4AE3 2 MB
505 KB 76ms
43ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 319587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516948
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:11:40 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d7a19ed1/fetch-polyfill.vflset/ Frame 4AE3 8 KB
3 KB 50ms
17ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 17:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79375
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 19 Sep 2022 17:55:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4AE3 15 KB
15 KB 35ms
13ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 590394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 19:58:13 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4AE3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

29ms
15ms

XHR
application/json

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a85d8b163456d7f371e2b4a2abd4653ddf391f507568e11afad91f0d2710ac5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 20 Sep 2021 15:58:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4AE3 29 B
422 B 28ms
6ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:57:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 9
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Mon, 20 Sep 2021 16:12:58 GMT

GET
H2 200 yw_eCSGMjhPjDv0AeozivP1osuGalgpkOu_Nl1-Qc2c.js Show response
www.google.com/js/th/ Frame 4AE3 35 KB
14 KB 31ms
7ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/yw_eCSGMjhPjDv0AeozivP1osuGalgpkOu_Nl1-Qc2c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

sffe /

Resource Hash

cb0fde09218c8e13e30efd007a8ce2bcfd68b2e19a960a643aefcd975f907367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 17:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13377
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 13:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 18 Sep 2022 17:11:12 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 4AE3 24 KB
7 KB 17ms
16ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 319574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7340
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:11:53 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 4AE3 49 KB
17 KB 113ms
113ms XHR
application/json 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

3e30e0f6925013e7ae1a6c4fc59be060573773ef3d37b3892b333a9479f1d1d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210915.1.2
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Goog-Visitor-Id: CgtKanNsRkVoU2NYVSiP36KKBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 20 Sep 2021 15:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17464
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4AE3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLT9J7AUAmzxvC3zB4hTcwdLJRUy47-88rewdtDT=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4AE3 3 KB
3 KB 378ms
356ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT9J7AUAmzxvC3zB4hTcwdLJRUy47-88rewdtDT=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

9e44ecc301fd6f08b8f6e48a451756b66effdf5ea7022cb8bbb67f12d41e7496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
x-content-type-options: nosniff
server: fife
etag: "vb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2727
x-xss-protection: 0
expires: Tue, 21 Sep 2021 15:58:08 GMT

GET
DATA 200
OK truncated
/ Frame 4AE3 391 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88cd304193a0d8e13f5211a8ae1e774c25536668971e11f2ada9023235ac5482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
www.youtube.com/ Frame 4AE3 0
9 B 17ms
16ms Image
text/plain 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?DDj5HA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 4AE3 0
19 B 25ms
25ms Ping
text/html 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=251&cpn=6T83-JIQGk-g24_D&ei=j69IYcLtM5yp1wLu6KvIAw&el=embedded&docid=IxFcVEghujs&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24096481%2C24101842&cl=397162147&seq=1&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20210915.1.2&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.006:B,0.163:B,0.163:B&cmt=0.006:0.000,0.163:0.000&ctmp=cc:t.152;useVodTrack&afs=0.163:251::i&vfs=0.163:134:136::r&view=0.163:1568:900&bwe=0.163:130000&bat=0.163:1:1&vis=0.163:0&bh=0.163:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 20 Sep 2021 15:58:07 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r3---sn-4g5ednsl.googlevideo.com/ Frame 4AE3 1 KB
2 KB 67ms
8ms XHR
text/plain 173.194.188.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=KL&mm=31%2C26&mn=sn-4g5ednsl%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=307500&vprv=1&mime=video%2Fmp4&ns=p1iCAGHUyMabbLU-1lYGcNcG&gir=yes&clen=2282934&otfp=1&dur=52.199&lmt=1587199228149174&mt=1632153189&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgO0lTZI_LxoqQyL0IS8kCHgf2_4DjiPLMlIB9pOhuTLQCIQC6DEXvTr8LmQXo3B17cyNlWx1d2RYzxRrMqeMnK13jaw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAMs5KGpO9LZh8FUuImo-5N3Q1AwRrdiTgiBz8UaGiCY_AiAJcQHeZrJNYtP3COlyXpaYTU7ch0Qr0vKG7FZu25RkEA%3D%3D&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&range=0-160287&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.194.188.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s32-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

