Submitted URL: https://tracking.attackiq.com/t/102814/c/a2c6f026-19a4-4dfd-b44f-482e19418d1c/NB%202HI4DTHIXS653XO4XHA5LSOBWGK2DBORZS433SM4XTE...
Effective URL: https://www.purplehats.org/2022/1886986?ref=sales
Submission: On March 31 via manual from SG — Scanned from DE

Summary

This website contacted 25 IPs in 4 countries across 21 domains to perform 121 HTTP transactions. The main IP is 52.213.47.89, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.purplehats.org.
TLS certificate: Issued by R3 on February 20th 2022. Valid for: 3 months.
This is the only time www.purplehats.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.237.197.50 14618 (AMAZON-AES)
1 1 35.157.115.29 16509 (AMAZON-02)
5 52.213.47.89 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
46 143.204.98.51 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.111.234.67 16625 (AKAMAI-AS)
5 2a00:1450:400... 15169 (GOOGLE)
9 96.16.137.162 16625 (AKAMAI-AS)
2 108.128.132.86 16509 (AMAZON-02)
1 192.28.144.124 15224 (OMNITURE)
1 21 2a00:1450:400... 15169 (GOOGLE)
1 37.252.173.215 29990 (ASN-APPNEX)
1 151.101.2.137 54113 (FASTLY)
2 185.221.87.8 206998 (NEW-2)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
7 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... ()
121 25
Apex Domain
Subdomains
Transfer
48 swoogo.com
assets.swoogo.com — Cisco Umbrella Rank: 104929
analytics.swoogo.com — Cisco Umbrella Rank: 182031
2 MB
21 youtube.com
www.youtube.com — Cisco Umbrella Rank: 92
832 KB
9 googlevideo.com
rr5---sn-5hnedn7e.googlevideo.com — Cisco Umbrella Rank: 106949
rr2---sn-5hnedn7e.googlevideo.com — Cisco Umbrella Rank: 97325
932 KB
9 6sc.co
j.6sc.co — Cisco Umbrella Rank: 7945
c.6sc.co — Cisco Umbrella Rank: 11644
b.6sc.co — Cisco Umbrella Rank: 5608
16 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
89 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
jnn-pa.googleapis.com — Cisco Umbrella Rank: 273
24 KB
5 purplehats.org
www.purplehats.org
52 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
static.doubleclick.net — Cisco Umbrella Rank: 346
1 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 106
46 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 7
14 KB
2 nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 9892
1 KB
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3543
6 KB
1 google.de
www.google.de
548 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 207
2 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 396
18 KB
1 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 436
708 B
1 mktoresp.com
041-fsq-281.mktoresp.com
311 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
31 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 652
33 KB
1 salesloft.com
app.salesloft.com — Cisco Umbrella Rank: 37128
536 B
1 attackiq.com
tracking.attackiq.com
267 B
121 21
Domain Requested by
46 assets.swoogo.com www.purplehats.org
assets.swoogo.com
21 www.youtube.com 1 redirects www.purplehats.org
www.youtube.com
7 rr2---sn-5hnedn7e.googlevideo.com www.youtube.com
7 b.6sc.co www.purplehats.org
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
5 www.purplehats.org www.purplehats.org
4 jnn-pa.googleapis.com www.youtube.com
3 googleads.g.doubleclick.net 2 redirects www.youtube.com
3 fonts.googleapis.com www.purplehats.org
assets.swoogo.com
2 rr5---sn-5hnedn7e.googlevideo.com www.youtube.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 i.ytimg.com www.youtube.com
2 www.google.com 1 redirects www.youtube.com
2 bam.eu01.nr-data.net www.purplehats.org
2 analytics.swoogo.com www.purplehats.org
analytics.swoogo.com
2 munchkin.marketo.net www.purplehats.org
1 www.google.de
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 js-agent.newrelic.com www.purplehats.org
1 c.6sc.co www.purplehats.org
1 secure.adnxs.com www.purplehats.org
1 041-fsq-281.mktoresp.com munchkin.marketo.net
1 j.6sc.co www.purplehats.org
1 www.googletagmanager.com www.purplehats.org
1 code.jquery.com www.purplehats.org
1 app.salesloft.com 1 redirects
1 tracking.attackiq.com 1 redirects
121 28

This site contains links to these domains. Also see Links.

Domain
attackiq.com
www.vmware.com
www.westconcomstor.com
www.cisco.com
www.cybereason.com
Subject Issuer Validity Valid
www.purplehats.org
R3
2022-02-20 -
2022-05-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
assets.swoogo.com
Amazon
2021-08-17 -
2022-09-15
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA
2022-02-06 -
2023-02-07
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.6sc.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-08 -
2023-03-11
a year crt.sh
*.swoogo.com
Amazon
2022-02-18 -
2023-03-18
a year crt.sh
*.mktoresp.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-30 -
2022-11-30
a year crt.sh
*.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-10-06 -
2022-11-07
a year crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2021-05-24 -
2022-06-24
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
www.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2022-03-22 -
2022-05-31
2 months crt.sh

This page contains 2 frames:

Primary Page: https://www.purplehats.org/2022/1886986?ref=sales
Frame ID: 09AACB05FE5585BA6E05DFA5C8D58107
Requests: 82 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Frame ID: D7864B4DBE8050F0423A453B77E61915
Requests: 41 HTTP requests in this frame

Screenshot

Page Title

Purple Hats Conference

Page URL History Show full URLs

  1. https://tracking.attackiq.com/t/102814/c/a2c6f026-19a4-4dfd-b44f-482e19418d1c/NB%202HI4DTHIXS653XO4XHA5LSO... HTTP 302
    https://app.salesloft.com/t/102814/c/a2c6f026-19a4-4dfd-b44f-482e19418d1c/NB%202HI4DTHIXS653XO4XHA5LSO... HTTP 302
    https://www.purplehats.org/2022/1886986?ref=sales Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /yii\.(?:validation|activeForm)\.js

Overall confidence: 100%
Detected patterns
  • require.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]pjax(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

121
Requests

98 %
HTTPS

58 %
IPv6

21
Domains

28
Subdomains

25
IPs

4
Countries

4530 kB
Transfer

7316 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tracking.attackiq.com/t/102814/c/a2c6f026-19a4-4dfd-b44f-482e19418d1c/NB%202HI4DTHIXS653XO4XHA5LSOBWGK2DBORZS433SM4XTEMBSGIXTCOBYGY4TQNR7OJSWMPLTMFWGK4Y=/w%20ww-purplehats-org-2022-1886986 HTTP 302
    https://app.salesloft.com/t/102814/c/a2c6f026-19a4-4dfd-b44f-482e19418d1c/NB%202HI4DTHIXS653XO4XHA5LSOBWGK2DBORZS433SM4XTEMBSGIXTCOBYGY4TQNR7OJSWMPLTMFWGK4Y=/w%20ww-purplehats-org-2022-1886986 HTTP 302
    https://www.purplehats.org/2022/1886986?ref=sales Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 118
  • https://www.youtube.com/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220329&foc_id=fi_UinGlQYldPLv5hxQQfw&label=followon_view&ptype=no_rmkt&random=861171294 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220329&foc_id=fi_UinGlQYldPLv5hxQQfw&label=followon_view&ptype=no_rmkt&random=861171294&cv_attributed=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220329&label=followon_view&ptype=no_rmkt&random=861171294&is_vtc=0&random=350430805 HTTP 302
  • https://www.google.de/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220329&label=followon_view&ptype=no_rmkt&random=861171294&is_vtc=0&random=350430805&ipr=y

