blog.blazeinfosec.com Open in urlscan Pro
2606:4700:20::681a:8f5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
Submission: On April 01 via manual (April 1st 2021, 11:51:37 am UTC) from GB

Summary HTTP 90 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 90 HTTP transactions. The main IP is 2606:4700:20::681a:8f5, located in United States and belongs to CLOUDFLARENET, US. The main domain is blog.blazeinfosec.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2020. Valid for: a year.

This is the only time blog.blazeinfosec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2606:4700:20:... 2606:4700:20::681a:8f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:1400:1f:f723:6fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2 8	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
90	16

33 2606:4700:20::681a:8f5 (United States)

ASN13335 (CLOUDFLARENET, US)

blog.blazeinfosec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:1400:1f:f723:6fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f106:83:face:b00c:0:25de (United States) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	blazeinfosec.com blog.blazeinfosec.com	12 MB
28	youtube.com www.youtube.com	4 MB
8	facebook.com 2 redirects www.facebook.com	172 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net static.doubleclick.net	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	65 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	ytimg.com i.ytimg.com	51 KB
2	ggpht.com yt3.ggpht.com	6 KB
2	google.com www.google.com	25 KB
2	facebook.net connect.facebook.net	62 KB
1	lfeeder.com sc.lfeeder.com	7 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
90	12

	Domain	Requested by
33	blog.blazeinfosec.com	blog.blazeinfosec.com
28	www.youtube.com	blog.blazeinfosec.com www.youtube.com sc.lfeeder.com
8	www.facebook.com	2 redirects connect.facebook.net www.facebook.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
4	fonts.gstatic.com	www.youtube.com
3	www.google-analytics.com	blog.blazeinfosec.com www.google-analytics.com
2	www.gstatic.com	www.youtube.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	www.google.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	connect.facebook.net	blog.blazeinfosec.com connect.facebook.net
1	sc.lfeeder.com	blog.blazeinfosec.com
1	www.googletagmanager.com	blog.blazeinfosec.com
90	14

This site contains links to these domains. Also see Links.

Domain
www.unicode.org
www.xudongz.com
www.apple.com
www.xn--80ak6aa92e.com
www.ietf.org
www.blazeinfosec.com
www.xn--blzeinfosec-zij.com
github.com
bugzilla.mozilla.org
labs.spotify.com
www.phish.ai
urlscan.io
xlab.tencent.com
www.chromium.org
wiki.mozilla.org
www.xn--80aa0cbo65f.com
www.paypal.com
trac.torproject.org
citizenlab.ca
www.facebook.com
www.linkedin.com
www.twitter.com
facebook.com
linkedin.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.lfeeder.com Amazon	`2020-09-04` - `2021-10-06`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
Frame ID: 2C5C2C4E7046A29EEF478B8A003E3B0D
Requests: 40 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com
Frame ID: 4C82F032632BFFB2E3C6191E29BA1CC6
Requests: 23 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
Frame ID: 09220A2CC1F98190AE2E08378290453D
Requests: 23 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550
Frame ID: 8432531D891A491164A52E66858DE6D4
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

90
Requests

100 %
HTTPS

100 %
IPv6

12
Domains

14
Subdomains

16
IPs

2
Countries

16729 kB
Transfer

20639 kB
Size

7
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.unicode.org/Public/security/latest/confusables.txt
Title: Unicode has a document

Search URL Search Domain Scan URL

URL: https://www.xudongz.com/blog/2017/idn-phishing
Title: example put together

Search URL Search Domain Scan URL

URL: https://www.apple.com/
Title: https://www.apple.com

Search URL Search Domain Scan URL

URL: https://www.xn--80ak6aa92e.com/
Title: https://www.аррӏе.com

Search URL Search Domain Scan URL

URL: https://www.ietf.org/rfc/rfc3492.txt
Title: Punycode

Search URL Search Domain Scan URL

URL: https://www.blazeinfosec.com/
Title: https://www.blazeinfosec.com

Search URL Search Domain Scan URL

URL: https://www.xn--blzeinfosec-zij.com/
Title: https://www.blаzeinfosec.com

Search URL Search Domain Scan URL

URL: https://github.com/loganmeetsworld/homographs-talk/tree/master/ha-finder
Title: ha-finder

Search URL Search Domain Scan URL

URL: https://bugzilla.mozilla.org/show_bug.cgi?id=279099
Title: this Bugzilla ticket

Search URL Search Domain Scan URL

URL: https://labs.spotify.com/2013/06/18/creative-usernames/
Title: attack documented against Spotify

Search URL Search Domain Scan URL

URL: https://www.phish.ai/2018/03/13/idn-homograph-attack-back-crypto/
Title: MyEtherWallet

Search URL Search Domain Scan URL

URL: https://urlscan.io/result/0c6b86a5-3115-43d8-9389-d6562c6c49fa
Title: Github

Search URL Search Domain Scan URL

URL: https://xlab.tencent.com/en/2018/11/13/cve-2018-4277
Title: fixed a bug CVE-2018-4277

Search URL Search Domain Scan URL

URL: https://www.chromium.org/developers/design-documents/idn-in-google-chrome
Title: here

Search URL Search Domain Scan URL

URL: https://wiki.mozilla.org/IDN_Display_Algorithm
Title: far less strict algorithm

Search URL Search Domain Scan URL

URL: https://www.xn--80aa0cbo65f.com/
Title: https://www.раураӏ.com

Search URL Search Domain Scan URL

URL: https://www.paypal.com/
Title: https://www.paypal.com

Search URL Search Domain Scan URL

URL: https://bugzilla.mozilla.org/show_bug.cgi?id=1332714
Title: for Firefox

Search URL Search Domain Scan URL

URL: https://trac.torproject.org/projects/tor/ticket/21961
Title: Tor Browser

Search URL Search Domain Scan URL

URL: https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/
Title: initial attack vector

Search URL Search Domain Scan URL

URL: https://github.com/blazeinfosec/advisories
Title: advisories page

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/share?url=https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Search URL Search Domain Scan URL

URL: http://www.blazeinfosec.com/
Title: cd $HOME

Search URL Search Domain Scan URL

URL: https://facebook.com/blazeinfosec
Title: Facebook

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/blaze-information-security
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://twitter.com/blazeinfosec
Title: Twitter

Search URL Search Domain Scan URL

URL: https://github.com/blazeinfosec
Title: GitHub

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 65

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 83

https://www.facebook.com/v2.6/plugins/comments.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550

90 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/ 33 KB
10 KB 156ms
126ms Document
text/html 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c18c685fca90cf10ee7e46c0345d01031df266ccc22b6bb4eb778c631a55d5f4

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

:method: GET
:authority: blog.blazeinfosec.com
:scheme: https
:path: /what-you-see-is-not-what-you-get-when-homographs-attack/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:19 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d9a42b2c698232622305ee0db2fe36f501617277879; expires=Sat, 01-May-21 11:51:19 GMT; path=/; domain=.blazeinfosec.com; HttpOnly; SameSite=Lax; Secure
x-powered-by: Express
cache-control: public, max-age=0
vary: Accept-Encoding
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
cf-request-id: 092edf1e1200002b2298a9b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=shCPGoFM9atNInaevEtuYfwbV%2BaDo8hqP5IdtRubuWV%2Bukfrak94ugtSjV8qWrYLE%2FKWm%2Buh6KRLAZfRVYeaI1MOn6lTnDUzkjzoN2nyjgwQh37A62%2B%2BmObrDOIVyNukO2I%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 63919adceb602b22-FRA
content-encoding: br

GET
H2 200 style.css
blog.blazeinfosec.com/assets/css/ 29 KB
6 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2a263573dc618b7d7af89763f3f4a655e137d1a376f40766367adf10e241ba41