4546b1454ce8c4ce71a7dd16baba9b9f47512f951d069d8a1d47b371f1226357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 15:58:08 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1066
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 20 Sep 2021 15:58:08 GMT

GET
H/1.1 200
OK videoplayback Show response
r3---sn-4g5ednsl.googlevideo.com/ Frame 4AE3 992 B
2 KB 193ms
127ms XHR
text/plain 173.194.188.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=251&source=youtube&requiressl=yes&mh=KL&mm=31%2C26&mn=sn-4g5ednsl%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=307500&vprv=1&mime=audio%2Fwebm&ns=p1iCAGHUyMabbLU-1lYGcNcG&gir=yes&clen=895412&otfp=1&dur=52.261&lmt=1587197339749563&mt=1632153189&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDgExrpmA-6_X1_K653Q4JVbfbSoIjNs5g64PhbJMVG0CIDTtxnQemVVFTYlrK_1Mh702Wugp-FwloSuHFrZvG2Dw&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAMs5KGpO9LZh8FUuImo-5N3Q1AwRrdiTgiBz8UaGiCY_AiAJcQHeZrJNYtP3COlyXpaYTU7ch0Qr0vKG7FZu25RkEA%3D%3D&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&range=0-65893&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.194.188.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s32-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

d3f97adaac61507a54e4d0e733dfa720bbd66a52f347a13d57f50ff14001731a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 15:58:08 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 992
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 20 Sep 2021 15:58:08 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 4AE3 95 KB
29 KB 17ms
16ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 319587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29920
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:11:40 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/ Frame 4AE3 26 KB
7 KB 18ms
17ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

sffe /

Resource Hash

b219c775b483ef8b92a2310b53c5066f2ccc661bf8126194efc49fa2febbe40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 23:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 319587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7110
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 21:16:41 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Sep 2022 23:11:40 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 4AE3 65 KB
5 KB 393ms
393ms XHR
application/json 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

ESF /

Resource Hash

46b788d6b6659bdbb8d0dd6ef384f614f35dc815892b8afcb1dc2db5acc5350d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210915.1.2
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Goog-Visitor-Id: CgtKanNsRkVoU2NYVSiP36KKBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5460
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4AE3 4 KB
3 KB 41ms
18ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Mon, 20 Sep 2021 15:58:08 GMT

GET
H3 200 videoplayback Show response
r3---sn-4g5lzned.googlevideo.com/ Frame 4AE3 157 KB
157 KB 131ms
72ms XHR
video/mp4 74.125.162.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5lzned.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=p1iCAGHUyMabbLU-1lYGcNcG&gir=yes&clen=2282934&otfp=1&dur=52.199&lmt=1587199228149174&keepalive=yes&fexp=24001373,24007246,24052760&c=WEB_EMBEDDED_PLAYER&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgO0lTZI_LxoqQyL0IS8kCHgf2_4DjiPLMlIB9pOhuTLQCIQC6DEXvTr8LmQXo3B17cyNlWx1d2RYzxRrMqeMnK13jaw%3D%3D&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&redirect_counter=1&cm2rm=sn-4g5e6z7s&cms_redirect=yes&mh=KL&mm=34&mn=sn-4g5lzned&ms=ltu&mt=1632153409&mv=m&mvi=3&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKs3jAFlk2QA4GQyaaY4GGZ8ecAy04JllukD8z0_sHKFAiEAu-dJwW_KubV56Glf4RI9Du5sjmtDC8gVDbWCaTsC6xU%3D&range=0-160287&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s16-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

fb553c252905087c24217b25064ca49e7e875b1178f32c235633143a728d1add

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160288
client-protocol: quic
last-modified: Sat, 18 Apr 2020 08:40:28 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 20 Sep 2021 15:58:08 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/93/ Frame 4AE3 52 KB
15 KB 27ms
13ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/93/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 13:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15359
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 15:09:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 21 Sep 2021 13:16:59 GMT