121 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 1886986
www.purplehats.org/2022/
Redirect Chain
  • https://tracking.attackiq.com/t/102814/c/a2c6f026-19a4-4dfd-b44f-482e19418d1c/NB%202HI4DTHIXS653XO4XHA5LSOBWGK2DBORZS433SM4XTEMBSGIXTCOBYGY4TQNR7OJSWMPLTMFWGK4Y=/w%20ww-purplehats-org-2022-1886986
  • https://app.salesloft.com/t/102814/c/a2c6f026-19a4-4dfd-b44f-482e19418d1c/NB%202HI4DTHIXS653XO4XHA5LSOBWGK2DBORZS433SM4XTEMBSGIXTCOBYGY4TQNR7OJSWMPLTMFWGK4Y=/w%20ww-purplehats-org-2022-1886986
  • https://www.purplehats.org/2022/1886986?ref=sales
75 KB
23 KB
Document
General
Full URL
https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.213.47.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-47-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9590acf14b18361e545caab9ebf695bdc6a35a2ead2e555fbbf5da00d188570e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.swoogo.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
23058
content-security-policy
frame-ancestors 'self' *.swoogo.com
content-type
text/html; charset=UTF-8
date
Thu, 31 Mar 2022 05:37:54 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
115
Content-Type
text/html; charset=utf-8
Date
Thu, 31 Mar 2022 05:37:54 GMT
Location
https://www.purplehats.org/2022/1886986?ref=sales
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary
Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Request-Id
d7e1133c596767a71bc6094a1959f901
X-Runtime
0.039666
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/
390 B
387 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans+Mono:400,700,400italic,700italic
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bfea356d814656de562efbbc5a881e4a3df33dbfdd739d9869f749a7b029ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 05:37:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 05:37:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 05:37:54 GMT
css
fonts.googleapis.com/
3 KB
538 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700,400italic,700italic
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff58254ef9d37324a7918344de116b79d2865fb1764fda1eac443d9392ed2f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 05:37:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 05:37:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 05:37:54 GMT
bootstrap.min.css
assets.swoogo.com/plugins/bootstrap/
118 KB
119 KB
Stylesheet
General
Full URL
https://assets.swoogo.com/plugins/bootstrap/bootstrap.min.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49818eb6e8fc8bc50a311235d1a35c3ecce3ae83e68a797e19dda9c1ec8263da
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
etag
"6dd7da78f6a2107277e06e5d2bed6326"
age
17609
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
121165
last-modified
Wed, 13 Jan 2021 17:41:19 GMT
server
AmazonS3
date
Thu, 31 Mar 2022 00:45:47 GMT
strict-transport-security
max-age=10368000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
FX6J90Ky4wUcGDrRkYd8ciRVC6qbMgIk1agKptIu8yxZaaPKtWLChQ==
fontawesome.css
assets.swoogo.com/assets/b24dcce0/css/
56 KB
13 KB
Stylesheet
General
Full URL
https://assets.swoogo.com/assets/b24dcce0/css/fontawesome.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5c4de956709d8fad077c3b92c016ffa7a953069b12aab25c30055a6d8c6b4a1
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:03 GMT
content-encoding
gzip
age
59992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
12314
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:58 GMT
server
AmazonS3
etag
"6a5cd5f8817962d65ce01925c62914cd"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
ksUmHaaNswQw3rYULYzdR1dnAE8.T0.u
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
mjkvyHE35p2t2Aoaul8_uiDErjzLW2cX_-JM2TlWEsJ2-GCioAZ_Ig==
brands.css
assets.swoogo.com/assets/b24dcce0/css/
679 B
813 B
Stylesheet
General
Full URL
https://assets.swoogo.com/assets/b24dcce0/css/brands.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
323df35b2db77c08c86873f76dc26e4921b8119ed07dbfdadabe368321281e5d
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:03 GMT
content-encoding
gzip
age
59992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
320
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:58 GMT
server
AmazonS3
etag
"ca6c61eafd34206b0a4b196b8ef7723a"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
psSrhNl8X1leJhf9WTwDr9rGskZnuPzS
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
5DFVSsooeYM8P_2BRCubFyJv6wpN18HAWiUUg389qYtVh7Wh5HUQ3A==
solid.css
assets.swoogo.com/assets/b24dcce0/css/
673 B
817 B
Stylesheet
General
Full URL
https://assets.swoogo.com/assets/b24dcce0/css/solid.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9973b8703454beb5c6b7801c00ee4965f7b7f5845001fd36da12740a19278331
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:03 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
324
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:59 GMT
server
AmazonS3
etag
"00c11c0a244e8163ad3c16eddf73aebe"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
8ycKjI2AzcopXCtIRCrBHNQ5XRGv_e0h
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
yakeF7VhwMorM5mF_EFlbj9t7CVf-FnaZaP8CMzfVDl8LPxz9elk4A==
regular.css
assets.swoogo.com/assets/b24dcce0/css/
681 B
813 B
Stylesheet
General
Full URL
https://assets.swoogo.com/assets/b24dcce0/css/regular.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98b3de613d3da9f56b58c810192d9399b9f06da61aa2cc3f277eb17ebb30d06f
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
320
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:58 GMT
server
AmazonS3
etag
"d1a49381a3270d622c00233afa709b23"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
AhzcyqgzCyuMCLm9xjZwWO4zKa2u6bHi
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
GIhpPd5xM_KoKFoDrckVDEY8zpqrpVU-jTCZbkxiO1ZJpUdM9ant8g==
v4-shims.css
assets.swoogo.com/assets/b24dcce0/css/
34 KB
5 KB
Stylesheet
General
Full URL
https://assets.swoogo.com/assets/b24dcce0/css/v4-shims.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a1ae5a2446212a499c40efef0f2af061b19798d5551599def4a5897a8c50c22
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4172
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:59 GMT
server
AmazonS3
etag
"5fc4cca35b886f73c68704aa0b66f9b9"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
5Mms65ZzjmCl74R7DOKXTjhyTVFLave1
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
Wwl3pF9eImF_H-ZUccvrN3fY5YcY5yi3iqR4Ajn_bTU9LqPD_1CsAg==
event-defaults.css
assets.swoogo.com/assets/5c24380f/
23 KB
5 KB
Stylesheet
General
Full URL
https://assets.swoogo.com/assets/5c24380f/event-defaults.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
558e57b950db14118dc8fae13f0392826ec280006a0de50ae8768f7836669adc
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:03 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5077
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:01 GMT
server
AmazonS3
etag
"f05c16c48f1d8a0c0191b846992705b3"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
KI6f5B_kdIlQtQaO6.y7PpnP0AB7iuGG
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
1eJe3EVnCg1FMqILNW_m1P6KYlSdZZfTWX4S6mIVdEgv3-iudkSpYA==
styles.css
assets.swoogo.com/themes/60928b6b02159/
10 KB
3 KB
Stylesheet
General
Full URL
https://assets.swoogo.com/themes/60928b6b02159/styles.css?t=1620933180
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea450bc0ae18c708f6872d555cc4fec2a552ca347f67d620ee6cf7587ce9588d
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 22:46:37 GMT
content-encoding
gzip
age
3826278
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2432
access-control-allow-origin
*
last-modified
Thu, 13 May 2021 19:13:01 GMT
server
AmazonS3
etag
"7c8ec90fdd201188d82c5b0be3274b0e"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
null
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
G3MGEjE6OKimEm031_0capQra78ekWEFI0YtWOSOZgs8kAfMKo-S7Q==
expires
Fri, 06 Jan 2023 12:00:00 GMT
63388_colors.css
assets.swoogo.com/themes/colors/
1 KB
974 B
Stylesheet
General
Full URL
https://assets.swoogo.com/themes/colors/63388_colors.css?t=1644856862
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1a8fe66a6f5ebe0713479f99bf1029eebe90b8cf79552b7662b1dfca1100d49
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 07:55:56 GMT
content-encoding
gzip
age
2410919
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
442
access-control-allow-origin
*
last-modified
Mon, 14 Feb 2022 16:41:03 GMT
server
AmazonS3
etag
"e1af86ee103878082a4ccfc51186a5b4"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
1h3syN8DCTum0MNChBMFZ9uvjoNMqLAF
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
ejF2x-cVZdX8lgHwwr9GdLz7rl4eIlscxlT1sbgZOpd3asGY7bejOQ==
expires
Fri, 05 Jan 2024 12:00:00 GMT
jquery.pagewidget.fullscreen.css
assets.swoogo.com/assets/22887232/
545 B
793 B
Stylesheet
General
Full URL
https://assets.swoogo.com/assets/22887232/jquery.pagewidget.fullscreen.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9dc9da1456a9d1b563961d8d5e730e05318391e4e9f17a651f2d6636d0d83781
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:03 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
292
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:02 GMT
server
AmazonS3
etag
"20da340e5a5d244dc3a7c492c3cabae6"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
WFWI4bUHtTnHeopwF5_vPTN9r943pVHp
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
s8t-oDMHFgbmbl7pEBeW9-9MdPrRkGkqaboAgcjaK8Df5BCHvgrgyw==
pagewidget.video.css
assets.swoogo.com/assets/5f54b21f/
8 KB
2 KB
Stylesheet
General
Full URL
https://assets.swoogo.com/assets/5f54b21f/pagewidget.video.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22b934ffa17ebd7ebe7ae8175fa445fc586ddc0febc3592ee29c4e7c28108dcf
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1834
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:02 GMT
server
AmazonS3
etag
"0f197f7ca99b39a365d4a4f434caf147"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
C6Iri7UpXPgfhb_894S8Fo0ikzlADdWV
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
v9gYW0SdrIhKa_ejZZMKZEgPEbFxfqZZeEuZK_eUoNMoQ_1TUq9S1w==
slick.css
assets.swoogo.com/assets/133ad202/
1 KB
999 B
Stylesheet
General
Full URL
https://assets.swoogo.com/assets/133ad202/slick.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c1f806310322c848c4c996ca568a03b3b16cf9487cbccf09aef3cf17e2c643d
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
496
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:03 GMT
server
AmazonS3
etag
"d22ca23bedc3269640f260f338f22ce3"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
YWLjGXSt1jZw8e_.nOZCkzYqyNMnAn63
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
C9x1TX8W0msAix-RMUssEP0mkSoUSVqTbZUlzS3thw4EGAxpLAZ5bQ==
slick-theme.css
assets.swoogo.com/assets/133ad202/
10 KB
6 KB
Stylesheet
General
Full URL
https://assets.swoogo.com/assets/133ad202/slick-theme.css
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
444debb5933405d88d50dcec3fba08a4a243a7fc86b598e5ef1067e1f1a884b5
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5913
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:03 GMT
server
AmazonS3
etag
"1181f4603c8d3c5ecb9fd9eb480b005f"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
se50aJxheMyVf9gge4PnPr5PXejV7J2f
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
Xj3vZ3zqYEpObKPLdMztFm7OJEw6bTvdZI2N1eSriUY9vspZ-i3Npw==
jquery-1.12.4.min.js
code.jquery.com/
95 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://www.purplehats.org/
Origin
https://www.purplehats.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:54 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-17b8b"
vary
Accept-Encoding
x-hw
1648705074.dop141.am5.t,1648705074.cds207.am5.hn,1648705074.cds302.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
__require.js
assets.swoogo.com/assets/43bca672/
26 KB
8 KB
Script
General
Full URL
https://assets.swoogo.com/assets/43bca672/__require.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b6ff148b1f52caeac2fbe88064ec6943e61e5f904c36e616d7cbf928ab4de49
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8131
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:58 GMT
server
AmazonS3
etag
"eea83ec3c0cd85ab593ce04fb45de9a6"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
EGY7cNmh9RvKjJIlHUY1z2dgQhxxnl0b
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
4t51TJd5YyH0URLmFn1jGXGJ93BWeUKjK0KSTeG8vjt-_N5jv-dFKg==
js
www.googletagmanager.com/gtag/
79 KB
31 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04aab5a78da6103b0a750a8c8e92eb7120d9401d7e73f39e06ecb0e6e0ec8a7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31654
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 31 Mar 2022 05:37:55 GMT
976338-605b5d690fc40.png
assets.swoogo.com/uploads/medium/
14 KB
14 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/976338-605b5d690fc40.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
956070bff75b9a6ccac9b189ab9bb32ce2e9acc00976c465b8bb56498a7a13eb
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 03:12:50 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2687106
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
13984
last-modified
Wed, 24 Mar 2021 15:40:26 GMT
server
AmazonS3
etag
"5541920f8d1f803998e648b90c23ff5a"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
h9ytTIw4k_lwK630uSfxqwSRq04Bc-DWtCE6jCXdxzsR8sxgZxXMig==
expires
Fri, 06 Jan 2023 12:00:00 GMT
1004985-607086e1956c7.png
assets.swoogo.com/uploads/medium/
8 KB
9 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1004985-607086e1956c7.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b721e3f12a4e9efd2b5acf2f554c9500d0c1d055441b8432a6059173a4f1a7c
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 03:12:50 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2687106
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
8521
last-modified
Fri, 09 Apr 2021 16:54:58 GMT
server
AmazonS3
etag
"bde34d54f3049d55459962b416adc0cc"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
b6nOKCgsySPYseSV91hqa0xECsVCUdwRT4rNpoS4_FNuQioxEO0fug==
expires
Fri, 06 Jan 2023 12:00:00 GMT
1598472-620d2c0dd56be.png
assets.swoogo.com/uploads/medium/
28 KB
29 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1598472-620d2c0dd56be.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
994cfb2453f3247cbca5049edd3f7ed81300b54e5addac2f8bb91f72ed952058
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 07:55:56 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2410920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
28759
last-modified
Wed, 16 Feb 2022 16:53:34 GMT
server
AmazonS3
etag
"607d2ac17a48fb7bc64313074efe90e4"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
aKnShhN_1uXP_mL.wvfDYNisKwIkcStk
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
03vjHKnYSZbVFWQP1A_aNvYRtWn9HHuVxsyhaR6CsokMcKiUGMYezw==
expires
Fri, 05 Jan 2024 12:00:00 GMT
1618787-621d12309c646.png
assets.swoogo.com/uploads/medium/
238 KB
239 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1618787-621d12309c646.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0b082b526b1179517c27cac5df5ba1ff83f08f4c4484351437c325a66eb3779
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 07:55:56 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2410920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
243593
last-modified
Mon, 28 Feb 2022 18:19:30 GMT
server
AmazonS3
etag
"1c6adcb704086e2258beb945aa97c185"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
7gtbnPvyseukBkGPqCm8wj2GF.zMfZEW
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
0Bc1eN7kFvUV0N13ZhZQianv0hnQAtWqGCyibIuzNZAd_liUbgAkAg==
expires
Fri, 05 Jan 2024 12:00:00 GMT
1610419-62167fa71ca91.png
assets.swoogo.com/uploads/medium/
294 KB
295 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1610419-62167fa71ca91.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e92a55b56f20bc0d8ab01db1a472bd8fa705079f9fb39dd8999442f15ec34180
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 07:55:56 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2410920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
301396
last-modified
Wed, 23 Feb 2022 18:40:40 GMT
server
AmazonS3
etag
"6ece8669e18da09f74298c9e697e6188"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
5gK4lzyDowd0.2f0JNMPuG6FV_k9I8ng
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
yepTpyiSCMPUU8y8mGcB9AYl3GQhCVrNvQrkz3GHji9pPmxDedj4-Q==
expires
Fri, 05 Jan 2024 12:00:00 GMT
1605756-6213cfc6afd90.jpeg
assets.swoogo.com/uploads/medium/
54 KB
54 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1605756-6213cfc6afd90.jpeg
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acbe8bb374e102d56ad57e2ccd2a48065c361aea1251465016f2c3489680dd86
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 07:55:56 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2410920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
55021
last-modified
Mon, 21 Feb 2022 17:45:44 GMT
server
AmazonS3
etag
"0783f22803ccc507936625b4597f1d3b"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
5oI81paTFaYlojIGgVZnnz_91qmKc6AT
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
8PNY8WtZ_8G4fBdBeSDHyPHJbuIYMUauvWggbXYfp4a0Y-P6zsL_Cg==
expires
Fri, 05 Jan 2024 12:00:00 GMT
1660452-6238c5b6308d7.jpeg
assets.swoogo.com/uploads/medium/
40 KB
40 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1660452-6238c5b6308d7.jpeg
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abb86b522ccf299a1161e11fdc9c42fc2a51febad7643b2e26fc7e26d42b27ec
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 18:54:34 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
816201
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
40781
last-modified
Mon, 21 Mar 2022 18:36:39 GMT
server
AmazonS3
etag
"f4c22840598c093c7a0cba85d8abc60d"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
n0OljqbSYALB3debm5g2xry8wqg0GlLA
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
acHiSxbQ5unlB_PxWCVTHrflRergKUivEE_zUBUoSXJnP59o_GWBVw==
expires
Fri, 05 Jan 2024 12:00:00 GMT
1622639-621e9b1c81019.jpeg
assets.swoogo.com/uploads/medium/
39 KB
40 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1622639-621e9b1c81019.jpeg
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76271c219e0f6737aa77fcaa966949f937ae672f70c87c4ed3aa6d90c1eb987e
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 07:55:56 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2410920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
40141
last-modified
Tue, 01 Mar 2022 22:15:57 GMT
server
AmazonS3
etag
"c2aa18e4f814660555a105cf57203d60"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
F45Jn.QV8mkhsxz3fC0C_BiH.Rjpe0p3
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
UKycFNsee10TLsyLP8qivq417zOuAYI5MgO8J0ICPylm_VyG4BJeDQ==
expires
Fri, 05 Jan 2024 12:00:00 GMT
1619002-621d203d302d3.jpeg
assets.swoogo.com/uploads/medium/
30 KB
30 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1619002-621d203d302d3.jpeg
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afd76d92df383af11d99ebcfb2505d01533473f174afe80a95106d81502ecae
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:24:35 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
641601
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
30656
last-modified
Mon, 28 Feb 2022 19:19:26 GMT
server
AmazonS3
etag
"64fed8b542908771b1957acb3673be51"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
leDMVJ8l.fIIGg7qel4zqHRlrOM8kMvo
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
G8oTEjvbxv1uXVK4e1I06jf2Fg20y3ctiVotlwm7rdQgKhy-f0-9FQ==
expires
Fri, 05 Jan 2024 12:00:00 GMT
1109668-60998b76b7312.jpeg
assets.swoogo.com/uploads/medium/
34 KB
35 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1109668-60998b76b7312.jpeg
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e7a69def4ac0576b07ae8db6105f4c8fc446365677ead77cbf460d99097fcd8
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 07:55:56 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2410920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
35207
last-modified
Mon, 10 May 2021 19:37:27 GMT
server
AmazonS3
etag
"79885a7a3e3a6bf98592bd3800b319e5"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
dK7JMiMEA0-vZXDXFWvsEDWqsmo3J9g5nwSOOsKYlM8lEBa-elIrhg==
expires
Fri, 06 Jan 2023 12:00:00 GMT
1629166-62221a1ecd206.jpeg
assets.swoogo.com/uploads/medium/
30 KB
30 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1629166-62221a1ecd206.jpeg
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c206f7df00427ea7fcb3f29da32162c1f19e2fa6ded9972e5a9ef4c1e6caae6e
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 04 Mar 2022 13:54:48 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2302988
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
30554
last-modified
Fri, 04 Mar 2022 13:54:40 GMT
server
AmazonS3
etag