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1535670
x-powered-by: Express
cf-request-id: 092edf1e9900002b22d6177000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"738c-16e5e0c37f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7OCS6%2FiYWti0CiExEq6C1WmXVjz5o0RD9ytNt9A5cmWcDLrBK%2FfhWny7KjhrCxh2N42byPJ8lNn%2FZXwgOKY0qZeMR3IuaOmlwbhRwvC5M0lzDXqSC4IyxvYTf3T2ya0mmqU%3D"}],"max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 63919addcc7f2b22-FRA

GET
H2 200 vendor.min.css
blog.blazeinfosec.com/assets/css/ 4 KB
1 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/assets/css/vendor.min.css?v=7e1f585c5d

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

adf171d49a94ee367ac5725181a5e83dce51fed9aa192496cc01d91fa85a961e

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1535670
x-powered-by: Express
cf-request-id: 092edf1e9900002b22b5ac3000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"f74-16e5e0c37f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=643D8g6YS7usnKDyEhxq8EgG1lohZUPe7%2F4M8%2FqBEcryRC0L1RyRgkfhwQHiD1QI1l%2ByvvQxzTnla6aJIwFnVFoEUy51EHRroLNdLfytHc2g3gLxR6dDPd14a8Eau839lLE%3D"}],"max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 63919addcc812b22-FRA

GET
H2 200 queryloader.js Show response
blog.blazeinfosec.com/assets/vendor/plugins/ 15 KB
4 KB 22ms
22ms Script
application/javascript 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/assets/vendor/plugins/queryloader.js?v=7e1f585c5d

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c90747e89520db004fcb0a49dc63bcbb65aac4abc340709e520926d6823336a8

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76440
x-powered-by: Express
cf-request-id: 092edf1e9900002b228e103000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"3ddf-16e5e0c38c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FS36Ovz%2FariuewUOGm5jq6t4rvBZMj9TQqlK0GShrzu%2FzZXs0vv3ZAK4y%2FF57tBKftFfFBXw46behluhbzT5Zhb%2FjRe3u8JsWL%2F%2Ffaw20F901b3fQUz8m2b9sT2Xju7ZfW4%3D"}],"max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 63919addcc832b22-FRA

GET
H2 200 ghost-sdk.min.js Show response
blog.blazeinfosec.com/public/ 757 B
760 B 22ms
22ms Script
application/javascript 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/public/ghost-sdk.min.js?v=7e1f585c5d

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1076e5d4a0149204909d68d3cb0315d95018af603a5ddc17efecd66d6dfcd359

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76440
x-powered-by: Express
cf-request-id: 092edf1e9c00002b22a492e000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
server: cloudflare
etag: W/"83197a53f425a66f55abefd2db296f2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eBjIv6FYHZEkHijXZnbgwPggWPduk5XZpEkChd9dfD7bN%2B6RZeTZYdQt4VpMkEcOpxHeh91iBoG0n6ixapFa5N3yaSK9LID25PyPMrdcqCUS0LcDIPaAbhnXQAaAaN6caww%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 63919addcc842b22-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 22ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145705186-4

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a2719adc9d8753b92019d4615a2d1d056abe9a2a877fd9280e53127bdde2ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39098
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Apr 2021 11:51:20 GMT

GET
H2 200 homograph.png
blog.blazeinfosec.com/content/images/2019/03/ 1 MB
1 MB 29ms
24ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/content/images/2019/03/homograph.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

139c9bbc9c730923c785742fc23c705b5ef405cb78cf45942603668c6073d74a

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76441
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 1299073
cf-request-id: 092edf1ebb00002b227ca82000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Wed, 23 Oct 2019 01:07:55 GMT
server: cloudflare
etag: W/"14df04-16df627edf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TUY5ACecijehExi4DP8mA0NFEGjPk9uMNnor5yX76f9%2FUy00poNADHEMDmsYTxAjrhBMzJ0%2BjH98ocUV2XZZXi9RZOT4Uc88GIL%2B%2F%2F%2FkhcX2gqcTDffVzHdjLWbdoAzyZHE%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=1367812
accept-ranges: bytes
cf-ray: 63919addfccb2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 tahoma_30.JPG
blog.blazeinfosec.com/content/images/2019/03/ 14 KB
14 KB 30ms
25ms Image
image/jpeg 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/content/images/2019/03/tahoma_30.JPG

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

57db7c30f078e938726a32d3a5aff71baf49257212a84da2e582d7f653a5c117

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2473
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 14378
cf-request-id: 092edf1ebe00002b2283985000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Wed, 23 Oct 2019 01:07:55 GMT
server: cloudflare
etag: W/"5e34-16df627edf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BMNpAOAr8%2FMFwfpJadYmHc%2Fk8GcUZGrUQA%2BCBMSWqwN8CwxdAWAJPeqKCybFXG7UiDM4o6EVgu72Y9nUhWZCwYMSQFOluA535aMzmAo%2FBEHd4OE7rE6Yj%2FO1kQ%2BPknOQo0E%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-polished: origSize=24116
accept-ranges: bytes
cf-ray: 63919addfccc2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bookman_oldstyle_30.JPG
blog.blazeinfosec.com/content/images/2019/03/ 15 KB
16 KB 27ms
23ms Image
image/jpeg 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/content/images/2019/03/bookman_oldstyle_30.JPG

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1da39309b5e5f2f7f8fb6e9a26c297a07f49a276e93c6f779de84cd9d7af75d5

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2473
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 15683
cf-request-id: 092edf1ebb00002b22b92b1000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Wed, 23 Oct 2019 01:07:55 GMT
server: cloudflare
etag: W/"640d-16df627edf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4SXNR1DznzQhpeiH9yKvfqDMpEMe2MHwRuZcl8YnctQMyRGxDYj4ayK30xZWvkQv6UY3ObBAULlLJkSKFR2Bl9lzvuyNMVsH7wkkfghMlkkO3FoOQglCrjawQ5XMTZ%2FHqA8%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-polished: origSize=25613
accept-ranges: bytes
cf-ray: 63919addfccd2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 resized-signal-android-1.jpg
blog.blazeinfosec.com/content/images/2019/03/ 41 KB
42 KB 19ms
15ms Image
image/jpeg 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/content/images/2019/03/resized-signal-android-1.jpg

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5f10c5fdbfa7c10193ec0ee2710cf39468fdf8f505e6d67db0714bb0be1d74a1

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2473
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 42345
cf-request-id: 092edf1ebc00002b22b0ad8000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Wed, 23 Oct 2019 01:07:55 GMT
server: cloudflare
etag: W/"c595-16df627edf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BWwXOExjEwY8M%2Foc2LTnu0law6ME44K6T4xmelxNyGqqUsrnUnGuFyKr2rF%2FBzZyQEwgN07NRtYOhapKN%2FfnWCph8fB14js0cXV338VgF1Wu3DVmEwvTFkWP72nFOy6Lstw%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-polished: origSize=50581
accept-ranges: bytes
cf-ray: 63919addfcce2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 resized-signal-desktop-windows-1.JPG
blog.blazeinfosec.com/content/images/2019/03/ 50 KB
51 KB 27ms
23ms Image
image/jpeg 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/content/images/2019/03/resized-signal-desktop-windows-1.JPG

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8e108484e389192657b7cffc8af7c7777c342008ce31a94c01e6ef572eb4d8ff