GET
H3 200 videoplayback Show response
r3---sn-4g5lzned.googlevideo.com/ Frame 4AE3 64 KB
64 KB 319ms
319ms XHR
audio/webm 74.125.162.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5lzned.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=p1iCAGHUyMabbLU-1lYGcNcG&gir=yes&clen=895412&otfp=1&dur=52.261&lmt=1587197339749563&keepalive=yes&fexp=24001373,24007246,24052760&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDgExrpmA-6_X1_K653Q4JVbfbSoIjNs5g64PhbJMVG0CIDTtxnQemVVFTYlrK_1Mh702Wugp-FwloSuHFrZvG2Dw&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&redirect_counter=1&cm2rm=sn-4g5e6z7s&cms_redirect=yes&mh=KL&mm=34&mn=sn-4g5lzned&ms=ltu&mt=1632153409&mv=m&mvi=3&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgeXTKK3l123i7KZWEBlJ2z-WPd8XSJsHR8gTCXeAfNvECIQDM-8YwswK3FAP144PpL1Xn7F5NvdLkKm4FEvTnVx395w%3D%3D&range=0-65893&rn=4&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s16-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

80bdae8ebb59d36c55ad0851232c377814c27cde8dff15e4bb35e658cbd1fe1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65894
client-protocol: quic
last-modified: Sat, 18 Apr 2020 08:08:59 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 20 Sep 2021 15:58:08 GMT

GET
H3 200 videoplayback Show response
r3---sn-4g5ednsl.googlevideo.com/ Frame 4AE3 1017 B
1 KB 16ms
8ms XHR
text/plain 173.194.188.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=136&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=KL&mm=31%2C26&mn=sn-4g5ednsl%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=307500&vprv=1&mime=video%2Fmp4&ns=p1iCAGHUyMabbLU-1lYGcNcG&otf=1&otfp=1&dur=0.000&lmt=1587199221643768&mt=1632153189&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKnIckk3KcXqdC08ZpRjM6aXisxRhPRsWUz9KFEFtMHaAiA6Lcj0IsjnQ0xyR8vWz2mo-pznf7hP0GbSUOalOy3RpQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAMs5KGpO9LZh8FUuImo-5N3Q1AwRrdiTgiBz8UaGiCY_AiAJcQHeZrJNYtP3COlyXpaYTU7ch0Qr0vKG7FZu25RkEA%3D%3D&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&sq=0&rn=5&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.188.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s32-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

cbfb748b7d1bdad9f12817a1e8ea2876c7064a37b232dadb5394627cbaca9611

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1017
client-protocol: quic
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 20 Sep 2021 15:58:08 GMT

GET videoplayback
r3---sn-4g5lzned.googlevideo.com/ Frame 4AE3 0
0

GET
H2 200 hqdefault.webp
i.ytimg.com/vi_webp/IxFcVEghujs/ Frame 4AE3 12 KB
13 KB 45ms
22ms Image
image/webp 142.250.186.86
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/IxFcVEghujs/hqdefault.webp

Requested by

Host: www.safen2.co.za
URL: https://www.safen2.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.86 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f22.1e100.net

Software

sffe /

Resource Hash

f62af75f7a4a4197d345dd36ce4c62e4a1b20edf4cf7a3ff8cdb9481aaffa37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12754
x-xss-protection: 0
server: sffe
etag: "1587197357"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Sep 2021 17:58:08 GMT

GET
H3 200 videoplayback Show response
r3---sn-4g5lzned.googlevideo.com/ Frame 4AE3 64 KB
64 KB 7ms
7ms XHR
audio/webm 74.125.162.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5lzned.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=p1iCAGHUyMabbLU-1lYGcNcG&gir=yes&clen=895412&otfp=1&dur=52.261&lmt=1587197339749563&keepalive=yes&fexp=24001373,24007246,24052760&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDgExrpmA-6_X1_K653Q4JVbfbSoIjNs5g64PhbJMVG0CIDTtxnQemVVFTYlrK_1Mh702Wugp-FwloSuHFrZvG2Dw&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&redirect_counter=1&cm2rm=sn-4g5e6z7s&cms_redirect=yes&mh=KL&mm=34&mn=sn-4g5lzned&ms=ltu&mt=1632153409&mv=m&mvi=3&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgeXTKK3l123i7KZWEBlJ2z-WPd8XSJsHR8gTCXeAfNvECIQDM-8YwswK3FAP144PpL1Xn7F5NvdLkKm4FEvTnVx395w%3D%3D&range=65894-131429&rn=7&rbuf=3767