"095692cd63c9f5c60773674dafd0c19e"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
n9Ot.BlnGkYybtwcsaIGJkuhPrz.koM.
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
EM2ByFgQVkF1drg2Q4BgflGkkjDmTYh98wBh5gPjV45dsj5TgwfE5Q==
expires
Fri, 05 Jan 2024 12:00:00 GMT
1080112-608ad322b9121.png
assets.swoogo.com/uploads/medium/
220 KB
221 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1080112-608ad322b9121.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1bc3c879afb512e3d7c0d7f1ef82b149e74522978a5fb22c3a5ca073e3ccfab
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 03:12:50 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2687106
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
225539
last-modified
Thu, 29 Apr 2021 15:39:15 GMT
server
AmazonS3
etag
"eafcdc426b8d300173227b11396a7b61"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
1AKzjGDt0ig3Wgm2AmRUaakSZSsldwDSWyM1Fc6ETcCwVidKh4n6BA==
expires
Fri, 06 Jan 2023 12:00:00 GMT
1092230-609027188c6e9.jpg
assets.swoogo.com/uploads/medium/
31 KB
32 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1092230-609027188c6e9.jpg
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d599cf0e5542624f0cf04477580183797bf185d07cfa16456fff60249b5b5bd
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 07:55:56 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2410920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
31807
last-modified
Mon, 03 May 2021 16:38:52 GMT
server
AmazonS3
etag
"65347519fa2721396ccd1d91a7107bc7"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
PnP0jap_giu9NZFh3ADF5vG1A24xF0vYOhJ_lYEKRDUynWSoZf116Q==
expires
Fri, 06 Jan 2023 12:00:00 GMT
1642160-622a7863066de.png
assets.swoogo.com/uploads/medium/
52 KB
53 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1642160-622a7863066de.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc81173caf406366a50f5ab3c4a281d6e626a4d83a03f360fdde50613561cf32
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 10:44:52 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
1450384
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
53491
last-modified
Thu, 10 Mar 2022 22:15:00 GMT
server
AmazonS3
etag
"b2577ac9f86141601d00ede3323194c9"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
flt8iGTWzHC8JMSn.vuCi6PHWfhvOwEm
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
xVrmT3Oa7HsF6uUteZbf1_Cjyijexzky9fqMt-UWCecxZr_ctQrAog==
expires
Fri, 05 Jan 2024 12:00:00 GMT
1113971-609b24a514835.png
assets.swoogo.com/uploads/medium/
7 KB
7 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1113971-609b24a514835.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7aa1f8ef655b51c2b76627c6bff3ef4285432d10d8f80ffdea24d2d60638410d
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:45:51 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
1417925
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
6664
last-modified
Wed, 12 May 2021 00:43:18 GMT
server
AmazonS3
etag
"0366e79bc1a35dfb9f14013ba5e58288"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
T22dQDEtAEx9BoTxrHCCiTLa_FWCopgpVr722dcviRQLilKjhuqvFA==
expires
Fri, 06 Jan 2023 12:00:00 GMT
1081658-608b1b48577fa.png
assets.swoogo.com/uploads/medium/
35 KB
35 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1081658-608b1b48577fa.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52b3dbcab4deee35efea7242d1db50ef0e601db61ff7de15bfd6b91893840b90
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:45:51 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
1417925
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
35578
last-modified
Thu, 29 Apr 2021 20:47:05 GMT
server
AmazonS3
etag
"83d5e3d290856ee02426474dd15b6538"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
PULJ-S2dZ8uZibhyjzzECNerWi3njxCnlNSOZqkF4Vk8X8UZ5kbyrg==
expires
Fri, 06 Jan 2023 12:00:00 GMT
1113944-609b2093dc29b.png
assets.swoogo.com/uploads/medium/
16 KB
17 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/medium/1113944-609b2093dc29b.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48671d5e657e79430ef378563c1b0c1095cc35739b31b29de3c3fafcb1d16e61
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 10:44:52 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
1450384
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
16663
last-modified
Wed, 12 May 2021 00:25:56 GMT
server
AmazonS3
etag
"a51af7d7d48310b80f391ad17ccb74c0"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
uiD91jL0mkI2euWT1n9seO3nY-pFKi0KW202A25A0K4fAX97RkQ4qw==
expires
Fri, 06 Jan 2023 12:00:00 GMT
pagewidget.video.matomo.js
www.purplehats.org/plugins/pagewidget-video/
7 KB
2 KB
Script
General
Full URL
https://www.purplehats.org/plugins/pagewidget-video/pagewidget.video.matomo.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.213.47.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-47-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8e7e3b4c83abe69b47adf289cd921f8fef5ce2b253037bbc52bcd977de0ee106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/2022/1886986?ref=sales
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Mar 2022 10:31:14 GMT
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
2075
x-xss-protection
1; mode=block
yii.js
assets.swoogo.com/assets/e08f60ad/
8 KB
3 KB
Script
General
Full URL
https://assets.swoogo.com/assets/e08f60ad/yii.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbf337bda1aeaa58f8febcc5c51bbb69653767b742eda89e27806c5ee0fcbf4d
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2858
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:58 GMT
server
AmazonS3
etag
"944786af9b5a15b8acf042a4a010016f"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
qez0HvT2_pupdvOtQUSJrkAlhoy3sL2Q
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
taTnvoR6LO_AyL2el3FIi5Ff9ibC3unaoNp1GoyyD18rWOwqqA_T4g==
bootstrap.min.js
assets.swoogo.com/plugins/bootstrap/
39 KB
39 KB
Script
General
Full URL
https://assets.swoogo.com/plugins/bootstrap/bootstrap.min.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ef889a83c52a2b5760c9613d699f81044475da8de2dbd3b29020f959d31e78e
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
etag
"b37a0c230d016a2024a6e3fc3fc7706f"
age
6868
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39553
last-modified
Wed, 13 Jan 2021 17:42:38 GMT
server
AmazonS3
date
Thu, 31 Mar 2022 03:43:27 GMT
strict-transport-security
max-age=10368000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
8u3vdYloMuVg3UQNlAko-16n911HxlMMWCOYqkv5XEk341z3MiI39w==
jquery-with-js.js
assets.swoogo.com/assets/2104309b/
2 KB
1 KB
Script
General
Full URL
https://assets.swoogo.com/assets/2104309b/jquery-with-js.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fae23379fab243ff72affe4dba671939a3ce4ca48b6cc22d19848246cd2f23a
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
661
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:00 GMT
server
AmazonS3
etag
"0a93b4160655d6fb2b38c99be74627bc"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
I99MUQTMcg9smUdE6gstVqoe4JrELjf8
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
dS9eH0knKjcyTVZv-NuoYCfjiRi3sBJKyL4YMjWiuINQG9Q05XkIJQ==
event-scripts.js
assets.swoogo.com/assets/c5fbc60c/
9 KB
3 KB
Script
General
Full URL
https://assets.swoogo.com/assets/c5fbc60c/event-scripts.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1471a81caab3649c381e4da8e43cc47d38a46a99ff582c5760599ed26e56910a
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3055
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:01 GMT
server
AmazonS3
etag
"72a7ef5bbcd6dce1399685178d26bfc4"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
5RquIyYW7b27ypp8fVbtSyTIJ.7vRjTz
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
rW1_8f6QMYqHRjlX_DBPEMJriRdsBB8JT11tN8bdj5RMs7iCKNmRNQ==
registrant-inline-updates.js
assets.swoogo.com/assets/b4775f69/
11 KB
3 KB
Script
General
Full URL
https://assets.swoogo.com/assets/b4775f69/registrant-inline-updates.js?
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
474bc01b816fe1be01c353b85553534a24263993910100ec439ae2b8c5b0ee1b
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2876
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:01 GMT
server
AmazonS3
etag
"42cdac24047fdf6d50838b3b2dded128"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
_8TJgpP9CzAC4Mg11HuH4nMr8t0TFEL0
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
DNlUmQUjB9qk3dENI6Fe6A4jXXkVizOA_mFQXji3JLtgZFT7hmwqKw==
yii.activeForm.js
assets.swoogo.com/assets/e08f60ad/
15 KB
4 KB
Script
General
Full URL
https://assets.swoogo.com/assets/e08f60ad/yii.activeForm.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53470daec64c57eec6c76a19ea16c564befd0ded7fb0a55c72457e2f613325eb
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4038
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:58 GMT
server
AmazonS3
etag
"ba23f1c2276c29908226bf1b9ffe16dd"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
rO6GGheYtgh0j_dmDWeP1xf64CBWK4_2
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ySgwP9TlQpTNjA28JfcaNjQOJZVzpslgdi1V6ooLiFkT_grtDlndmQ==
isInViewport.js
assets.swoogo.com/assets/3df0fae3/
3 KB
2 KB
Script
General
Full URL
https://assets.swoogo.com/assets/3df0fae3/isInViewport.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf6aa5383f6f0552f365607a330665077f9bc0d52681318919a5a3a510040187
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1280
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:58 GMT
server
AmazonS3
etag
"7a1a4f3a85ccc3ea62b58021144606c1"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
xCqlZ773bgEfFYIPUl0wVGghp3JOBFNc
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
4klOQCh6b5LAFyjH2dJgG2Inx6dHwEWuGD85J7KJv0r9n9s8G75f_Q==
pagewidget.base.js
assets.swoogo.com/assets/c4898adb/
388 B
751 B
Script
General
Full URL
https://assets.swoogo.com/assets/c4898adb/pagewidget.base.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51f5dabe4b735235222884fcb1dcfb76d5f34b00993cc075d4f206abaf778d4a
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
248
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:57 GMT
server
AmazonS3
etag
"febbe4b5e3c71f9f09d6b021c3a3272a"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
p1RzlWygRU9xhx811TddghiGoJYC5OCP
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
WckZbO-t3d9OllT4BRy7MIoB--z0bR07v-Nql6GlYNnJgkyexFwKQg==
jquery.pagewidget.fullscreen.js
assets.swoogo.com/assets/22887232/
2 KB
1 KB
Script
General
Full URL
https://assets.swoogo.com/assets/22887232/jquery.pagewidget.fullscreen.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8c6ae53a1ddf8cb7493b42cc87ea8b841139522cf705c4178aaeb14d360ab37
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
734
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:02 GMT
server
AmazonS3
etag
"bbddc26d84b110dacb733c2409f0f223"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
woAZoR.EcphdL1Zmv.UEZJU_7dqmRzos
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
uIXqRWcJiEwJQkykHd02o7e2VMCrPLk4mg7EM32VdbrV6Rw_Er51Wg==
pagewidget.video.js
assets.swoogo.com/assets/5f54b21f/
11 KB
3 KB
Script
General
Full URL
https://assets.swoogo.com/assets/5f54b21f/pagewidget.video.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8899ea98437beaf1f306f36c3393c837c26af49d9d1b5241adc837862105944f
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2881
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:02 GMT
server
AmazonS3
etag
"c6db96930b4ae7cab1298c17b0ac850d"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
rASOGUwGVsFEOCLa14FTs57.PZ9nqC2j
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
AWPfbBVt9h8U1OpVzuBm-IpoRvFYQbUIaaXjnMcWKjfQdE_FsRJTng==
jquery.pjax.js
assets.swoogo.com/assets/d63aa0e/
14 KB
5 KB
Script
General
Full URL
https://assets.swoogo.com/assets/d63aa0e/jquery.pjax.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bab86fbd31010971d7243c4cf9c7cb6773bab3dda4517c588b96f8482c1424e0
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4694
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:57:58 GMT
server
AmazonS3
etag
"cb6f9af8330b22d8b3b33632fa6e2b19"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
XJZJ_cqs3tXi0Qdecp5FPwTDPXub4Rlm
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
3zBqpodTQQA89cB3fA0ssGUpk8yZQKge6sq6aCtJF7Il_RQMTRUZ1Q==
slick.min.js
assets.swoogo.com/assets/133ad202/
42 KB
11 KB
Script
General
Full URL
https://assets.swoogo.com/assets/133ad202/slick.min.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d6fcc49f0d1e0b04ac7ac2561cc91ce6ad72f242f81b3b9bd3ae30cf045b935
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
10339
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:03 GMT
server
AmazonS3
etag
"be87eacdf5e9c0f8c259a0644221a4a2"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
Yx8DHjoGDgS6U.4IGT9NkxGeefMPhZjf
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Ig6kRz1h9ScDX421L85t861MgeSLATOiXRhxeDzJeEXKlJyl5fYuJA==
lodash.min.js
www.purplehats.org/js/
72 KB
24 KB
Script
General
Full URL
https://www.purplehats.org/js/lodash.min.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.213.47.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-47-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
afb79be67eddcef3307f711a2f7b7acdf14f1b37c24ce4a7f966ca47c33dcbe8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/2022/1886986?ref=sales
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Mar 2022 10:31:13 GMT
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
24312
x-xss-protection
1; mode=block
jquery-carousel-widget.js
assets.swoogo.com/assets/4bd2cf57/
1 KB
1 KB
Script
General
Full URL
https://assets.swoogo.com/assets/4bd2cf57/jquery-carousel-widget.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7231474216289e9f5a8e370977c77604a2295c0b29e3aeb653437a7422a405a
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:04 GMT
content-encoding
gzip
age
59992
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
584
access-control-allow-origin
*
last-modified
Wed, 30 Mar 2022 12:58:02 GMT
server
AmazonS3
etag
"4db991ef6b80bdb6ab628edb934e24b8"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
Bp020BCTSK9Hs3R5p8FCadRGyEVttb0D
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
1A8S4n04TwDa8Z-3ywkkT5TNZp2nIN_CT2XgIPJs5Uu1Wy8UqEsNUA==
css
fonts.googleapis.com/
766 B
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web&display=swap
Requested by
Host: assets.swoogo.com
URL: https://assets.swoogo.com/themes/60928b6b02159/styles.css?t=1620933180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a22bb1f9e2f7b93dc28fe17ca5ca885f10432e6c635aeaca29a2ea66d9d337e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://assets.swoogo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 04:27:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 05:37:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 05:37:54 GMT
munchkin.js
munchkin.marketo.net/
1 KB
1 KB
Script
General
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 01:24:07 GMT
Server
AkamaiNetStorage
ETag
"461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
753
1598476-620d2c0e6884f.png
assets.swoogo.com/uploads/full/
895 KB
897 KB
Image
General
Full URL
https://assets.swoogo.com/uploads/full/1598476-620d2c0e6884f.png
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9265508b25c24828adfd406d749290206c8502d43fc24406957e9084777f8fd9
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 07:55:56 GMT
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age
2410920
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
content-length
916926
last-modified
Wed, 16 Feb 2022 16:53:35 GMT
server
AmazonS3
etag
"517213e0259cd369069ab90db595294c"
strict-transport-security
max-age=10368000; includeSubDomains
x-amz-version-id
2INzv2hosnbHI2sCoibQF3B8a7OyKpU.
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
h_rSCje5GGyFPW85jgJS5YK-e415SVb_2Nuiybj5-wGNEzqYX42zDw==
expires
Fri, 05 Jan 2024 12:00:00 GMT
6NUO8FuJNQ2MbkrZ5-J8lKFrp7pRef2r.woff2
fonts.gstatic.com/s/droidsansmono/v19/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsansmono/v19/6NUO8FuJNQ2MbkrZ5-J8lKFrp7pRef2r.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans+Mono:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a8e7108949ee83e8eeadd9cd0ed0f98bd8870f2afa75c26ccdc9e795fb58e30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.purplehats.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:36:28 GMT
x-content-type-options
nosniff
age
201687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18400
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 19:48:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 28 Mar 2023 21:36:28 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v14/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v14/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.purplehats.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:42:44 GMT
x-content-type-options
nosniff
age
35711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12372
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:42:44 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v14/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v14/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.purplehats.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:47:24 GMT
x-content-type-options
nosniff
age
35431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11796
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:47:24 GMT
NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xW.woff2
fonts.gstatic.com/s/titilliumweb/v14/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/titilliumweb/v14/NaPAcZTIAOhVxoMyOr9n_E7fdMbWD6xW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51c77586201df2f52721fa5ded6b091f201aa2227b663903c2a3522d90dd8476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.purplehats.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:50:59 GMT
x-content-type-options
nosniff
age
35216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13792
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:47 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:50:59 GMT
6si.min.js
j.6sc.co/
31 KB
10 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5c447a7b66fdc0719190c468e707f259cd0252ed92cbd3a9f74c2f710de260f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
9839
Pragma
no-cache
Last-Modified
Wed, 23 Mar 2022 23:40:16 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"623bafe0-7ae9"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Thu, 31 Mar 2022 05:37:55 GMT
matomo.js
analytics.swoogo.com/
94 KB
29 KB
Script
General
Full URL
https://analytics.swoogo.com/matomo.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.132.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-132-86.eu-west-1.compute.amazonaws.com
Software
WebServer /
Resource Hash
a0ad4399164c36c2110cb392e378ceb14216124fcba0e5a449631c6a1515b0d0
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 14:12:04 GMT
server
WebServer
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=10368000; includeSubDomains
accept-ranges
bytes
content-length
29353
x-xss-protection
1; mode=block
munchkin.js
munchkin.marketo.net/161/
11 KB
5 KB
Script
General
Full URL
https://munchkin.marketo.net/161/munchkin.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Sep 2021 00:38:21 GMT
Server
AkamaiNetStorage
ETag
"0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4681
Expires
Sat, 09 Jul 2022 05:37:55 GMT
truncated
/
1 KB
1 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer
Origin
https://www.purplehats.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/gif
visitWebPage
041-fsq-281.mktoresp.com/webevents/
2 B
311 B
Ping
General
Full URL
https://041-fsq-281.mktoresp.com/webevents/visitWebPage?_mchNc=1648705075162&_mchCn=&_mchId=041-FSQ-281&_mchTk=_mch-purplehats.org-1648705075162-63811&_mchHo=www.purplehats.org&_mchPo=&_mchRu=%2F2022%2F1886986&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=ref%3Dsales
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
5f012a7d-e860-44ae-8406-f5b84fe02434
iframe_api
www.youtube.com/
980 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api?noext
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a7bad30413284d0726b27dfe27b7674760c086d3a8486c6483bb0ea156fbebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 31 Mar 2022 05:37:55 GMT
getuidj
secure.adnxs.com/
11 B
708 B
XHR
General
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 05:37:55 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c57d546f-e749-4a40-a226-1c22d9a52002
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.purplehats.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
11
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/
47 B
374 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4bb4d3b951b7fb70c5d9c8d6add583463b7c6f3d8eea943234532adaac5c697