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2473
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 51304
cf-request-id: 092edf1ebc00002b229b33c000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Wed, 23 Oct 2019 01:07:55 GMT
server: cloudflare
etag: W/"109aa-16df627edf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PiEi5XxF%2FRRVrAr4pdHDcCtGjOPcg0DFuypO%2BPs9TXmaSOb8vJONfCnG8CpTKy1l2f0DOCwCwybsK6kBfdlhc%2FOvFzW9Pp%2BJd81kvv3NDO6%2FXeFW8YZJNO%2F7VTK%2BznnUxPg%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-polished: origSize=68010
accept-ranges: bytes
cf-ray: 63919addfccf2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 telegram-desktop-1.JPG
blog.blazeinfosec.com/content/images/2019/03/ 101 KB
101 KB 29ms
25ms Image
image/jpeg 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/content/images/2019/03/telegram-desktop-1.JPG

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4cd4bde868a79b5933f507b22d2b9cf4c567c0d9c27e82c54fdf1de54aee0176

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2472
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 102998
cf-request-id: 092edf1ebc00002b22ed289000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Wed, 23 Oct 2019 01:07:55 GMT
server: cloudflare
etag: W/"1db5a-16df627edf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FtwGhYrMuhqMSYNvCZabjDb3ZVGtgkz5NtFRl3IziQgUxhBJXDmKaXRiiSb56C%2FEVvEf6id2el4iYZgL9eR6PnIPngfZSqEUmdmAOC3lWV3w53kQ%2BJzOlV81KB1bRehauco%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-polished: origSize=121690
accept-ranges: bytes
cf-ray: 63919addfcd02b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 blaze---ataque-dos-clones-png--atualizado-.png
blog.blazeinfosec.com/content/images/2021/01/ 3 MB
3 MB 20ms
17ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/content/images/2021/01/blaze---ataque-dos-clones-png--atualizado-.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a97aa143a8e6cf304882c8cfd73e1028425a295ce22e21ddcad58026a718b27a

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2056500
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 2862399
cf-request-id: 092edf1ebc00002b229f2de000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Thu, 14 Jan 2021 16:11:15 GMT
server: cloudflare
etag: W/"39aa77-17701aa5140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NHMONz5nzmDvz%2F%2B%2FtLc31s781u1Ng2pUzj8oubXKX%2BntMZ3Tsu1LZltv%2FeznnDAoxEFMbR1HQViJrvg%2F%2FhmQUDsrwHGBqcyaqm%2Bgb7iE59u1y4xAqkMK4cIgVMOBMr1kz98%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=3779191
accept-ranges: bytes
cf-ray: 63919addfcd12b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 blaze---ataque-dos-clones-jpeg--atualizado-.jpg
blog.blazeinfosec.com/content/images/2020/11/ 2 MB
2 MB 26ms
23ms Image
image/jpeg 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/content/images/2020/11/blaze---ataque-dos-clones-jpeg--atualizado-.jpg

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a790e86fdf02f5a11647b65fe421110e47b8040ce196df017a7497d939bf25f1

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1554879
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 2250377
cf-request-id: 092edf1ebc00002b22c6bf0000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Fri, 13 Nov 2020 15:01:11 GMT
server: cloudflare
etag: W/"273d9a-175c21fe2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N7EWirHcR46Gy3L6elXwkh%2BQ42tyYsR%2FV2YD8p3kFC%2B6EBkQM7q8oHdJNB27tloYeQJH6TzJPWoCPH2nqjQMp7enlClJlIeidc51nXfx4a7zdA8bCVqtOB3mdUVb6ljEpxI%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-polished: origSize=2571674
accept-ranges: bytes
cf-ray: 63919addfcd22b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Blaze_Wildfire_Blog_Illustration_web_optimized.jpg
blog.blazeinfosec.com/content/images/2020/07/ 354 KB
355 KB 28ms
24ms Image
image/jpeg 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/content/images/2020/07/Blaze_Wildfire_Blog_Illustration_web_optimized.jpg

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1ab5448dbcfc8048e73a361b3fed492c6e223e791cb89117d37a082210f68154

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1535671
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 362900
cf-request-id: 092edf1ebc00002b229d939000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Thu, 30 Jul 2020 14:16:11 GMT
server: cloudflare
etag: W/"5b7e5-173a0149a2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=REghYZyq7rBphotSnZXQ5%2FIkzvL34elkSXRg6xD%2FzEl28xZCAF4lydjtNOi8Mycwj8CZx7n0Ycj793TebmdgP3xz83WH%2BadNXSwR540wDg5JB6OoJV1ks848OK7Ah4hCrlM%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-polished: origSize=374757
accept-ranges: bytes
cf-ray: 63919addfcd32b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 blaze_wildfire_labs_blog_illustration_large.png
blog.blazeinfosec.com/content/images/2020/07/ 5 MB
5 MB 27ms
24ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/content/images/2020/07/blaze_wildfire_labs_blog_illustration_large.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7471202daae50c1b426da69342e5e52dbf519a2620d281edbfdd87dce0c9fbf2

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2056500
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 4936884
cf-request-id: 092edf1ebd00002b22a8095000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Thu, 16 Jul 2020 06:12:24 GMT
server: cloudflare
etag: W/"4ba072-1735640a773"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NQz5OWHbSZaaLjAMT2mdr8saZF6Y4sDBiCDkHZfZGcV97pbJe0yp7k9LnphSMp3Q2tMTAqLQdLBWCGMwA0bLYmP1usLm3UuOWYRYy5qh3XtlX%2B68R1qzOSNrOgP4epy2ASA%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=4956274
accept-ranges: bytes
cf-ray: 63919addfcd42b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 email-decode.min.js Show response
blog.blazeinfosec.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
8ms Script
application/javascript 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 092edf1eb200002b22ea1cb000000001
last-modified: Mon, 29 Mar 2021 13:37:44 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6061d828-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KwY9hJsnhtrE4tBm53qf54%2BYZIg2Z5e7iwtRYvX7pC9DVI%2BWr8bbsXvkUjoiWpamAl7wAaj6XxNs8S5%2BjQ4WdhPEunXmc0QbD1iFdo1rHtAe15n1Qhz%2BYSCO%2BN%2FwKepuVIg%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 63919addecb72b22-FRA
expires: Sat, 03 Apr 2021 11:51:19 GMT

GET
H2 200 main.min.js Show response
blog.blazeinfosec.com/assets/js/ 259 KB
80 KB 38ms
38ms Script
application/javascript 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/assets/js/main.min.js?v=7e1f585c5d

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9aa1a010fe9db185698103f8c7254f5a9180ab6677d2695f991775c0f5d389fb

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76441
x-powered-by: Express
cf-request-id: 092edf1eb600002b22aa90d000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"40d27-16e5e0c38c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OXInMaJO3h0Um1iOitLWLzphIBS82NDolWRtxzugRLvjf0Lq07kH7%2FRMBuKBdcb27MBMU55LEw5c1nHKA7HJ6xi0bdDbnzHOTAsltLVpivY8s%2Ff1M3HhjNjzwujhu9%2BKhl0%3D"}],"max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 63919addecba2b22-FRA

GET
H2 200 highlight.pack.js Show response
blog.blazeinfosec.com/assets/js/ 71 KB
29 KB 31ms
26ms Script
application/javascript 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/assets/js/highlight.pack.js?v=7e1f585c5d

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a6c16e394bf8ffd3a9a3a16e1658959b1340671f580d2ba3bd4159325edb73d0

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76441
x-powered-by: Express
cf-request-id: 092edf1ebb00002b2293990000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"11ad2-16e5e0c3809"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pATB1dp51pomrXFPp1jYXYjNh4cTRJhwEjhUK%2Fk4uRDBoXM9zw0Exyp53jEOqT69R21%2FZptuzCnJzLLtBnSjpjrmbLDJ11O5Y54Ne%2BCnBpARHOEVSCpuNjKiD%2BKJyd3rUKU%3D"}],"max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 63919addfcc72b22-FRA