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s16-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

146094f7bb7e4e06c9a7b710cc7870747d6afbdcca45c5835f4732a19f61c3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
client-protocol: quic
last-modified: Sat, 18 Apr 2020 08:08:59 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 20 Sep 2021 15:58:08 GMT

GET
H3 200 videoplayback Show response
r3---sn-4g5lzned.googlevideo.com/ Frame 4AE3 24 KB
24 KB 7ms
7ms XHR
video/mp4 74.125.162.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s16-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

9cae3fbc36b699cfe2240ab9ae0d079280d56504ae03972506eb790e9687ece1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24524
client-protocol: quic
last-modified: Sat, 18 Apr 2020 08:40:28 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 20 Sep 2021 15:58:08 GMT

GET
H3 200 videoplayback Show response
r3---sn-4g5lzned.googlevideo.com/ Frame 4AE3 191 KB
191 KB 8ms
8ms XHR
video/mp4 74.125.162.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s16-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

21618a1398f433a19a1b7ebf78a3b65361df029d9d36f1dfe305437a72eca6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195918
client-protocol: quic
last-modified: Sat, 18 Apr 2020 08:40:28 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 20 Sep 2021 15:58:08 GMT

GET
H3 200 videoplayback Show response
r3---sn-4g5lzned.googlevideo.com/ Frame 4AE3 131 KB
131 KB 8ms
7ms XHR
audio/webm 74.125.162.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5lzned.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=p1iCAGHUyMabbLU-1lYGcNcG&gir=yes&clen=895412&otfp=1&dur=52.261&lmt=1587197339749563&keepalive=yes&fexp=24001373,24007246,24052760&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDgExrpmA-6_X1_K653Q4JVbfbSoIjNs5g64PhbJMVG0CIDTtxnQemVVFTYlrK_1Mh702Wugp-FwloSuHFrZvG2Dw&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&redirect_counter=1&cm2rm=sn-4g5e6z7s&cms_redirect=yes&mh=KL&mm=34&mn=sn-4g5lzned&ms=ltu&mt=1632153409&mv=m&mvi=3&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgeXTKK3l123i7KZWEBlJ2z-WPd8XSJsHR8gTCXeAfNvECIQDM-8YwswK3FAP144PpL1Xn7F5NvdLkKm4FEvTnVx395w%3D%3D&range=131430-265183&rn=10&rbuf=7534

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s16-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

6461a3f330c958a9aa9ff86b7a573074c0a27fce4d8a3c403207a823c4bd525e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:08 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133754
client-protocol: quic
last-modified: Sat, 18 Apr 2020 08:08:59 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 20 Sep 2021 15:58:08 GMT

GET
H3 200 videoplayback Show response
r3---sn-4g5lzned.googlevideo.com/ Frame 4AE3 159 KB
159 KB 7ms
7ms XHR
video/mp4 74.125.162.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s16-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

ae07f333b37b7ebbbe6114dcc8b2e991c890b88e2d7f42ac4d165aea288aa38d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:09 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162472
client-protocol: quic
last-modified: Sat, 18 Apr 2020 08:40:28 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 20 Sep 2021 15:58:09 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4AE3 28 B
50 B 32ms
31ms XHR
application/json 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/IxFcVEghujs?autoplay=1
X-YouTube-Client-Version: 1.20210915.1.2
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtKanNsRkVoU2NYVSiP36KKBg%3D%3D
X-YouTube-Ad-Signals: dt=1632153487672&flash=0&frm=2&u_tz&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1568%2C900&vis=1&wgl=true&ca_type=image&bid=ANyPxKrChdj-XmzInsHO4CavNCCyMeElCYBkuUWFE_M85hX6PYCJrFuvJzZaecIbPWtc5iCGnWu2N9sYnyh3aMmGDE3GBVZzAw