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:55 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.purplehats.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
47
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=cfd5ce174b3e0000333e4562a70000004e6d0501&session=89809488-f808-460f-8efe-fef847eb2684&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A37%3A55%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%20%5B%20I%20just%20registered%20for%20%23PurpleHatsConf!%20Check%20out%20AttackIQ%E2%80%99s%20Purple%20Hats%20Conference%2C%20a%20virtual%20event%20that%20provides%20access%20to%20globally%20recognized%20experts%2C%20technical%20content%2C%20and%20innovative%20techniques%20for%20improving%20your%20%23cybersecurity%20posture%20and%20building%20a%20stronger%2C%20more%20collaborative%20team.%20Get%20the%20details%3A%20https%3A%2F%2Fwww.purplehats.org%2F2022%20%5D%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Purple%20Hats%20Conference%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.purplehats.org%2F2022%2F1886986%3Fref%3Dsales&pageViewId=ac3274f0-81ef-405d-8bc1-576fc41d5879&an_uid=0
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:55 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e15-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
matomo.php
analytics.swoogo.com/
0
212 B
Ping
General
Full URL
https://analytics.swoogo.com/matomo.php?action_name=Purple%20Hats%20Conference&idsite=10306&rec=1&r=805413&h=5&m=37&s=55&url=https%3A%2F%2Fwww.purplehats.org%2F2022%2F1886986%3Fref%3Dsales&_id=ab98d48eeb3d24be&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=1886986&dimension2=&dimension3=&dimension4=1886986&dimension5=&dimension6=&dimension7=63391&pv_id=mnwZOf&pf_net=117&pf_srv=549&pf_tfr=1&pf_dm1=296
Requested by
Host: analytics.swoogo.com
URL: https://analytics.swoogo.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.132.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-132-86.eu-west-1.compute.amazonaws.com
Software
WebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.purplehats.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.purplehats.org
date
Thu, 31 Mar 2022 05:37:55 GMT
access-control-allow-credentials
true
server
WebServer
strict-transport-security
max-age=10368000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
www-widgetapi.js
www.youtube.com/s/player/1d26561d/www-widgetapi.vflset/
151 KB
49 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d26561d/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7485cde099ad9f6a8e35311c26f1038007eac35ac8c8ff4639cf2bf528b51e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:52:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
49516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50186
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 00:29:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 Mar 2023 15:52:39 GMT
youtube.js
www.purplehats.org/plugins/pagewidget-video/players/
10 KB
2 KB
Script
General
Full URL
https://www.purplehats.org/plugins/pagewidget-video/players/youtube.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.213.47.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-47-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1441847dfad3fb14745c9558f0fe3d4faef872e82c5c9a42353a20ad9c86816d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/2022/1886986?ref=sales
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Mar 2022 10:31:14 GMT
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
1981
x-xss-protection
1; mode=block
base.js
www.purplehats.org/plugins/pagewidget-video/players/
2 KB
665 B
Script
General
Full URL
https://www.purplehats.org/plugins/pagewidget-video/players/base.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.213.47.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-47-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c71b83d5c714f245500548cae7b7ba3e1d95d319ea9a5765dec6bf086de5a614
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/2022/1886986?ref=sales
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Mar 2022 10:31:14 GMT
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
410
x-xss-protection
1; mode=block
nr-spa-1215.min.js
js-agent.newrelic.com/
47 KB
18 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding
gzip
etag
"7e1862f7a390ed9fc02c299216395547"
x-amz-request-id
E3807YWQHPQZ8YJZ
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17465
x-amz-id-2
5tcVSTKzkfPEZbNMMs+Dplhb/d0xmPHl6ly9DhZlkXi7DMq5iwlmuwUDWB4WFuI4jhXJxdstiws=
x-served-by
cache-hhn4074-HHN
last-modified
Mon, 24 Jan 2022 22:13:54 GMT
server
AmazonS3
x-timer
S1648705075.458015,VS0,VE0
date
Thu, 31 Mar 2022 05:37:55 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
8160
NRJS-e5440ff4a5c913130a9
bam.eu01.nr-data.net/1/
49 B
754 B
Script
General
Full URL
https://bam.eu01.nr-data.net/1/NRJS-e5440ff4a5c913130a9?a=184599985&v=1215.1253ab8&to=MhBSZQoZD0AFVUZQVwtac0QLDA5eS1BAVlYREF5VVwsIRwEZV09dCwE%3D&rst=2058&ck=1&ref=https://www.purplehats.org/2022/1886986&ap=470&be=1436&fe=2025&dc=1710&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1648705073413,%22n%22:0,%22f%22:743,%22dn%22:744,%22dne%22:772,%22c%22:772,%22s%22:799,%22ce%22:860,%22rq%22:860,%22rp%22:1409,%22rpe%22:1410,%22dl%22:1413,%22di%22:1709,%22ds%22:1709,%22de%22:1737,%22dc%22:2023,%22l%22:2024,%22le%22:2027%7D,%22navigation%22:%7B%7D%7D&fp=1608&fcp=1608&at=HldRE0IDHE4%3D&jsonp=NREUM.setToken
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.8 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:55 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
cross-origin-resource-policy
cross-origin
x-envoy-upstream-service-time
4
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6f46bc648fb9910c-FRA
NRJS-e5440ff4a5c913130a9
bam.eu01.nr-data.net/events/1/
24 B
540 B
XHR
General
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-e5440ff4a5c913130a9?a=184599985&v=1215.1253ab8&to=MhBSZQoZD0AFVUZQVwtac0QLDA5eS1BAVlYREF5VVwsIRwEZV09dCwE%3D&rst=2561&ck=1&ref=https://www.purplehats.org/2022/1886986
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.8 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.purplehats.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 31 Mar 2022 05:37:55 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.purplehats.org
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
Connection
keep-alive
CF-Ray
6f46bc64d816910c-FRA
Content-Length
24
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=cfd5ce174b3e0000333e4562a70000004e6d0501&session=89809488-f808-460f-8efe-fef847eb2684&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A37%3A56%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A37%3A55%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22%20%5B%20I%20just%20registered%20for%20%23PurpleHatsConf!%20Check%20out%20AttackIQ%E2%80%99s%20Purple%20Hats%20Conference%2C%20a%20virtual%20event%20that%20provides%20access%20to%20globally%20recognized%20experts%2C%20technical%20content%2C%20and%20innovative%20techniques%20for%20improving%20your%20%23cybersecurity%20posture%20and%20building%20a%20stronger%2C%20more%20collaborative%20team.%20Get%20the%20details%3A%20https%3A%2F%2Fwww.purplehats.org%2F2022%20%5D%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Purple%20Hats%20Conference%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.purplehats.org%2F2022%2F1886986%3Fref%3Dsales&pageViewId=ac3274f0-81ef-405d-8bc1-576fc41d5879&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:56 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e15-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
Boo35iJ9UFw
www.youtube.com/embed/ Frame D786
60 KB
25 KB
Document
General
Full URL
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Requested by
Host: www.purplehats.org
URL: https://www.purplehats.org/2022/1886986?ref=sales
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb688777dc4f7be201b792c42c3dcef1b22eabc1ceeb607f9b3ca7b24bc0e578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 31 Mar 2022 05:37:56 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
www-player.css
www.youtube.com/s/player/1d26561d/ Frame D786
345 KB
46 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/1d26561d/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31c9b6d0730bffcc43f80e3ad15023d9c43852ac5db962fcee445ca4c319e916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:52:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
49532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47394
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 00:29:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 Mar 2023 15:52:24 GMT
www-embed-player.js
www.youtube.com/s/player/1d26561d/www-embed-player.vflset/ Frame D786
279 KB
86 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d26561d/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
756421cc354ab978e42282704f697a85672375564dafe44aa8bfee804f0b044c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:52:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
49532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88081
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 00:29:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 Mar 2023 15:52:24 GMT
base.js
www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/ Frame D786
2 MB
525 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
906fe4e561f73b867384c6112552d84cfa411aac913b2a14c80e58da7bd5287e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
49512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
537359
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 00:29:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 Mar 2023 15:52:44 GMT
fetch-polyfill.js
www.youtube.com/s/player/1d26561d/fetch-polyfill.vflset/ Frame D786
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d26561d/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:52:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
49529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 00:29:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 Mar 2023 15:52:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D786
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 17:06:41 GMT
x-content-type-options
nosniff
age
131475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 17:06:41 GMT
id
googleads.g.doubleclick.net/pagead/ Frame D786
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Protocol
H3
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c13f05d3b6e477d1a4f306880484625f16821353ca252a39566a830c6fb2931d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 31 Mar 2022 05:37:56 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame D786
29 B
588 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:23:11 GMT
x-content-type-options
nosniff
age
885
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 05:38:11 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 31 Mar 2022 05:37:56 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D786
45 KB
22 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8592216985573a4b9826a3e790ab18d1af0f3bf2ef82c3e2a88d16c75170dc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 31 Mar 2022 05:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22334
x-xss-protection
0
remote.js
www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/ Frame D786
119 KB
37 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee4cf6b7d891f8123889b9a923d166368abf8bd7a2c23f14ed0b0c61e70645c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
49511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37758
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 00:29:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 Mar 2023 15:52:45 GMT
F4H8aiztoj5xLfni1i1MBaMAPowxvXsPAS-BwGrxuQ8.js
www.google.com/js/th/ Frame D786
35 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/F4H8aiztoj5xLfni1i1MBaMAPowxvXsPAS-BwGrxuQ8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1781fc6a2ceda23e712df9e2d62d4c05a3003e8c31bd7b0f012f81c06af1b90f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 14:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
227523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13778
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 14:25:53 GMT
embed.js
www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/ Frame D786
27 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
707195cfa915801604801e3c06d2a7cbb158405244e951440cb4a134ea8e3cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
49511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8138
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 00:29:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 Mar 2023 15:52:45 GMT
truncated
/ Frame D786
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
N8qCmAstd-ASxmQPP73RFqGi_Vk7b2mbKEXI98Eux1aSKTvu9pN-mYRH4ufTyD7ntwUfVm75eQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame D786
2 KB
2 KB
Image
General
Full URL
https://yt3.ggpht.com/N8qCmAstd-ASxmQPP73RFqGi_Vk7b2mbKEXI98Eux1aSKTvu9pN-mYRH4ufTyD7ntwUfVm75eQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
55423546115f8b885bb7eda8541951b882ca0461fef56d90912f0a043c1a162b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:56 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1751
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 30 Mar 2022 17:48:22 GMT
sddefault.webp
i.ytimg.com/vi_webp/Boo35iJ9UFw/ Frame D786
41 KB
42 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/Boo35iJ9UFw/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65297c4942f001eb0202e75ae76c4ee78351076bb7fa43c1f2b95ae5641d442c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:56 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42282
x-xss-protection
0
server
sffe
etag
"1647628221"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 31 Mar 2022 07:37:56 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame D786
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 05:37:56 GMT
player
www.youtube.com/youtubei/v1/ Frame D786
54 KB
19 KB
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d41d354912c972f8d8929be4e61d2fb23d25e71a7835fb2476ebd68ed9a3a318
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20220329.01.00
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
X-Goog-Visitor-Id
CgtMdGdXcDlxZENUWSi0_JSSBg%3D%3D
Content-Type
application/json