GET
H2 200 https_fix.js Show response
blog.blazeinfosec.com/assets/js/ 545 B
591 B 27ms
23ms Script
application/javascript 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/assets/js/https_fix.js?v=7e1f585c5d

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

50aa9be7374adffac144ef3fa33c34732378e1afe5e27fd613da3fe0bf948a94

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76441
x-powered-by: Express
cf-request-id: 092edf1ebb00002b227ab2e000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"221-16e5e0c3801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=urJO%2BKLE%2FqP89kGv5iAfo0EaqqP3i7Fngw4QYFthXPcYtrfyM3RiQzVtWypQaFf1rn7uL94g9gZkK%2Fliymrna88ei6am4wFa7qSyZ0Lca8TFkquTJDwb%2B5L%2B1V4WD8cAhIo%3D"}],"max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 63919addfcc82b22-FRA

GET
H2 200 set-categories@1x.png
blog.blazeinfosec.com/assets/images/ 191 B
570 B 26ms
23ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/set-categories@1x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fee5bd3b52e7c28c4cafad35d628c5830ac635a22c0db83a4e94fe4a39b58549

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7898
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 191
cf-request-id: 092edf1ebd00002b22b5ac6000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"152-16e5e0c3801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WGJm8cWl%2BuPD5uqepKTgf3jADhLg4fzP8WiF6icXSbsL3pAfEa4njs5rQnbIP8ahCIoMFKp%2F%2F2HLCineGZHRyuMFLTx%2B3VCFzBN0%2BaMLHilTKUQQDyd%2BvSKPAZ%2BssOkX%2Bz0%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=338
accept-ranges: bytes
cf-ray: 63919addfcd52b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 logo@1x.png
blog.blazeinfosec.com/assets/images/ 3 KB
3 KB 34ms
31ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/logo@1x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5990bb13601b5338a0527e611cc0e5ecb8f755ef8e2e4cd6eebdae26e662f993

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3760
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 2699
cf-request-id: 092edf1ec400002b22a4931000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"d8f-16e5e0c37fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=It0EXMPzt6PTtT%2FQ%2BajbbsL8LO2V6IvSUQvluydvquv6EKbnuDKjP0w%2FmK4UPW1iGrb29dysXXgXzK1uI6YwIljfkA6vEEbErTJC0yNFgzTi8QVWuWaPVPS8nJxH9tcUWTs%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=3471
accept-ranges: bytes
cf-ray: 63919ade0cdc2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 search@1x.png
blog.blazeinfosec.com/assets/images/ 410 B
760 B 35ms
32ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/search@1x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9f3629f309a5833f35d2c0252925d6a8b0ce7ce5baaed3009962ebb22327d250

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3760
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 410
cf-request-id: 092edf1ec200002b22c4163000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"2ce-16e5e0c3801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5fdf5AFmVO640M%2BhRgl0%2F7D7i4xAr3xcHmTMlheVYktOhC%2F%2F3T26igmeqKTAUeFvE0Xx5cNj7D2o0dCH10HNrC%2BnGTI44E5RErXykKti5VlyF3Tvcpl7y%2Bi1AB4iRgnhRME%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=718
accept-ranges: bytes
cf-ray: 63919ade0cdd2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 dinpro-bold-webfont-webfont.woff
blog.blazeinfosec.com/assets/fonts/ 22 KB
22 KB 34ms
32ms Font
application/font-woff 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/assets/fonts/dinpro-bold-webfont-webfont.woff

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

88b35dcf880d46402d4c72969fe680c114b1b3c3c1af8b7ae255ff52bd894752

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://blog.blazeinfosec.com
Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3760
x-powered-by: Express
cf-request-id: 092edf1ec000002b22ee200000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"5650-16e5e0c3801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NxBtJcW20J8zjozBOA9K58d7ysbJLDmCsdhmLoLcZ8RQiCgUIxbuauFMMz4SG1fusSsLMMy4T5ggFr1GotmCBaBvt%2F405hOQ2ptpFxzB8sCUyW8hSFAr9FDzQ2HTOo67k%2BA%3D"}],"max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=31536000
cf-ray: 63919ade0cda2b22-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

177921fd5a1b694b422aab1f4dcb4ef3c82f4ad15815f2fbd2c73324745bb842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /nBhdVLQYHnGVADb7K2XRQ==
cross-origin-resource-policy: cross-origin
expires: Thu, 01 Apr 2021 12:01:58 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: om/WAPNloe+NtJ8HbeVxcvu4739Sww9FjWxvTYMHOHkZElfZiYNrkFFNE6xY0z6w5Y7/0DCjXh+Cd+6WdB0CLQ==
x-fb-trip-id: 1425083115
x-fb-content-md5: f565859d0694f2af1f077c59aaea8926
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 01 Apr 2021 11:51:20 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "59f67a16dea30940659d2b576c900913"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 hufnGQWx45k Show response
www.youtube.com/embed/ Frame 4C82 50 KB
21 KB 58ms
54ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/hufnGQWx45k

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d9b2346d34d2ab5629db82323f4c08d00a1b0fa6cdb57397173ba0d4c8ecc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/hufnGQWx45k
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:51:20 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=lw1DP4jIVMw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=6S2lYx2LpEY; Domain=.youtube.com; Expires=Tue, 28-Sep-2021 11:51:20 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+274; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jJKfL8ME6lQ Show response
www.youtube.com/embed/ Frame 0922 50 KB
21 KB 67ms
65ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jJKfL8ME6lQ

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb24bae1404ae2ee4dc8633ff1aed1e634994dc57bd06b3acffecbc29d071e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/jJKfL8ME6lQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:51:20 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Cira3yaaX9U; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=pdAn-FSwTQA; Domain=.youtube.com; Expires=Tue, 28-Sep-2021 11:51:20 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+194; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 lftracker_v1_lYNOR8xeP1g7WQJZ.js Show response
sc.lfeeder.com/ 18 KB
7 KB 185ms
147ms Script
application/javascript 2600:9000:2127:1400:1f:f723:6fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_lYNOR8xeP1g7WQJZ.js
Requested by: Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:1400:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b098d9f9df9e378a07c52dc1bbdbb028ee68d244043412920a76464bdc1b292

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .pyp1A4BGXo3Kvqeov1wkaECCu9ajZJc
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 14:43:52 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: W/"6b5715aea4fadbf02bc9027bbb257f4e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Thu, 01 Apr 2021 11:51:21 GMT
x-amz-cf-id: ZzHGXggTYZnQd8d5E6OGWAcgEErmNZr9Eto-puvoGZPpv-YBgZnzyQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 5773
date: Thu, 01 Apr 2021 10:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 01 Apr 2021 12:15:07 GMT

GET
H2 200 fb@0x.png
blog.blazeinfosec.com/assets/images/ 234 B
583 B 38ms
24ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/fb@0x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

081a13349223c39223c429f06b8e2e46a34d847c88b2c41bf73bf0cf984d9759

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 68092
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 234
cf-request-id: 092edf1ee400002b229f2e2000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"2d4-16e5e0c37fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8GyoAtjO77tFLAEST%2BT9ak9mtUo%2FVPQ4VKR2OR1yNzolEwaM3633vyZcur63EKmAd8DpmnjRMNc0SMF1IqVSrgoswlboJOiYkXqYKD1yJ3QIDpqp%2BZJR0x1u2RLSqR0kCFE%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=724
accept-ranges: bytes
cf-ray: 63919ade3d362b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 in@0x.png
blog.blazeinfosec.com/assets/images/ 283 B
672 B 28ms
19ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/in@0x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