Response headers

date: Mon, 20 Sep 2021 15:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
H3 200 videoplayback Show response
r3---sn-2gb7sn7s.googlevideo.com/ Frame 4AE3 1 KB
1 KB 81ms
17ms XHR
text/plain 173.194.150.233

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-2gb7sn7s.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=136&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=KL&mm=31%2C26&mn=sn-4g5ednsl%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=307500&vprv=1&mime=video%2Fmp4&ns=p1iCAGHUyMabbLU-1lYGcNcG&otf=1&otfp=1&dur=0.000&lmt=1587199221643768&mt=1632153189&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKnIckk3KcXqdC08ZpRjM6aXisxRhPRsWUz9KFEFtMHaAiA6Lcj0IsjnQ0xyR8vWz2mo-pznf7hP0GbSUOalOy3RpQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAMs5KGpO9LZh8FUuImo-5N3Q1AwRrdiTgiBz8UaGiCY_AiAJcQHeZrJNYtP3COlyXpaYTU7ch0Qr0vKG7FZu25RkEA%3D%3D&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&fallback_count=1&sq=0&rn=12&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.150.233 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1e997e935fd2e7318f93a24cf074827eb93b53811a909400beab645f1e15a6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:13 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1042
client-protocol: quic
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Mon, 20 Sep 2021 15:58:13 GMT

GET
H3 200 videoplayback Show response
r3---sn-2gb7sn7s.googlevideo.com/ Frame 4AE3 1010 B
1 KB 80ms
18ms XHR
text/plain 173.194.150.233

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-2gb7sn7s.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=251&source=youtube&requiressl=yes&mh=KL&mm=31%2C26&mn=sn-4g5ednsl%2Csn-2gb7sn7s&ms=au%2Conr&mv=m&mvi=3&pl=24&initcwndbps=307500&vprv=1&mime=audio%2Fwebm&ns=p1iCAGHUyMabbLU-1lYGcNcG&gir=yes&clen=895412&otfp=1&dur=52.261&lmt=1587197339749563&mt=1632153189&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDgExrpmA-6_X1_K653Q4JVbfbSoIjNs5g64PhbJMVG0CIDTtxnQemVVFTYlrK_1Mh702Wugp-FwloSuHFrZvG2Dw&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAMs5KGpO9LZh8FUuImo-5N3Q1AwRrdiTgiBz8UaGiCY_AiAJcQHeZrJNYtP3COlyXpaYTU7ch0Qr0vKG7FZu25RkEA%3D%3D&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&fallback_count=1&range=265184-525846&rn=13&rbuf=15222

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.150.233 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4b9c03840aa3d13f4ec2dfe6787004c74f8f4c1a924aac035fc857acf4c1c886

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:13 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1010
client-protocol: quic
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 20 Sep 2021 15:58:13 GMT

GET
H3 200 videoplayback Show response
r3---sn-4g5lzned.googlevideo.com/ Frame 4AE3 173 KB
173 KB 7ms
6ms XHR
audio/webm 74.125.162.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5lzned.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=p1iCAGHUyMabbLU-1lYGcNcG&gir=yes&clen=895412&otfp=1&dur=52.261&lmt=1587197339749563&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDgExrpmA-6_X1_K653Q4JVbfbSoIjNs5g64PhbJMVG0CIDTtxnQemVVFTYlrK_1Mh702Wugp-FwloSuHFrZvG2Dw&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&fallback_count=1&redirect_counter=1&cm2rm=sn-2gbez7s&cms_redirect=yes&mh=KL&mm=34&mn=sn-4g5lzned&ms=ltu&mt=1632153409&mv=m&mvi=3&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgYh1y7lIe7-g6EJCXnbk5RaC1MbGdXs5i34EAaqZZGf4CIQDlNrAxAPErGgMBNlEt1hHvasxl4kVIrq2AWLx5GcWzxg%3D%3D&range=265184-442739&rn=14&rbuf=15222

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d7a19ed1/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.162.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s16-in-f8.1e100.net