Response headers

date
Thu, 31 Mar 2022 05:37:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19766
x-xss-protection
0
expires
Thu, 31 Mar 2022 05:37:56 GMT
truncated
/ Frame D786
275 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0a2e1755c774f1f301ff3b5206ce2545886cb3cca18ecfa7bdcbbe3d1cf8fb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
generate_204
www.youtube.com/ Frame D786
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?7PtlwQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/100/ Frame D786
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/100/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15463
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 16:04:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Thu, 31 Mar 2022 16:08:52 GMT
qoe
www.youtube.com/api/stats/ Frame D786
0
19 B
Ping
General
Full URL
https://www.youtube.com/api/stats/qoe?fmt=243&afmt=251&cpn=iOjEolB1TEyLt9tk&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24169726%2C24180015&cl=438113574&seq=1&docid=Boo35iJ9UFw&ei=ND5FYv-HOLvNx_APw_6ToAM&event=streamingstats&plid=AAXbfRBzZAvUOC4Q&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FBoo35iJ9UFw%3Fwmode%3Dtransparent%26controls%3D1%26enablejsapi%3D1%26playsinline%3D1%26origin%3Dhttps%253A%252F%252Fwww.purplehats.org%26loop%3D1%26widgetid%3D1&cbr=Chrome&cbrver=100.0.4896.60&c=WEB_EMBEDDED_PLAYER&cver=1.20220329.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.006:B,0.130:B,0.130:B&cmt=0.006:0.000,0.130:0.000&afs=0.130:251::i&vfs=0.130:243:243::r&view=0.130:463:260&bwe=0.130:130000&bat=0.130:1:1&vis=0.130:0&bh=0.130:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 05:37:57 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr5---sn-5hnedn7e.googlevideo.com/ Frame D786
1 KB
2 KB
XHR
General
Full URL
https://rr5---sn-5hnedn7e.googlevideo.com/videoplayback?expire=1648726676&ei=ND5FYv-HOLvNx_APw_6ToAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A9e&id=o-AAgG9zauN54j8GgZVgTNxgvrTbGECeLD2MdlNYf93DeM&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Ix&mm=31%2C29&mn=sn-5hnedn7e%2Csn-5hne6nz6&ms=au%2Crdu&mv=u&mvi=5&pl=48&spc=4ocVC-TBmQiFuS_REWDq0zLAF9X2&vprv=1&mime=video%2Fwebm&ns=QLCpS1sO0AmZqIGyCH_ikckG&gir=yes&clen=1682310&dur=46.379&lmt=1647898114355367&mt=1648704148&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5310224&n=w0qnDRn21ruR5Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAInL0h9cvwLf02MK_GOjv0PX3RrYp9Fdo2LHPlX0rmZzAiEA7p0KzZQYyPfhp1aJcfjy7Xcaw25g6XlWf1bocyyPJEg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAO5QwVUGFGvGy4E70JmnVEX4MEQYJW5C1nRgjgpmk2n0AiEA4B-A2EUBMcOhMXyfSp4wZkXGTFlbiC00bHPAypPdIAg%3D&alr=yes&cpn=iOjEolB1TEyLt9tk&cver=1.20220329.01.00&range=0-88104&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401c:14::b , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
db3836e001a14f350bc357f14daf5ee8e210a25446d8ad42c8dc8e985047115a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:57 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1099
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21299
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Thu, 31 Mar 2022 05:37:57 GMT
videoplayback
rr5---sn-5hnedn7e.googlevideo.com/ Frame D786
1021 B
2 KB
XHR
General
Full URL
https://rr5---sn-5hnedn7e.googlevideo.com/videoplayback?expire=1648726676&ei=ND5FYv-HOLvNx_APw_6ToAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A9e&id=o-AAgG9zauN54j8GgZVgTNxgvrTbGECeLD2MdlNYf93DeM&itag=251&source=youtube&requiressl=yes&mh=Ix&mm=31%2C29&mn=sn-5hnedn7e%2Csn-5hne6nz6&ms=au%2Crdu&mv=u&mvi=5&pl=48&spc=4ocVC-TBmQiFuS_REWDq0zLAF9X2&vprv=1&mime=audio%2Fwebm&ns=QLCpS1sO0AmZqIGyCH_ikckG&gir=yes&clen=743805&dur=46.401&lmt=1647898108476911&mt=1648704148&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5310224&n=w0qnDRn21ruR5Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKoSxLUQjuq-wv403uDPYvtYbO64-439jq50QBlofB_vAiB7GG7fljqc8LlW4GXFYDGqpZQWthqtKghH3ktaYgZ_uQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAO5QwVUGFGvGy4E70JmnVEX4MEQYJW5C1nRgjgpmk2n0AiEA4B-A2EUBMcOhMXyfSp4wZkXGTFlbiC00bHPAypPdIAg%3D&alr=yes&cpn=iOjEolB1TEyLt9tk&cver=1.20220329.01.00&range=0-65884&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401c:14::b , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
dd60525df1ab7d6b8bc7a617dd1219d316b8ca2acf0d3558fbe1486fbf2eae7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:57 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1021
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21299
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Thu, 31 Mar 2022 05:37:57 GMT
endscreen.js
www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/ Frame D786
26 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c4ac379a4fd8582c3e0d8555396dfb1de53fdc9c8d2e0c6c4225744c5b1fa85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:55:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
49320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7259
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 00:29:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 Mar 2023 15:55:57 GMT
annotations_module.js
www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/ Frame D786
68 KB
20 KB
Script
General
Full URL
https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/annotations_module.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be53a3440980c005a7ad1c2f0b019fb36a3b60229f2634a0ff2b13d8c117121a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:58:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
49177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20176
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 00:29:08 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 Mar 2023 15:58:20 GMT
next
www.youtube.com/youtubei/v1/ Frame D786
29 KB
5 KB
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
73f4827aa27c09bb61619ab2d7b364295993aaa731e92ece5f48e9ea636ff043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20220329.01.00
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
X-Goog-Visitor-Id
CgtMdGdXcDlxZENUWSi0_JSSBg%3D%3D
Content-Type
application/json