408c9fbac27923872d82337a2f38346124f00149b48c1b20fe8f0980220f1d67

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 68092
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 283
cf-request-id: 092edf1ee400002b22ae0e4000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"30f-16e5e0c37fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f6oi3YQG7fJRT1ks2NSvXMCgSOh0J%2FADTrxj3iBL14Pin0I%2FLBddoVLi0Dw6wEXQ7v%2BXAAY60VZOSOo0fJUL7iVRpAonui52QE1pka9eOXeo%2Bj%2FSla4IgIEsSrOrzA8TPS0%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=783
accept-ranges: bytes
cf-ray: 63919ade3d372b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 tw@0x.png
blog.blazeinfosec.com/assets/images/ 334 B
725 B 55ms
45ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/tw@0x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5095e9c6a2212749cdf3decb25dc773b5b574161c30f6cc2c5060b28b96bc45a

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 68092
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 334
cf-request-id: 092edf1ee400002b22a4933000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"379-16e5e0c3801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zAKFKRjqtBCjhJkVqjfpKics55LMqbhXQuuhyLxrrfg1fgmD4UCcZip%2BByAaAPa8E%2B%2Bxl9LfyF4Tc2jyYZ6pPdmQnAjCvnwxHCdtAKqieiK3WxH%2FTcBKINNo1JGzH5ZxrSw%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=889
accept-ranges: bytes
cf-ray: 63919ade3d382b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 fb@1x.png
blog.blazeinfosec.com/assets/images/ 390 B
729 B 29ms
22ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/fb@1x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e4220fe35c1275af8eb4b1bda9c3921829e272d2749e6e3003122135bec64e29

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3760
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 390
cf-request-id: 092edf1ee500002b22ba368000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"2f6-16e5e0c37fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5Qy2OUQeUs%2BELcCLShx2wZvpVOVmEZLbCabmPj8W2fcvMuflBHRM1WjocxKSZyvzyrCYDX6oaQhe413e58gmTdMpgfbAlBWmn%2FrKL0o8HAzWIPc6IpyqM7DSN8luhj%2BFYso%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=758
accept-ranges: bytes
cf-ray: 63919ade3d392b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 in@1x.png
blog.blazeinfosec.com/assets/images/ 452 B
1 KB 33ms
24ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/in@1x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a101b0f097ff7253e2cce94ba8822e37dc7febc3e76c7ed4020bed5dabf29859

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3760
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 452
cf-request-id: 092edf1ee500002b22e890e000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"35a-16e5e0c37fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pcPfbWQ1ejXeb1qGRgr84lvYoGD9QaQc0sud6UGcjZJ72z94l28%2FfZ3GfRcHMYQ%2FI4S1oCCavz4twgne6QSYZjHEYuUq1UBwVZ7jzxAvpG%2FSXbGF6P3UUraP7Rjtx0Rm4Eo%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=858
accept-ranges: bytes
cf-ray: 63919ade3d3b2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 tw@1x.png
blog.blazeinfosec.com/assets/images/ 503 B
828 B 30ms
22ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/tw@1x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

86998c44dd7cc2caaeb766bf87ecaaf25bb4d78e7d0faca006dab099de110777

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3760
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 503
cf-request-id: 092edf1ee500002b22c4165000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"3c1-16e5e0c3801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ylukdwXJGwfJ37B3B9Gs3EWGM%2B2u7CAWWFBxqnRSciX8sUrrWt4C8mwPbNznejy40DNYljtelRhMXAcYBI1EaNRD1M82iFNf34VrPADEwzqVf8RGDmJPVP%2FDHoKfiwPiwOQ%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=961
accept-ranges: bytes
cf-ray: 63919ade3d3c2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 git@2x.png
blog.blazeinfosec.com/assets/images/ 2 KB
2 KB 81ms
73ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/git@2x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a4bf1dd367dab7acd00f1ce2e5b84b400032cfe95c6e59a4cc0ffcb197e28c78

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 506309
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 2032
cf-request-id: 092edf1ee500002b22d3a5a000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"e82-16e5e0c37fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G3AIUpxwrwTFosICg%2BjvB79k9rz1DghVUpQeqmBPS%2BPrvdcQM%2BfuQhv7rinYBn2rEReKetJTwEoCpPTbYHFMp0TLTQCxpM7V8oooX20ufjn77hX3avGzxdf8oxRS3czBiU0%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=3714
accept-ranges: bytes
cf-ray: 63919ade3d3d2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 dinpro-regular-webfont-webfont.woff
blog.blazeinfosec.com/assets/fonts/ 21 KB
21 KB 28ms
22ms Font
application/font-woff 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.blazeinfosec.com/assets/fonts/dinpro-regular-webfont-webfont.woff

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

03dc76e70064823e2f16dd4cc29a47e161db1a9c330c4aaa7e18e7da055ca804

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Origin: https://blog.blazeinfosec.com
Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3760
x-powered-by: Express
cf-request-id: 092edf1ee400002b228e108000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"54fc-16e5e0c3801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G2blJOckiJnr5vIlIsKf3PkZhgnwRVTfsDB6%2F14VyFz8NQfLqbWaZQSuiA7iM8xxTrp9HztEeiHBWXl42LUYb2cGaGWde0mcg91RPJi0IxJf8STEy25MBVR7ZKCalLUAFfA%3D"}],"max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=31536000
cf-ray: 63919ade3d342b22-FRA

GET
H2 200 loader.gif
blog.blazeinfosec.com/assets/images/ 14 KB
15 KB 24ms
24ms Image
image/gif 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/loader.gif

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5094ee38252c8f17139ed8e7c84b69bac4e00f16cd534730ec848177ce156227

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/assets/css/style.css?v=7e1f585c5d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2056499
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 14820
cf-request-id: 092edf1f4700002b228f32b000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"45e0-16e5e0c37fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ejVHQyLrYaTgzIGnxKZKzYa1GYjIRYzZP83thAU0J02nzFCBrfSYbKciarbRIi1ir8xWHF8g6112Csu1LyO3yVG7A8SWZoMbjkB4U%2BSCN9YWQxRTT3Y8EMt7Lzfn%2BZX5drE%3D"}],"max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
cf-polished: origSize=17888
accept-ranges: bytes
cf-ray: 63919adeddff2b22-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 199 KB
60 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=2978cee7f441a9568e51d2cc1a60d3b3&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

618ce049e9be1a109c8ad380a89cbc0c77698f5a2f8dc2f5168739317578aa3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://blog.blazeinfosec.com
Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 49L5u32G/uFgOL3uKpyEOA==
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Apr 2022 10:55:53 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 61295
x-fb-rlafr: 0
x-fb-debug: F2b6LuZsm7XrOhdeRB9PBi0VKeHCVNQJniBEAAn4niIOlprcmV/fX97v9em27fWGgFxeaXIPS7vMqjnVUIQBng==
x-fb-trip-id: 1425083115
x-fb-content-md5: bf166011df16f490b62d11b159e39b57
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 01 Apr 2021 11:51:20 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "118d0cf77260386cf40add85521c131a"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
70 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1620427613&t=pageview&_s=1&dl=https%3A%2F%2Fblog.blazeinfosec.com%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&ul=en-us&de=UTF-8&dt=What%20you%20see%20is%20not%20what%20you%20get%3A%20when%20homographs%20attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1772051663&gjid=661366364&cid=581318116.1617277880&tid=UA-76140348-1&_gid=1831927063.1617277880&_r=1&_slc=1&z=1434926110