Software

gvs 1.0 /

Resource Hash

34dd78f42e4821885c2cfd22248812a39222375d84b6039ef85fe0940d5cc72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:58:13 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 177556
client-protocol: quic
last-modified: Sat, 18 Apr 2020 08:08:59 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 20 Sep 2021 15:58:13 GMT

GET videoplayback
r3---sn-4g5lzned.googlevideo.com/ Frame 4AE3 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r3---sn-4g5lzned.googlevideo.com
URL: https://r3---sn-4g5lzned.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=136&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=p1iCAGHUyMabbLU-1lYGcNcG&otf=1&otfp=1&dur=0.000&lmt=1587199221643768&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKnIckk3KcXqdC08ZpRjM6aXisxRhPRsWUz9KFEFtMHaAiA6Lcj0IsjnQ0xyR8vWz2mo-pznf7hP0GbSUOalOy3RpQ%3D%3D&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&redirect_counter=1&cm2rm=sn-4g5e6z7s&cms_redirect=yes&mh=KL&mm=34&mn=sn-4g5lzned&ms=ltu&mt=1632153409&mv=m&mvi=3&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgbqY0HN-R_CgVhG0yhIpuRZYXGCSzr4EXO2qZturZRoACICqxmrub4nh8fzxd6Ei8-fh7jTFHv2QnpnEEiZ_3As_C&sq=0&rn=6&rbuf=0