Response headers

date
Thu, 31 Mar 2022 05:37:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4861
x-xss-protection
0
expires
Thu, 31 Mar 2022 05:37:57 GMT
featured_channel.jpg
i.ytimg.com/an/fi_UinGlQYldPLv5hxQQfw/ Frame D786
4 KB
4 KB
Image
General
Full URL
https://i.ytimg.com/an/fi_UinGlQYldPLv5hxQQfw/featured_channel.jpg?v=60de2b29
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e235019cf3d899c242fb0065c20ffdb2027b18d2f9ca58ff9025749e3273be94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:57 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3812
x-xss-protection
0
server
sffe
etag
"1625172777"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 31 Mar 2022 07:37:57 GMT
videoplayback
rr2---sn-5hnedn7e.googlevideo.com/ Frame D786
86 KB
86 KB
XHR
General
Full URL
https://rr2---sn-5hnedn7e.googlevideo.com/videoplayback?expire=1648726676&ei=ND5FYv-HOLvNx_APw_6ToAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A9e&id=o-AAgG9zauN54j8GgZVgTNxgvrTbGECeLD2MdlNYf93DeM&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Ix&mm=31%2C29&mn=sn-5hnedn7e%2Csn-5hne6nz6&ms=au%2Crdu&mv=u&mvi=5&pl=48&spc=4ocVC-TBmQiFuS_REWDq0zLAF9X2&vprv=1&mime=video%2Fwebm&ns=QLCpS1sO0AmZqIGyCH_ikckG&gir=yes&clen=1682310&dur=46.379&lmt=1647898114355367&mt=1648704148&fvip=3&keepalive=yes&fexp=24001373,24007246,24162928&c=WEB_EMBEDDED_PLAYER&txp=5310224&n=w0qnDRn21ruR5Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAInL0h9cvwLf02MK_GOjv0PX3RrYp9Fdo2LHPlX0rmZzAiEA7p0KzZQYyPfhp1aJcfjy7Xcaw25g6XlWf1bocyyPJEg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAO5QwVUGFGvGy4E70JmnVEX4MEQYJW5C1nRgjgpmk2n0AiEA4B-A2EUBMcOhMXyfSp4wZkXGTFlbiC00bHPAypPdIAg%3D&alr=yes&cpn=iOjEolB1TEyLt9tk&cver=1.20220329.01.00&ir=1,&rr=12,&range=0-88104&rn=3&rbuf=0&altitags=242%2C278
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401c:14::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
2717128ea0c903290c889ff5396b84e8cd7ff0e8353d376c768e4e349b513f82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:57 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88105
client-protocol
quic
last-modified
Mon, 21 Mar 2022 21:28:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Thu, 31 Mar 2022 05:37:57 GMT
videoplayback
rr2---sn-5hnedn7e.googlevideo.com/ Frame D786
64 KB
64 KB
XHR
General
Full URL
https://rr2---sn-5hnedn7e.googlevideo.com/videoplayback?expire=1648726676&ei=ND5FYv-HOLvNx_APw_6ToAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A9e&id=o-AAgG9zauN54j8GgZVgTNxgvrTbGECeLD2MdlNYf93DeM&itag=251&source=youtube&requiressl=yes&mh=Ix&mm=31%2C29&mn=sn-5hnedn7e%2Csn-5hne6nz6&ms=au%2Crdu&mv=u&mvi=5&pl=48&spc=4ocVC-TBmQiFuS_REWDq0zLAF9X2&vprv=1&mime=audio%2Fwebm&ns=QLCpS1sO0AmZqIGyCH_ikckG&gir=yes&clen=743805&dur=46.401&lmt=1647898108476911&mt=1648704148&fvip=3&keepalive=yes&fexp=24001373,24007246,24162928&c=WEB_EMBEDDED_PLAYER&txp=5310224&n=w0qnDRn21ruR5Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKoSxLUQjuq-wv403uDPYvtYbO64-439jq50QBlofB_vAiB7GG7fljqc8LlW4GXFYDGqpZQWthqtKghH3ktaYgZ_uQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAO5QwVUGFGvGy4E70JmnVEX4MEQYJW5C1nRgjgpmk2n0AiEA4B-A2EUBMcOhMXyfSp4wZkXGTFlbiC00bHPAypPdIAg%3D&alr=yes&cpn=iOjEolB1TEyLt9tk&cver=1.20220329.01.00&ir=1,&rr=12,&range=0-65884&rn=4&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401c:14::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
b7cffc4bb78e9653ad4be64b9ad8c9f90172b5602c6da6b2764843bb91757f52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:57 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65885
client-protocol
quic
last-modified
Mon, 21 Mar 2022 21:28:28 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 31 Mar 2022 05:37:57 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 31 Mar 2022 05:37:57 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D786
98 B
142 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98c831a4d1064e5d4528b9fe83a0f4ae64a2d3e56075f26247ad2f5d6af61fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 31 Mar 2022 05:37:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=cfd5ce174b3e0000333e4562a70000004e6d0501&session=89809488-f808-460f-8efe-fef847eb2684&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A37%3A57%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A37%3A56%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22%20%5B%20I%20just%20registered%20for%20%23PurpleHatsConf!%20Check%20out%20AttackIQ%E2%80%99s%20Purple%20Hats%20Conference%2C%20a%20virtual%20event%20that%20provides%20access%20to%20globally%20recognized%20experts%2C%20technical%20content%2C%20and%20innovative%20techniques%20for%20improving%20your%20%23cybersecurity%20posture%20and%20building%20a%20stronger%2C%20more%20collaborative%20team.%20Get%20the%20details%3A%20https%3A%2F%2Fwww.purplehats.org%2F2022%20%5D%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Purple%20Hats%20Conference%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.purplehats.org%2F2022%2F1886986%3Fref%3Dsales&pageViewId=ac3274f0-81ef-405d-8bc1-576fc41d5879&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:57 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Sat, 05 Jun 2021 07:56:05 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"60bb2e15-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
videoplayback
rr2---sn-5hnedn7e.googlevideo.com/ Frame D786
82 KB
82 KB
XHR
General
Full URL
https://rr2---sn-5hnedn7e.googlevideo.com/videoplayback?expire=1648726676&ei=ND5FYv-HOLvNx_APw_6ToAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A9e&id=o-AAgG9zauN54j8GgZVgTNxgvrTbGECeLD2MdlNYf93DeM&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Ix&mm=31%2C29&mn=sn-5hnedn7e%2Csn-5hne6nz6&ms=au%2Crdu&mv=u&mvi=5&pl=48&spc=4ocVC-TBmQiFuS_REWDq0zLAF9X2&vprv=1&mime=video%2Fwebm&ns=QLCpS1sO0AmZqIGyCH_ikckG&gir=yes&clen=1682310&dur=46.379&lmt=1647898114355367&mt=1648704148&fvip=3&keepalive=yes&fexp=24001373,24007246,24162928&c=WEB_EMBEDDED_PLAYER&txp=5310224&n=w0qnDRn21ruR5Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAInL0h9cvwLf02MK_GOjv0PX3RrYp9Fdo2LHPlX0rmZzAiEA7p0KzZQYyPfhp1aJcfjy7Xcaw25g6XlWf1bocyyPJEg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAO5QwVUGFGvGy4E70JmnVEX4MEQYJW5C1nRgjgpmk2n0AiEA4B-A2EUBMcOhMXyfSp4wZkXGTFlbiC00bHPAypPdIAg%3D&alr=yes&cpn=iOjEolB1TEyLt9tk&cver=1.20220329.01.00&ir=1,&rr=12,&range=88105-172225&rn=5&rbuf=2726&pot=GpsBCm5mHMAlBy2G3MbLzfJ_7czvhsMA91tbA6LtLBX41me4V_0SHU97mB-0gUqizDbLm_VGCzo4siTT70mWA352E0WRuiioE07Of_hgTF9BPVqEBs3dUAD4iFAeTG-gLqP6Jv2nR3McS7n00s230l1vxRIpATwYQQ6L3XQc_N3TFCSjWEFlzJji72yteNektkKuP91s5sqMY7mkIIY=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401c:14::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9e5af92759bf20e68ff32761865040e68c4c968cb3f63bcefe0091d94198a55d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:57 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84121
client-protocol
quic
last-modified
Mon, 21 Mar 2022 21:28:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Thu, 31 Mar 2022 05:37:57 GMT
videoplayback
rr2---sn-5hnedn7e.googlevideo.com/ Frame D786
64 KB
64 KB
XHR
General
Full URL
https://rr2---sn-5hnedn7e.googlevideo.com/videoplayback?expire=1648726676&ei=ND5FYv-HOLvNx_APw_6ToAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A9e&id=o-AAgG9zauN54j8GgZVgTNxgvrTbGECeLD2MdlNYf93DeM&itag=251&source=youtube&requiressl=yes&mh=Ix&mm=31%2C29&mn=sn-5hnedn7e%2Csn-5hne6nz6&ms=au%2Crdu&mv=u&mvi=5&pl=48&spc=4ocVC-TBmQiFuS_REWDq0zLAF9X2&vprv=1&mime=audio%2Fwebm&ns=QLCpS1sO0AmZqIGyCH_ikckG&gir=yes&clen=743805&dur=46.401&lmt=1647898108476911&mt=1648704148&fvip=3&keepalive=yes&fexp=24001373,24007246,24162928&c=WEB_EMBEDDED_PLAYER&txp=5310224&n=w0qnDRn21ruR5Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKoSxLUQjuq-wv403uDPYvtYbO64-439jq50QBlofB_vAiB7GG7fljqc8LlW4GXFYDGqpZQWthqtKghH3ktaYgZ_uQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAO5QwVUGFGvGy4E70JmnVEX4MEQYJW5C1nRgjgpmk2n0AiEA4B-A2EUBMcOhMXyfSp4wZkXGTFlbiC00bHPAypPdIAg%3D&alr=yes&cpn=iOjEolB1TEyLt9tk&cver=1.20220329.01.00&ir=1,&rr=12,&range=65885-131560&rn=6&rbuf=4017&pot=GpsBCm5mHMAlBy2G3MbLzfJ_7czvhsMA91tbA6LtLBX41me4V_0SHU97mB-0gUqizDbLm_VGCzo4siTT70mWA352E0WRuiioE07Of_hgTF9BPVqEBs3dUAD4iFAeTG-gLqP6Jv2nR3McS7n00s230l1vxRIpATwYQQ6L3XQc_N3TFCSjWEFlzJji72yteNektkKuP91s5sqMY7mkIIY=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401c:14::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
4e4728b320f0506f76e982fe19a4c70b45896bd32a36348ca8734a4b4c339218
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:57 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65676
client-protocol
quic
last-modified
Mon, 21 Mar 2022 21:28:28 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 31 Mar 2022 05:37:57 GMT
videoplayback
rr2---sn-5hnedn7e.googlevideo.com/ Frame D786
210 KB
210 KB
XHR
General
Full URL
https://rr2---sn-5hnedn7e.googlevideo.com/videoplayback?expire=1648726676&ei=ND5FYv-HOLvNx_APw_6ToAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A9e&id=o-AAgG9zauN54j8GgZVgTNxgvrTbGECeLD2MdlNYf93DeM&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Ix&mm=31%2C29&mn=sn-5hnedn7e%2Csn-5hne6nz6&ms=au%2Crdu&mv=u&mvi=5&pl=48&spc=4ocVC-TBmQiFuS_REWDq0zLAF9X2&vprv=1&mime=video%2Fwebm&ns=QLCpS1sO0AmZqIGyCH_ikckG&gir=yes&clen=1682310&dur=46.379&lmt=1647898114355367&mt=1648704148&fvip=3&keepalive=yes&fexp=24001373,24007246,24162928&c=WEB_EMBEDDED_PLAYER&txp=5310224&n=w0qnDRn21ruR5Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAInL0h9cvwLf02MK_GOjv0PX3RrYp9Fdo2LHPlX0rmZzAiEA7p0KzZQYyPfhp1aJcfjy7Xcaw25g6XlWf1bocyyPJEg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAO5QwVUGFGvGy4E70JmnVEX4MEQYJW5C1nRgjgpmk2n0AiEA4B-A2EUBMcOhMXyfSp4wZkXGTFlbiC00bHPAypPdIAg%3D&alr=yes&cpn=iOjEolB1TEyLt9tk&cver=1.20220329.01.00&ir=1,&rr=12,&range=172226-387414&rn=7&rbuf=5339&pot=GpsBCm5mHMAlBy2G3MbLzfJ_7czvhsMA91tbA6LtLBX41me4V_0SHU97mB-0gUqizDbLm_VGCzo4siTT70mWA352E0WRuiioE07Of_hgTF9BPVqEBs3dUAD4iFAeTG-gLqP6Jv2nR3McS7n00s230l1vxRIpATwYQQ6L3XQc_N3TFCSjWEFlzJji72yteNektkKuP91s5sqMY7mkIIY=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401c:14::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
77ad863dd3888ad0f60f92b772b9cf546bed19b764650057d40fa074d33bf5f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:57 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
215189
client-protocol
quic
last-modified
Mon, 21 Mar 2022 21:28:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Thu, 31 Mar 2022 05:37:57 GMT
videoplayback
rr2---sn-5hnedn7e.googlevideo.com/ Frame D786
128 KB
128 KB
XHR
General
Full URL
https://rr2---sn-5hnedn7e.googlevideo.com/videoplayback?expire=1648726676&ei=ND5FYv-HOLvNx_APw_6ToAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A9e&id=o-AAgG9zauN54j8GgZVgTNxgvrTbGECeLD2MdlNYf93DeM&itag=251&source=youtube&requiressl=yes&mh=Ix&mm=31%2C29&mn=sn-5hnedn7e%2Csn-5hne6nz6&ms=au%2Crdu&mv=u&mvi=5&pl=48&spc=4ocVC-TBmQiFuS_REWDq0zLAF9X2&vprv=1&mime=audio%2Fwebm&ns=QLCpS1sO0AmZqIGyCH_ikckG&gir=yes&clen=743805&dur=46.401&lmt=1647898108476911&mt=1648704148&fvip=3&keepalive=yes&fexp=24001373,24007246,24162928&c=WEB_EMBEDDED_PLAYER&txp=5310224&n=w0qnDRn21ruR5Q&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAKoSxLUQjuq-wv403uDPYvtYbO64-439jq50QBlofB_vAiB7GG7fljqc8LlW4GXFYDGqpZQWthqtKghH3ktaYgZ_uQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAO5QwVUGFGvGy4E70JmnVEX4MEQYJW5C1nRgjgpmk2n0AiEA4B-A2EUBMcOhMXyfSp4wZkXGTFlbiC00bHPAypPdIAg%3D&alr=yes&cpn=iOjEolB1TEyLt9tk&cver=1.20220329.01.00&ir=1,&rr=12,&range=131561-263052&rn=8&rbuf=8043&pot=GpsBCm5mHMAlBy2G3MbLzfJ_7czvhsMA91tbA6LtLBX41me4V_0SHU97mB-0gUqizDbLm_VGCzo4siTT70mWA352E0WRuiioE07Of_hgTF9BPVqEBs3dUAD4iFAeTG-gLqP6Jv2nR3McS7n00s230l1vxRIpATwYQQ6L3XQc_N3TFCSjWEFlzJji72yteNektkKuP91s5sqMY7mkIIY=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401c:14::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
496f7343501e69084ed7fdf614c0cac76f2dc9bafc57e078050b52c031456906
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:57 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131492
client-protocol
quic
last-modified
Mon, 21 Mar 2022 21:28:28 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 31 Mar 2022 05:37:57 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=cfd5ce174b3e0000333e4562a70000004e6d0501&session=89809488-f808-460f-8efe-fef847eb2684&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A37%3A58%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A37%3A57%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22%20%5B%20I%20just%20registered%20for%20%23PurpleHatsConf!%20Check%20out%20AttackIQ%E2%80%99s%20Purple%20Hats%20Conference%2C%20a%20virtual%20event%20that%20provides%20access%20to%20globally%20recognized%20experts%2C%20technical%20content%2C%20and%20innovative%20techniques%20for%20improving%20your%20%23cybersecurity%20posture%20and%20building%20a%20stronger%2C%20more%20collaborative%20team.%20Get%20the%20details%3A%20https%3A%2F%2Fwww.purplehats.org%2F2022%20%5D%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Purple%20Hats%20Conference%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.purplehats.org%2F2022%2F1886986%3Fref%3Dsales&pageViewId=ac3274f0-81ef-405d-8bc1-576fc41d5879&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:58 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
videoplayback
rr2---sn-5hnedn7e.googlevideo.com/ Frame D786
292 KB
292 KB
XHR
General
Full URL
https://rr2---sn-5hnedn7e.googlevideo.com/videoplayback?expire=1648726676&ei=ND5FYv-HOLvNx_APw_6ToAM&ip=2a03%3A1b20%3A6%3Af011%3A%3A9e&id=o-AAgG9zauN54j8GgZVgTNxgvrTbGECeLD2MdlNYf93DeM&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Ix&mm=31%2C29&mn=sn-5hnedn7e%2Csn-5hne6nz6&ms=au%2Crdu&mv=u&mvi=5&pl=48&spc=4ocVC-TBmQiFuS_REWDq0zLAF9X2&vprv=1&mime=video%2Fwebm&ns=QLCpS1sO0AmZqIGyCH_ikckG&gir=yes&clen=1682310&dur=46.379&lmt=1647898114355367&mt=1648704148&fvip=3&keepalive=yes&fexp=24001373,24007246,24162928&c=WEB_EMBEDDED_PLAYER&txp=5310224&n=w0qnDRn21ruR5Q&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAInL0h9cvwLf02MK_GOjv0PX3RrYp9Fdo2LHPlX0rmZzAiEA7p0KzZQYyPfhp1aJcfjy7Xcaw25g6XlWf1bocyyPJEg%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAO5QwVUGFGvGy4E70JmnVEX4MEQYJW5C1nRgjgpmk2n0AiEA4B-A2EUBMcOhMXyfSp4wZkXGTFlbiC00bHPAypPdIAg%3D&alr=yes&cpn=iOjEolB1TEyLt9tk&cver=1.20220329.01.00&ir=1,&rr=12,&range=387415-686431&rn=9&rbuf=10677&pot=GpsBCm5mHMAlBy2G3MbLzfJ_7czvhsMA91tbA6LtLBX41me4V_0SHU97mB-0gUqizDbLm_VGCzo4siTT70mWA352E0WRuiioE07Of_hgTF9BPVqEBs3dUAD4iFAeTG-gLqP6Jv2nR3McS7n00s230l1vxRIpATwYQQ6L3XQc_N3TFCSjWEFlzJji72yteNektkKuP91s5sqMY7mkIIY=
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401c:14::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
69c32b3bb2d2e1c5784eabb2bbceee2c04537e1799add027ffcf3dd03a917b85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:37:58 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
299017
client-protocol
quic
last-modified
Mon, 21 Mar 2022 21:28:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21298
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Thu, 31 Mar 2022 05:37:58 GMT
fa-solid-900.woff2
assets.swoogo.com/assets/b24dcce0/webfonts/
78 KB
79 KB
Font
General
Full URL
https://assets.swoogo.com/assets/b24dcce0/webfonts/fa-solid-900.woff2
Requested by
Host: assets.swoogo.com
URL: https://assets.swoogo.com/assets/b24dcce0/css/solid.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-51.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains

Request headers

Referer
https://assets.swoogo.com/assets/b24dcce0/css/solid.css
Origin
https://www.purplehats.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 12:58:05 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
age
59994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
80148
last-modified
Wed, 30 Mar 2022 12:58:01 GMT
server
AmazonS3
etag
"c500da19d776384ba69573ae6fe274e7"
strict-transport-security
max-age=10368000; includeSubDomains
access-control-allow-methods
GET
x-amz-version-id
E63ermFJc.yzwemechr3tOBs7bkZT9B7
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
paC16GR30w9ly8P52Q5ZBzeNrOwGcSy7jviMawgRtDhnsCkW-2vkMQ==
log_event
www.youtube.com/youtubei/v1/ Frame D786
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
X-YouTube-Client-Version
1.20220329.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtMdGdXcDlxZENUWSi0_JSSBg%3D%3D
X-YouTube-Ad-Signals
dt=1648705076739&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C463%2C260&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 31 Mar 2022 05:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 31 Mar 2022 05:37:59 GMT
playback
www.youtube.com/api/stats/ Frame D786
0
18 B
Image
General
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=iOjEolB1TEyLt9tk&ver=2&cmt=0.218&fmt=243&fs=0&rt=2.267&euri=https%3A%2F%2Fwww.purplehats.org%2F&lact=2384&cl=438113574&mos=1&volume=0&cbr=Chrome&cbrver=100.0.4896.60&c=WEB_EMBEDDED_PLAYER&cver=1.20220329.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=47&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24169726%2C24180015&rtn=4&afmt=251&size=463%3A260&inview=1&muted=1&docid=Boo35iJ9UFw&ei=ND5FYv-HOLvNx_APw_6ToAM&plid=AAXbfRBzZAvUOC4Q&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FBoo35iJ9UFw%3Fwmode%3Dtransparent%26controls%3D1%26enablejsapi%3D1%26playsinline%3D1%26origin%3Dhttps%253A%252F%252Fwww.purplehats.org%26loop%3D1%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdBcFVTalQ4VWdhSGV3MTRud2NBVkhvZGpiYklmN21qZ0dxc2lsNWRxeGd5Z2JWQVBta0tESnZwVm96Mm9rZ1FsWEtZYW85aVFPQVFCVkVrX245Y2xtdkJFWWlBSnR6QjhwWTNxaEFnZ0wwajhDU0VCLXNjMzhYYjdWWEFNbl9peXlqY0E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 05:37:59 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame D786
0
20 B
Image
General
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=Boo35iJ9UFw&cpn=iOjEolB1TEyLt9tk&ei=ND5FYv-HOLvNx_APw_6ToAM&ptk=youtube_none&pltype=contentugc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 05:37:59 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/962985656/ Frame D786
Redirect Chain
  • https://www.youtube.com/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220329&foc_id=fi_UinGlQYldPLv5hxQQfw&label=followon_view&ptype=no_rmkt&random=861171294
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220329&foc_id=fi_UinGlQYldPLv5hxQQfw&label=followon_view&ptype=no_rmkt&random=861171294...
  • https://www.google.com/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220329&label=followon_view&ptype=no_rmkt&random=861171294&is_vtc=0&random=350430805
  • https://www.google.de/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220329&label=followon_view&ptype=no_rmkt&random=861171294&is_vtc=0&random=350430805&ipr=y
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220329&label=followon_view&ptype=no_rmkt&random=861171294&is_vtc=0&random=350430805&ipr=y
Protocol
H2
Server
2a00:1450:4001:801::2003 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 05:37:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 05:37:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/962985656/?backend=innertube&cname=56&cver=20220329&label=followon_view&ptype=no_rmkt&random=861171294&is_vtc=0&random=350430805&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=cfd5ce174b3e0000333e4562a70000004e6d0501&session=89809488-f808-460f-8efe-fef847eb2684&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A37%3A59%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A37%3A58%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22%20%5B%20I%20just%20registered%20for%20%23PurpleHatsConf!%20Check%20out%20AttackIQ%E2%80%99s%20Purple%20Hats%20Conference%2C%20a%20virtual%20event%20that%20provides%20access%20to%20globally%20recognized%20experts%2C%20technical%20content%2C%20and%20innovative%20techniques%20for%20improving%20your%20%23cybersecurity%20posture%20and%20building%20a%20stronger%2C%20more%20collaborative%20team.%20Get%20the%20details%3A%20https%3A%2F%2Fwww.purplehats.org%2F2022%20%5D%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Purple%20Hats%20Conference%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.purplehats.org%2F2022%2F1886986%3Fref%3Dsales&pageViewId=ac3274f0-81ef-405d-8bc1-576fc41d5879&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:37:59 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame D786
28 B
57 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/1d26561d/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
X-YouTube-Client-Version
1.20220329.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtMdGdXcDlxZENUWSi0_JSSBg%3D%3D
X-YouTube-Ad-Signals
dt=1648705076651&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C463%2C260&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 31 Mar 2022 05:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 31 Mar 2022 05:37:59 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=cfd5ce174b3e0000333e4562a70000004e6d0501&session=89809488-f808-460f-8efe-fef847eb2684&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A38%3A00%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A37%3A59%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225007%22%7D&isIframe=false&m=%7B%22description%22%3A%22%20%5B%20I%20just%20registered%20for%20%23PurpleHatsConf!%20Check%20out%20AttackIQ%E2%80%99s%20Purple%20Hats%20Conference%2C%20a%20virtual%20event%20that%20provides%20access%20to%20globally%20recognized%20experts%2C%20technical%20content%2C%20and%20innovative%20techniques%20for%20improving%20your%20%23cybersecurity%20posture%20and%20building%20a%20stronger%2C%20more%20collaborative%20team.%20Get%20the%20details%3A%20https%3A%2F%2Fwww.purplehats.org%2F2022%20%5D%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Purple%20Hats%20Conference%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.purplehats.org%2F2022%2F1886986%3Fref%3Dsales&pageViewId=ac3274f0-81ef-405d-8bc1-576fc41d5879&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:38:00 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Fri, 21 Feb 2020 18:57:20 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5e502810-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT
watchtime
www.youtube.com/api/stats/ Frame D786
0
20 B
Image
General
Full URL
https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=iOjEolB1TEyLt9tk&ver=2&cmt=1.953&fmt=243&fs=0&rt=4.001&euri=https%3A%2F%2Fwww.purplehats.org%2F&lact=4118&cl=438113574&state=playing&volume=0%2C0&cbr=Chrome&cbrver=100.0.4896.60&c=WEB_EMBEDDED_PLAYER&cver=1.20220329.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=DE&len=47&rtn=14&afmt=251&idpj=-9&ldpj=-33&rti=4&size=463%3A260&inview=0&st=0%2C0.319&et=0.218%2C1.953&muted=1%2C1&docid=Boo35iJ9UFw&ei=ND5FYv-HOLvNx_APw_6ToAM&plid=AAXbfRBzZAvUOC4Q&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FBoo35iJ9UFw%3Fwmode%3Dtransparent%26controls%3D1%26enablejsapi%3D1%26playsinline%3D1%26origin%3Dhttps%253A%252F%252Fwww.purplehats.org%26loop%3D1%26widgetid%3D1&of=-_xhI4eL4MjOL53E0nwGhA&vm=CAEQABgEOjJBS1JhaHdBcFVTalQ4VWdhSGV3MTRud2NBVkhvZGpiYklmN21qZ0dxc2lsNWRxeGd5Z2JWQVBta0tESnZwVm96Mm9rZ1FsWEtZYW85aVFPQVFCVkVrX245Y2xtdkJFWWlBSnR6QjhwWTNxaEFnZ0wwajhDU0VCLXNjMzhYYjdWWEFNbl9peXlqY0E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/Boo35iJ9UFw?wmode=transparent&controls=1&enablejsapi=1&playsinline=1&origin=https%3A%2F%2Fwww.purplehats.org&loop=1&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 05:38:00 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
774 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=fa8937fd4032c8e3c2a2ce1d4dadc7af&svisitor=cfd5ce174b3e0000333e4562a70000004e6d0501&session=89809488-f808-460f-8efe-fef847eb2684&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A38%3A01%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2031%20Mar%202022%2005%3A38%3A00%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226008%22%7D&isIframe=false&m=%7B%22description%22%3A%22%20%5B%20I%20just%20registered%20for%20%23PurpleHatsConf!%20Check%20out%20AttackIQ%E2%80%99s%20Purple%20Hats%20Conference%2C%20a%20virtual%20event%20that%20provides%20access%20to%20globally%20recognized%20experts%2C%20technical%20content%2C%20and%20innovative%20techniques%20for%20improving%20your%20%23cybersecurity%20posture%20and%20building%20a%20stronger%2C%20more%20collaborative%20team.%20Get%20the%20details%3A%20https%3A%2F%2Fwww.purplehats.org%2F2022%20%5D%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Purple%20Hats%20Conference%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.purplehats.org%2F2022%2F1886986%3Fref%3Dsales&pageViewId=ac3274f0-81ef-405d-8bc1-576fc41d5879&an_uid=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-162.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.purplehats.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 05:38:01 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
43
Pragma
no-cache
Last-Modified
Tue, 05 Oct 2021 22:17:52 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"615ccf10-2b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| __require string| registrantUpdateUrl object| dataLayer function| gtag function| handleTopNavAnimation object| jQuery1124020556620269499448 function| matomoMediaAnalyticsAsyncInit object| yii object| EventScripts object| RegistrantInlineUpdates function| _ object| _6si string| swoogoUrl object| _paq function| matomoPt function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker object| google_tag_manager object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