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:51:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.blazeinfosec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 15ms
15ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1620427613&t=pageview&_s=1&dl=https%3A%2F%2Fblog.blazeinfosec.com%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&ul=en-us&de=UTF-8&dt=What%20you%20see%20is%20not%20what%20you%20get%3A%20when%20homographs%20attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=1967948521&gjid=518759951&cid=581318116.1617277880&tid=UA-145705186-4&_gid=1831927063.1617277880&_r=1&gtm=2ou3o0&z=550630284

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Apr 2021 11:51:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.blazeinfosec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4ad4b014/ Frame 4C82 354 KB
52 KB 32ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 65937
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53213
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:32:23 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/ Frame 4C82 162 KB
162 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165659
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 base.js
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 4C82 787 KB
0 32ms
18ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1633079
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/ Frame 4C82 8 KB
8 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4C82 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 576595
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 25 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4ad4b014/ Frame 0922 354 KB
52 KB 31ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 65937
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53213
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:32:23 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/ Frame 0922 162 KB
162 KB 31ms
18ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165659
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 base.js
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 0922 751 KB
0 26ms
13ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1633079
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/ Frame 0922 8 KB
8 KB 31ms
18ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0922 15 KB
15 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 576595
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 25 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 hufnGQWx45k Show response
www.youtube.com/embed/ Frame 4C82 50 KB
21 KB 93ms
86ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com

Requested by

Host: sc.lfeeder.com
URL: https://sc.lfeeder.com/lftracker_v1_lYNOR8xeP1g7WQJZ.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be3e1e55b2a8c9dc17e87e448a09fd01e1053b7af52a4b12fa809479f619d76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=Cira3yaaX9U; VISITOR_INFO1_LIVE=pdAn-FSwTQA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:51:20 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+940; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 jJKfL8ME6lQ Show response
www.youtube.com/embed/ Frame 0922 50 KB
21 KB 93ms
87ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com

Requested by

Host: sc.lfeeder.com
URL: https://sc.lfeeder.com/lftracker_v1_lYNOR8xeP1g7WQJZ.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa370c72f02112bcc13707e385526da7a4c1c3770fb1646b79ed841613093c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=Cira3yaaX9U; VISITOR_INFO1_LIVE=pdAn-FSwTQA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Apr 2021 11:51:20 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+160; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 big-lupa@1x.png
blog.blazeinfosec.com/assets/images/ 551 B
892 B 19ms
19ms Image
image/png 2606:4700:20::681a:8f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.blazeinfosec.com/assets/images/big-lupa@1x.png

Requested by

Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b3b15bfcf9d5d85454ac8e7f87237f3b27cc4b9e250480097bd8a5f55b3897a4

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 76440
x-powered-by: Express
strict-transport-security: max-age=63072000
content-length: 551
cf-request-id: 092edf1fb500002b227f228000000001
public-key-pins: pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
last-modified: Tue, 12 Nov 2019 05:18:09 GMT
server: cloudflare
etag: W/"3c6-16e5e0c37f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cZ4ZTbzFfMFZia9jUGcbvKBPpCntEs36nwjXjxm0At4FOqBarR6fyhNDi0fP%2FseZFjryPdyIBiJzdKLe%2FIp3888f3jn7%2BVsZmWfRxciqnzi3Q0c6UHEWespo%2FlwFKENUTLA%3D"}],"max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-polished: origSize=966
accept-ranges: bytes
cf-ray: 63919adf8f202b22-FRA
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4ad4b014/ Frame 4C82 354 KB
52 KB 9ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 65937
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53213
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:32:23 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/ Frame 4C82 162 KB
162 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165659
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 4C82 2 MB
2 MB 16ms
13ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

290714822395f985081e4c9f9156e76907285730057975c705edbbf3ee8e84f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1633079
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/ Frame 4C82 8 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4C82 15 KB
15 KB 39ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 576595
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 25 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 www-player-webp.css
www.youtube.com/s/player/4ad4b014/ Frame 0922 354 KB
52 KB 11ms
8ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 65937
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53213
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:32:23 GMT

GET
H3-Q050 200 www-embed-player.js Show response
www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/ Frame 0922 162 KB
162 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165659
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 base.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 0922 2 MB
2 MB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

290714822395f985081e4c9f9156e76907285730057975c705edbbf3ee8e84f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1633079
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/ Frame 0922 8 KB
8 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0922 15 KB
15 KB 39ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 576595
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 25 Mar 2022 19:41:25 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4C82
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
297 B

61ms
47ms

XHR
application/json

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31b6454e493b57815de6ec9de774f38a9378ce7b22e597dbaaef9de9ba38814a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Apr 2021 11:51:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4C82 29 B
407 B 25ms
5ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 616
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:56:04 GMT

GET
H3-Q050

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 0922
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
921 B

59ms
46ms

XHR
application/json

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9e0a8dda6c02cebe0d7b6ce9ebbf735a949a4e7366c80f19a881af2d4186bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 01 Apr 2021 11:51:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0922 29 B
394 B 34ms
20ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:41:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 616
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:56:04 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 4C82 97 KB
97 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561e2cc2ff84be0897fc18138575f4c31aaa1afd52731d70949eed5fcd513156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66029
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99077
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H2 200 CaTTKhWvyyg-SKH9ZlOhjZrmYpmMmDgainbYhyo6Eko.js Show response
www.google.com/js/th/ Frame 4C82 33 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/CaTTKhWvyyg-SKH9ZlOhjZrmYpmMmDgainbYhyo6Eko.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09a4d32a15afcb283e48a1fd6653a18d9ae662998c98381a8a76d8872a3a124a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 94688
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12601
x-xss-protection: 0
expires: Thu, 31 Mar 2022 09:33:12 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 4C82 24 KB
24 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccd9d82356daa470ee0cbcd896661c78d291e75f75198a43b77694ef307041e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66030
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24206
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
DATA 200
OK truncated
/ Frame 4C82 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnjwZkze5bwWyO0TkLu_eRQyuWtxYCWYXoNZsc_u=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4C82 3 KB
3 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjwZkze5bwWyO0TkLu_eRQyuWtxYCWYXoNZsc_u=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

473cba18dfee504f58646b70c2d37e9d468d14af4dbb4fd1ae9037f3d435ee5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:17:24 GMT
x-content-type-options: nosniff
age: 2037
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2757
x-xss-protection: 0
server: fife
etag: "v2c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 29 Mar 2021 12:57:18 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/hufnGQWx45k/ Frame 4C82 27 KB
28 KB 25ms
6ms Image
image/webp 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/hufnGQWx45k/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a381fa67bf183e3a3223c48f56299cd4c0a14cfe39d4ecfbc4a7445a2f3204b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:22:26 GMT
x-content-type-options: nosniff
server: sffe
age: 1735
etag: "1570209515"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27956
x-xss-protection: 0
expires: Thu, 01 Apr 2021 13:22:26 GMT

GET
H3-Q050 200 remote.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 0922 97 KB
97 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561e2cc2ff84be0897fc18138575f4c31aaa1afd52731d70949eed5fcd513156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66030
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99077
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
H3-Q050 200 CaTTKhWvyyg-SKH9ZlOhjZrmYpmMmDgainbYhyo6Eko.js Show response
www.google.com/js/th/ Frame 0922 33 KB
13 KB 37ms
22ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/CaTTKhWvyyg-SKH9ZlOhjZrmYpmMmDgainbYhyo6Eko.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09a4d32a15afcb283e48a1fd6653a18d9ae662998c98381a8a76d8872a3a124a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 09:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:00:00 GMT
server: sffe
age: 8997
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12601
x-xss-protection: 0
expires: Fri, 01 Apr 2022 09:21:24 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/ Frame 0922 24 KB
24 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccd9d82356daa470ee0cbcd896661c78d291e75f75198a43b77694ef307041e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 17:30:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 00:20:10 GMT
server: sffe
age: 66030
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24206
x-xss-protection: 0
expires: Thu, 31 Mar 2022 17:30:51 GMT