Domain: r3---sn-4g5lzned.googlevideo.com
URL: https://r3---sn-4g5lzned.googlevideo.com/videoplayback?expire=1632175087&ei=j69IYcLtM5yp1wLu6KvIAw&ip=216.131.114.60&id=o-AJiUdQUNky4NVnXWQsWMqhOQeXAtr6gpDspVgZ-snO09&itag=136&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=p1iCAGHUyMabbLU-1lYGcNcG&otf=1&otfp=1&dur=0.000&lmt=1587199221643768&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&n=0BxFQ7DLzy5-bA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKnIckk3KcXqdC08ZpRjM6aXisxRhPRsWUz9KFEFtMHaAiA6Lcj0IsjnQ0xyR8vWz2mo-pznf7hP0GbSUOalOy3RpQ%3D%3D&alr=yes&cpn=6T83-JIQGk-g24_D&cver=1.20210915.1.2&fallback_count=1&redirect_counter=1&cm2rm=sn-2gbez7s&cms_redirect=yes&mh=KL&mm=34&mn=sn-4g5lzned&ms=ltu&mt=1632153409&mv=m&mvi=3&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKNTcaHpMgAl55FYL3Rl82HsQ9OWLIEzDK85-BvKzFxoAiAP8HzoMwcci10BspP1AWcmIrGVfDbgpJDtTKxFZ1KlrQ%3D%3D&sq=0&rn=15&rbuf=0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.safen2.co.za/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4fb2f15eb85d23c515e432ab3bac1d0e
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: t5mnJKnT63s
.youtube.com/	1970-01-20 01:41:45	Name: VISITOR_INFO1_LIVE Value: JjslFEhScXU
.doubleclick.net/	1970-01-20 14:53:45	Name: IDE Value: AHWqTUlQmIqb6sWVl-nH15RMvuYDIR_grtanGcZTFbbjWHwXBiefzhqgNaum_LS1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.safen2.co.za/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
maxcdn.bootstrapcdn.com
r3---sn-2gb7sn7s.googlevideo.com
r3---sn-4g5ednsl.googlevideo.com
r3---sn-4g5lzned.googlevideo.com
static.doubleclick.net
use.fontawesome.com
www.google.com
www.gstatic.com
www.safen2.co.za
www.w3schools.com
www.youtube.com
yt3.ggpht.com
r3---sn-4g5lzned.googlevideo.com
104.18.11.207
142.250.181.225
142.250.185.100
142.250.185.131
142.250.185.98
142.250.186.170
142.250.186.174
142.250.186.38
142.250.186.74
142.250.186.86
142.250.74.195
154.0.160.107
172.67.214.69
173.194.150.233
173.194.188.72
192.229.133.221
74.125.162.8
00e293a8e025b96124111cfe5aec205d29e63d148cd8715fd0dfc9ea4cdcdda8
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
146094f7bb7e4e06c9a7b710cc7870747d6afbdcca45c5835f4732a19f61c3ad
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
1e3cc30bbc4f42feee09e027dde594be72eb2feeec8aab321c91e2f89f7ca27c
1e997e935fd2e7318f93a24cf074827eb93b53811a909400beab645f1e15a6de
21618a1398f433a19a1b7ebf78a3b65361df029d9d36f1dfe305437a72eca6cc
30057034d95f07344c0c2b4c481b04ba2fb9d8859805b18fb48e41f187b53418
34dd78f42e4821885c2cfd22248812a39222375d84b6039ef85fe0940d5cc72f
356457fa6fd6703c1102e7d720768399835813e210e8910f83ba2f2e76ce3085
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e30e0f6925013e7ae1a6c4fc59be060573773ef3d37b3892b333a9479f1d1d3
405618050d05b34ee30b7434fe54da5aba80e997c722fce87cbe8bf37dc767ae
4546b1454ce8c4ce71a7dd16baba9b9f47512f951d069d8a1d47b371f1226357
46b788d6b6659bdbb8d0dd6ef384f614f35dc815892b8afcb1dc2db5acc5350d
4b9c03840aa3d13f4ec2dfe6787004c74f8f4c1a924aac035fc857acf4c1c886
5269a4e27286754332aec877cf8ed4ab4cc13edcfc9351f203b080638793bfaf
550214f7b02c4461dfbb08dc321a2f487f21e70cd9ea3f135184bd25c75395ea
576e3e1b3a9f63f06af6ab002bc5d6f096db454b1c1024ca7790b12da8333247
6461a3f330c958a9aa9ff86b7a573074c0a27fce4d8a3c403207a823c4bd525e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
733488b7d99dbc6f65739172bbcff720f8ccb3cc8b485a3179c8f32c304adb49
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
80bdae8ebb59d36c55ad0851232c377814c27cde8dff15e4bb35e658cbd1fe1b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
88cd304193a0d8e13f5211a8ae1e774c25536668971e11f2ada9023235ac5482
9cae3fbc36b699cfe2240ab9ae0d079280d56504ae03972506eb790e9687ece1
9e44ecc301fd6f08b8f6e48a451756b66effdf5ea7022cb8bbb67f12d41e7496
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a5b43ebebb44674128bee8be97e893868e07ca3d5512310a0c22fe975b7c2739
a85d8b163456d7f371e2b4a2abd4653ddf391f507568e11afad91f0d2710ac5c
ac312f622930f222ea25915848bd0349f415c69f2acc2d0c9200e8bfdefb136e
ae07f333b37b7ebbbe6114dcc8b2e991c890b88e2d7f42ac4d165aea288aa38d
b219c775b483ef8b92a2310b53c5066f2ccc661bf8126194efc49fa2febbe40d
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
cb0fde09218c8e13e30efd007a8ce2bcfd68b2e19a960a643aefcd975f907367
cbfb748b7d1bdad9f12817a1e8ea2876c7064a37b232dadb5394627cbaca9611
d3f97adaac61507a54e4d0e733dfa720bbd66a52f347a13d57f50ff14001731a
d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0e6e2a301ea8e5884386e6780410150c1963082e8f39072361cda670e72558c
f2961ef025e9598bbc17229d642d373a9eb7feaa927ac1149a1bfc546d31caed
f62af75f7a4a4197d345dd36ce4c62e4a1b20edf4cf7a3ff8cdb9481aaffa37b
fb553c252905087c24217b25064ca49e7e875b1178f32c235633143a728d1add

www.safen2.co.za Open in urlscan Pro 154.0.160.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

0 %IPv6

12 Domains

17 Subdomains

18 IPs

3 Countries

3780 kBTransfer

5985 kBSize

4 Cookies

1 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.safen2.co.za Open in urlscan Pro
154.0.160.107 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

18
IPs

3
Countries

3780 kB
Transfer

5985 kB
Size

4
Cookies

52 HTTP transactions
2 data transactions