13 Cookies

Domain/Path Name / Value
www.purplehats.org/ Name: PHPSESSID
Value: 87f6ed298783e83f0cfc420c2c7a7c47
www.purplehats.org/ Name: _csrf
Value: 72c008243b11d4c93168622fb6d99f650d1b9e57d7e497474c31be7584b6ce46a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%222uefKJSNEa49RspOEVLlnKRvi1KrukwE%22%3B%7D
.purplehats.org/ Name: _mkto_trk
Value: id:041-FSQ-281&token:_mch-purplehats.org-1648705075162-63811
.6sc.co/ Name: 6suuid
Value: cfd5ce174b3e0000333e4562a70000004e6d0501
www.purplehats.org/ Name: _gd_svisitor
Value: cfd5ce174b3e0000333e4562a70000004e6d0501
www.purplehats.org/ Name: _an_uid
Value: 0
www.purplehats.org/ Name: _gd_visitor
Value: d7fc7910-1685-4dd8-8ac4-81cfafb03c33
www.purplehats.org/ Name: _gd_session
Value: 89809488-f808-460f-8efe-fef847eb2684
www.purplehats.org/ Name: _pk_id.10306.c7c4
Value: ab98d48eeb3d24be.1648705075.
www.purplehats.org/ Name: _pk_ses.10306.c7c4
Value: 1
.youtube.com/ Name: YSC
Value: 9Sj1014XTug
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: LtgWp9qdCTY
.nr-data.net/ Name: JSESSIONID
Value: c694d5a0cd29d160

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.swoogo.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

041-fsq-281.mktoresp.com
analytics.swoogo.com
app.salesloft.com
assets.swoogo.com
b.6sc.co
bam.eu01.nr-data.net
c.6sc.co
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
j.6sc.co
jnn-pa.googleapis.com
js-agent.newrelic.com
munchkin.marketo.net
rr2---sn-5hnedn7e.googlevideo.com
rr5---sn-5hnedn7e.googlevideo.com
secure.adnxs.com
static.doubleclick.net
tracking.attackiq.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.purplehats.org
www.youtube.com
yt3.ggpht.com
104.111.234.67
108.128.132.86
143.204.98.51
151.101.2.137
185.221.87.8
192.28.144.124
2001:4de0:ac18::1:a:1b
2a00:1450:4001:800::2008
2a00:1450:4001:801::2003
2a00:1450:4001:802::2016
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:827::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200a
2a00:1450:401c:14::8
2a00:1450:401c:14::b
35.157.115.29
37.252.173.215
52.213.47.89
54.237.197.50
96.16.137.162
04aab5a78da6103b0a750a8c8e92eb7120d9401d7e73f39e06ecb0e6e0ec8a7d
0afd76d92df383af11d99ebcfb2505d01533473f174afe80a95106d81502ecae
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1441847dfad3fb14745c9558f0fe3d4faef872e82c5c9a42353a20ad9c86816d
1471a81caab3649c381e4da8e43cc47d38a46a99ff582c5760599ed26e56910a
1781fc6a2ceda23e712df9e2d62d4c05a3003e8c31bd7b0f012f81c06af1b90f
1a8e7108949ee83e8eeadd9cd0ed0f98bd8870f2afa75c26ccdc9e795fb58e30
1e7a69def4ac0576b07ae8db6105f4c8fc446365677ead77cbf460d99097fcd8
22b934ffa17ebd7ebe7ae8175fa445fc586ddc0febc3592ee29c4e7c28108dcf
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2717128ea0c903290c889ff5396b84e8cd7ff0e8353d376c768e4e349b513f82
2c4ac379a4fd8582c3e0d8555396dfb1de53fdc9c8d2e0c6c4225744c5b1fa85
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31c9b6d0730bffcc43f80e3ad15023d9c43852ac5db962fcee445ca4c319e916
323df35b2db77c08c86873f76dc26e4921b8119ed07dbfdadabe368321281e5d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
444debb5933405d88d50dcec3fba08a4a243a7fc86b598e5ef1067e1f1a884b5
474bc01b816fe1be01c353b85553534a24263993910100ec439ae2b8c5b0ee1b
48671d5e657e79430ef378563c1b0c1095cc35739b31b29de3c3fafcb1d16e61
496f7343501e69084ed7fdf614c0cac76f2dc9bafc57e078050b52c031456906
49818eb6e8fc8bc50a311235d1a35c3ecce3ae83e68a797e19dda9c1ec8263da
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4e4728b320f0506f76e982fe19a4c70b45896bd32a36348ca8734a4b4c339218
51c77586201df2f52721fa5ded6b091f201aa2227b663903c2a3522d90dd8476
51f5dabe4b735235222884fcb1dcfb76d5f34b00993cc075d4f206abaf778d4a
52b3dbcab4deee35efea7242d1db50ef0e601db61ff7de15bfd6b91893840b90
53470daec64c57eec6c76a19ea16c564befd0ded7fb0a55c72457e2f613325eb
55423546115f8b885bb7eda8541951b882ca0461fef56d90912f0a043c1a162b
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
558e57b950db14118dc8fae13f0392826ec280006a0de50ae8768f7836669adc
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a7bad30413284d0726b27dfe27b7674760c086d3a8486c6483bb0ea156fbebb
5bfea356d814656de562efbbc5a881e4a3df33dbfdd739d9869f749a7b029ecc
5c447a7b66fdc0719190c468e707f259cd0252ed92cbd3a9f74c2f710de260f8
5d6fcc49f0d1e0b04ac7ac2561cc91ce6ad72f242f81b3b9bd3ae30cf045b935
5ef889a83c52a2b5760c9613d699f81044475da8de2dbd3b29020f959d31e78e
5fae23379fab243ff72affe4dba671939a3ce4ca48b6cc22d19848246cd2f23a
65297c4942f001eb0202e75ae76c4ee78351076bb7fa43c1f2b95ae5641d442c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69c32b3bb2d2e1c5784eabb2bbceee2c04537e1799add027ffcf3dd03a917b85
6b721e3f12a4e9efd2b5acf2f554c9500d0c1d055441b8432a6059173a4f1a7c
707195cfa915801604801e3c06d2a7cbb158405244e951440cb4a134ea8e3cb9
73f4827aa27c09bb61619ab2d7b364295993aaa731e92ece5f48e9ea636ff043
7485cde099ad9f6a8e35311c26f1038007eac35ac8c8ff4639cf2bf528b51e17
756421cc354ab978e42282704f697a85672375564dafe44aa8bfee804f0b044c
76271c219e0f6737aa77fcaa966949f937ae672f70c87c4ed3aa6d90c1eb987e
77ad863dd3888ad0f60f92b772b9cf546bed19b764650057d40fa074d33bf5f2
7aa1f8ef655b51c2b76627c6bff3ef4285432d10d8f80ffdea24d2d60638410d
8592216985573a4b9826a3e790ab18d1af0f3bf2ef82c3e2a88d16c75170dc30
8899ea98437beaf1f306f36c3393c837c26af49d9d1b5241adc837862105944f
8b6ff148b1f52caeac2fbe88064ec6943e61e5f904c36e616d7cbf928ab4de49
8c1f806310322c848c4c996ca568a03b3b16cf9487cbccf09aef3cf17e2c643d
8d599cf0e5542624f0cf04477580183797bf185d07cfa16456fff60249b5b5bd
8e7e3b4c83abe69b47adf289cd921f8fef5ce2b253037bbc52bcd977de0ee106
906fe4e561f73b867384c6112552d84cfa411aac913b2a14c80e58da7bd5287e
9265508b25c24828adfd406d749290206c8502d43fc24406957e9084777f8fd9
956070bff75b9a6ccac9b189ab9bb32ce2e9acc00976c465b8bb56498a7a13eb
9590acf14b18361e545caab9ebf695bdc6a35a2ead2e555fbbf5da00d188570e
98b3de613d3da9f56b58c810192d9399b9f06da61aa2cc3f277eb17ebb30d06f
98c831a4d1064e5d4528b9fe83a0f4ae64a2d3e56075f26247ad2f5d6af61fee
994cfb2453f3247cbca5049edd3f7ed81300b54e5addac2f8bb91f72ed952058
9973b8703454beb5c6b7801c00ee4965f7b7f5845001fd36da12740a19278331
9a1ae5a2446212a499c40efef0f2af061b19798d5551599def4a5897a8c50c22
9dc9da1456a9d1b563961d8d5e730e05318391e4e9f17a651f2d6636d0d83781
9e5af92759bf20e68ff32761865040e68c4c968cb3f63bcefe0091d94198a55d
a0ad4399164c36c2110cb392e378ceb14216124fcba0e5a449631c6a1515b0d0
a22bb1f9e2f7b93dc28fe17ca5ca885f10432e6c635aeaca29a2ea66d9d337e5
a4bb4d3b951b7fb70c5d9c8d6add583463b7c6f3d8eea943234532adaac5c697
a8c6ae53a1ddf8cb7493b42cc87ea8b841139522cf705c4178aaeb14d360ab37
abb86b522ccf299a1161e11fdc9c42fc2a51febad7643b2e26fc7e26d42b27ec
acbe8bb374e102d56ad57e2ccd2a48065c361aea1251465016f2c3489680dd86
afb79be67eddcef3307f711a2f7b7acdf14f1b37c24ce4a7f966ca47c33dcbe8
b0b082b526b1179517c27cac5df5ba1ff83f08f4c4484351437c325a66eb3779
b1a8fe66a6f5ebe0713479f99bf1029eebe90b8cf79552b7662b1dfca1100d49
b7cffc4bb78e9653ad4be64b9ad8c9f90172b5602c6da6b2764843bb91757f52
bab86fbd31010971d7243c4cf9c7cb6773bab3dda4517c588b96f8482c1424e0
be53a3440980c005a7ad1c2f0b019fb36a3b60229f2634a0ff2b13d8c117121a
bf6aa5383f6f0552f365607a330665077f9bc0d52681318919a5a3a510040187
c0a2e1755c774f1f301ff3b5206ce2545886cb3cca18ecfa7bdcbbe3d1cf8fb5
c13f05d3b6e477d1a4f306880484625f16821353ca252a39566a830c6fb2931d
c206f7df00427ea7fcb3f29da32162c1f19e2fa6ded9972e5a9ef4c1e6caae6e
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c71b83d5c714f245500548cae7b7ba3e1d95d319ea9a5765dec6bf086de5a614
cbf337bda1aeaa58f8febcc5c51bbb69653767b742eda89e27806c5ee0fcbf4d
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d41d354912c972f8d8929be4e61d2fb23d25e71a7835fb2476ebd68ed9a3a318
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db3836e001a14f350bc357f14daf5ee8e210a25446d8ad42c8dc8e985047115a
dc81173caf406366a50f5ab3c4a281d6e626a4d83a03f360fdde50613561cf32
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
dd60525df1ab7d6b8bc7a617dd1219d316b8ca2acf0d3558fbe1486fbf2eae7c
e235019cf3d899c242fb0065c20ffdb2027b18d2f9ca58ff9025749e3273be94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c4de956709d8fad077c3b92c016ffa7a953069b12aab25c30055a6d8c6b4a1
e7231474216289e9f5a8e370977c77604a2295c0b29e3aeb653437a7422a405a
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e92a55b56f20bc0d8ab01db1a472bd8fa705079f9fb39dd8999442f15ec34180
ea450bc0ae18c708f6872d555cc4fec2a552ca347f67d620ee6cf7587ce9588d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee4cf6b7d891f8123889b9a923d166368abf8bd7a2c23f14ed0b0c61e70645c3
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bc3c879afb512e3d7c0d7f1ef82b149e74522978a5fb22c3a5ca073e3ccfab
fb688777dc4f7be201b792c42c3dcef1b22eabc1ceeb607f9b3ca7b24bc0e578
ff58254ef9d37324a7918344de116b79d2865fb1764fda1eac443d9392ed2f96