GET
DATA 200
OK truncated
/ Frame 0922 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 AAUvwnjwZkze5bwWyO0TkLu_eRQyuWtxYCWYXoNZsc_u=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0922 3 KB
3 KB 27ms
14ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjwZkze5bwWyO0TkLu_eRQyuWtxYCWYXoNZsc_u=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

473cba18dfee504f58646b70c2d37e9d468d14af4dbb4fd1ae9037f3d435ee5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:17:24 GMT
x-content-type-options: nosniff
age: 2037
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2757
x-xss-protection: 0
server: fife
etag: "v2c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 29 Mar 2021 12:57:18 GMT

GET
H3-Q050 200 sddefault.webp
i.ytimg.com/vi_webp/jJKfL8ME6lQ/ Frame 0922 23 KB
23 KB 36ms
19ms Image
image/webp 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/jJKfL8ME6lQ/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efbb333220cec6489fe329b5708ed49c63db9b48b45a5a8ab455910c3d6eb12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:22:26 GMT
x-content-type-options: nosniff
server: sffe
age: 1735
etag: "1570209456"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23598
x-xss-protection: 0
expires: Thu, 01 Apr 2021 13:22:26 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4C82 4 KB
2 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:51:21 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 4C82 0
38 B 6ms
6ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?fykTlg
Requested by: Host: blog.blazeinfosec.com
URL: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:21 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0922 4 KB
2 KB 62ms
46ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:51:21 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame 0922 0
13 B 6ms
6ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?-8iEQA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 11:51:21 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

feedback.php Show response
www.facebook.com/plugins/ Frame 8432
Redirect Chain

https://www.facebook.com/v2.6/plugins/comments.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3D...
https://www.facebook.com/plugins/comments.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog....
https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog....

33 KB
11 KB

54ms
54ms

Document
text/html

2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=2978cee7f441a9568e51d2cc1a60d3b3&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

91c077a0c9fe42630016bebb10b47741f00268d91ba4bf5601ebe4150e30347e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://blog.blazeinfosec.com/what-you-see-is-not-what-you-get-when-homographs-attack/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: br
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: D7N/AiAnpxR6fNFo6QMC9GPktcMP9s/OrJpZJoSqX2IGj+LN89Ptgn15Siww4TTC8Kdyq8cMnwRo6EDNfzbozw==
date: Thu, 01 Apr 2021 11:51:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: SAUIgmzn9oIZrsQ9o2xVhjt1a8Hv7Fr7U2lhuFQcRMJCvPmnkTOXXZ6gSDbCHL506PEWt3ieCMEDHPH0tGlnaA==
content-length: 0
date: Thu, 01 Apr 2021 11:51:21 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 oVAcAegKflF.css
www.facebook.com/rsrc.php/v3/y7/l/0,cross/ Frame 8432 128 KB
21 KB 14ms
13ms Stylesheet
text/css 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y7/l/0,cross/oVAcAegKflF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a455ef9fc10f43ca155a76039456aba9ee5fee3c8f15fdba9ee835ef5fc9b93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 2oTqH38CRkWsEJe3clreh9LJfI/N3kCfN7yG1bWNbUkzlrZZ1QvzQt/Uk8TtdbMnk07Q2sv5/dn8jXDXT3W3hw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: BPIpsac+5rtVYmWWIFv+/A==
date: Mon, 22 Mar 2021 08:21:36 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20864
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 08:21:36 GMT

GET
H2 200 uktFqoSGNQ2.js Show response
www.facebook.com/rsrc.php/v3/yl/r/ Frame 8432 271 KB
72 KB 25ms
25ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yl/r/uktFqoSGNQ2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fdeddda6872052e957921cb5ed1ac9f5af08dd6ac35ca43949ae87723b6dd0b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: pCjAYLlojt/uXEJZVbmbngeQ6fWdMUzxDv1w+WyFLKiS91XWMZ0POy0fQMtKZLJnD9i7wgu5MaQTXZ5BHnBHyw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: q9xfnxe2jJcyK6cZDxflng==
date: Tue, 30 Mar 2021 16:19:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 73695
x-fb-rlafr: 0
expires: Wed, 30 Mar 2022 16:19:39 GMT

GET
H2 200 kYu80yBtmN4.js Show response
www.facebook.com/rsrc.php/v3i5VZ4/yW/l/pt_BR/ Frame 8432 164 KB
46 KB 40ms
39ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i5VZ4/yW/l/pt_BR/kYu80yBtmN4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

adbcda5842d083d6f8ca86b781b0387d65d33ac3d9ac214d109685290678a880

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:53:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zoi/D6VUkCMsvnRIaHnJ8Q==
cross-origin-resource-policy: cross-origin
content-length: 46652
x-fb-rlafr: 0
x-fb-debug: TrgZ8/3penFRDiNKvy8Q7iXbW00cYv5iVOmQU9elMk4rAyUaoiUpeiW4l7OfL+ePGr074PSDPb8oFEE6C+2Y+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 31 Mar 2022 23:53:21 GMT

GET
H2 200 ZrpanCibfV5.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame 8432 26 KB
8 KB 13ms
13ms Script
application/x-javascript 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ZrpanCibfV5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yl/r/uktFqoSGNQ2.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ad8f48afb99f28b746bbe2a7b673067ee0b0f504575c315ffed6b6bdc85698a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: B/9QP8L0e/iCSG+MiELvixoLTTnHHcu5O9BlsOylaA45cgAL8rda/QxFTB1OrVg0UNn75Ci4T+qY0Mdp8enLeA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 0sQkzPMitHEyZHh4DiJ7GA==
date: Mon, 29 Mar 2021 17:02:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8434
x-fb-rlafr: 0
expires: Tue, 29 Mar 2022 17:02:44 GMT

GET
H2 200 2SDcuA46T2r.css
www.facebook.com/rsrc.php/v3/yV/l/0,cross/ Frame 8432 60 KB
13 KB 14ms
13ms Stylesheet
text/css 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yV/l/0,cross/2SDcuA46T2r.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yl/r/uktFqoSGNQ2.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd8250a439767cef76a08b601fa5dfcad6e6179e1d7613595ec0055baef234b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=168427303224528&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df367ac308bbe53c%26domain%3Dblog.blazeinfosec.com%26origin%3Dhttps%253A%252F%252Fblog.blazeinfosec.com%252Ff2a49eb852fcc84%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwhat-you-see-is-not-what-you-get-when-homographs-attack%2F&locale=pt_BR&numposts=5&sdk=joey&version=v2.6&width=550
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 18:49:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vQCIjrKT1usWngVkZa0zfQ==
cross-origin-resource-policy: cross-origin
content-length: 12698
x-fb-rlafr: 0
x-fb-debug: BeZSWZjDNUZPmMAHFzuVg/oTTIwIkdSqYt54P7QhH8z7xBFY6zWBfC77jAHnKdL4dbkzLmx5gp051ISwQXr9Tg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 31 Mar 2022 18:49:03 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4C82 28 B
266 B 31ms
31ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/hufnGQWx45k?enablejsapi=1&origin=https://blog.blazeinfosec.com
X-YouTube-Client-Version: 1.20210330.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtwZEFuLUZTd1RRQSi455aDBg%3D%3D
X-YouTube-Ad-Signals: dt=1617277880543&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C420%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKrvCiS3z7FDcWmuqlG7yqXFjujb7pfyo8WGyZvPRgyC94tjtNbBEvyT7Wfn_kPte-5GpGMlDDKzHgsjyHJpWsfwuN6Wsg

Response headers

date: Thu, 01 Apr 2021 11:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:51:31 GMT

POST
H3-Q050 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0922 28 B
246 B 18ms
17ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4ad4b014/www-embed-player.vflset/www-embed-player.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jJKfL8ME6lQ?enablejsapi=1&origin=https://blog.blazeinfosec.com
X-YouTube-Client-Version: 1.20210330.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtwZEFuLUZTd1RRQSi455aDBg%3D%3D
X-YouTube-Ad-Signals: dt=1617277880549&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C420%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKodl4dyqF-2srhMk6uezS7TuKide7wtmOXNGuwwy_qPP2l93PeeCaC_9t5UoL8LWqtwYBlGGCVpxUBJWDshQUH6rplqXA

Response headers

date: Thu, 01 Apr 2021 11:51:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 01 Apr 2021 11:51:31 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 21:33:49	Name: VISITOR_INFO1_LIVE Value: pdAn-FSwTQA
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Cira3yaaX9U
.blazeinfosec.com/	1970-01-19 17:14:37	Name: _gat Value: 1
.blazeinfosec.com/	1970-01-20 10:45:49	Name: _ga Value: GA1.2.581318116.1617277880
.blazeinfosec.com/	1970-01-19 17:14:37	Name: _gat_gtag_UA_145705186_4 Value: 1
.blazeinfosec.com/	1970-01-19 17:16:04	Name: _gid Value: GA1.2.1831927063.1617277880
.blazeinfosec.com/	1970-01-19 17:57:49	Name: __cfduid Value: d9a42b2c698232622305ee0db2fe36f501617277879

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Public-Key-Pins	pin-sha256="amMeV6gb9QNx0Zf7FtJ19Wa/t2B7KpCF/1n2Js3UuSU="; pin-sha256="tUzPsvKmIOFQV/AYWII/pRAAt9UKrYuBkkAav1dsuuE="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.blazeinfosec.com
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
sc.lfeeder.com
static.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2600:9000:2127:1400:1f:f723:6fc0:93a1
2606:4700:20::681a:8f5
2a00:1450:4001:800::2016
2a00:1450:4001:801::2006
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2004
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
03dc76e70064823e2f16dd4cc29a47e161db1a9c330c4aaa7e18e7da055ca804
081a13349223c39223c429f06b8e2e46a34d847c88b2c41bf73bf0cf984d9759
09a4d32a15afcb283e48a1fd6653a18d9ae662998c98381a8a76d8872a3a124a
1076e5d4a0149204909d68d3cb0315d95018af603a5ddc17efecd66d6dfcd359
139c9bbc9c730923c785742fc23c705b5ef405cb78cf45942603668c6073d74a
177921fd5a1b694b422aab1f4dcb4ef3c82f4ad15815f2fbd2c73324745bb842
1ab5448dbcfc8048e73a361b3fed492c6e223e791cb89117d37a082210f68154
1da39309b5e5f2f7f8fb6e9a26c297a07f49a276e93c6f779de84cd9d7af75d5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
290714822395f985081e4c9f9156e76907285730057975c705edbbf3ee8e84f6
2a263573dc618b7d7af89763f3f4a655e137d1a376f40766367adf10e241ba41
31b6454e493b57815de6ec9de774f38a9378ce7b22e597dbaaef9de9ba38814a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
408c9fbac27923872d82337a2f38346124f00149b48c1b20fe8f0980220f1d67
473cba18dfee504f58646b70c2d37e9d468d14af4dbb4fd1ae9037f3d435ee5b
4cd4bde868a79b5933f507b22d2b9cf4c567c0d9c27e82c54fdf1de54aee0176
5094ee38252c8f17139ed8e7c84b69bac4e00f16cd534730ec848177ce156227
5095e9c6a2212749cdf3decb25dc773b5b574161c30f6cc2c5060b28b96bc45a
50aa9be7374adffac144ef3fa33c34732378e1afe5e27fd613da3fe0bf948a94
561e2cc2ff84be0897fc18138575f4c31aaa1afd52731d70949eed5fcd513156
56f048c95f0a1d5a78704d93885cf3b397251bfb49846bc78ec3a9569363542f
57db7c30f078e938726a32d3a5aff71baf49257212a84da2e582d7f653a5c117
5990bb13601b5338a0527e611cc0e5ecb8f755ef8e2e4cd6eebdae26e662f993
5f10c5fdbfa7c10193ec0ee2710cf39468fdf8f505e6d67db0714bb0be1d74a1
618ce049e9be1a109c8ad380a89cbc0c77698f5a2f8dc2f5168739317578aa3b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a2719adc9d8753b92019d4615a2d1d056abe9a2a877fd9280e53127bdde2ec3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7471202daae50c1b426da69342e5e52dbf519a2620d281edbfdd87dce0c9fbf2
86998c44dd7cc2caaeb766bf87ecaaf25bb4d78e7d0faca006dab099de110777
88b35dcf880d46402d4c72969fe680c114b1b3c3c1af8b7ae255ff52bd894752
8ad8f48afb99f28b746bbe2a7b673067ee0b0f504575c315ffed6b6bdc85698a
8b098d9f9df9e378a07c52dc1bbdbb028ee68d244043412920a76464bdc1b292
8e108484e389192657b7cffc8af7c7777c342008ce31a94c01e6ef572eb4d8ff
91c077a0c9fe42630016bebb10b47741f00268d91ba4bf5601ebe4150e30347e
9aa1a010fe9db185698103f8c7254f5a9180ab6677d2695f991775c0f5d389fb
9d9b2346d34d2ab5629db82323f4c08d00a1b0fa6cdb57397173ba0d4c8ecc59
9f3629f309a5833f35d2c0252925d6a8b0ce7ce5baaed3009962ebb22327d250
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a101b0f097ff7253e2cce94ba8822e37dc7febc3e76c7ed4020bed5dabf29859
a381fa67bf183e3a3223c48f56299cd4c0a14cfe39d4ecfbc4a7445a2f3204b6
a455ef9fc10f43ca155a76039456aba9ee5fee3c8f15fdba9ee835ef5fc9b93a
a4bf1dd367dab7acd00f1ce2e5b84b400032cfe95c6e59a4cc0ffcb197e28c78
a6c16e394bf8ffd3a9a3a16e1658959b1340671f580d2ba3bd4159325edb73d0
a790e86fdf02f5a11647b65fe421110e47b8040ce196df017a7497d939bf25f1
a97aa143a8e6cf304882c8cfd73e1028425a295ce22e21ddcad58026a718b27a
adbcda5842d083d6f8ca86b781b0387d65d33ac3d9ac214d109685290678a880
adf171d49a94ee367ac5725181a5e83dce51fed9aa192496cc01d91fa85a961e
b3b15bfcf9d5d85454ac8e7f87237f3b27cc4b9e250480097bd8a5f55b3897a4
b9e0a8dda6c02cebe0d7b6ce9ebbf735a949a4e7366c80f19a881af2d4186bc4
be3e1e55b2a8c9dc17e87e448a09fd01e1053b7af52a4b12fa809479f619d76d
c18c685fca90cf10ee7e46c0345d01031df266ccc22b6bb4eb778c631a55d5f4
c90747e89520db004fcb0a49dc63bcbb65aac4abc340709e520926d6823336a8
cd8250a439767cef76a08b601fa5dfcad6e6179e1d7613595ec0055baef234b3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4220fe35c1275af8eb4b1bda9c3921829e272d2749e6e3003122135bec64e29
eb24bae1404ae2ee4dc8633ff1aed1e634994dc57bd06b3acffecbc29d071e1d
eccd9d82356daa470ee0cbcd896661c78d291e75f75198a43b77694ef307041e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efbb333220cec6489fe329b5708ed49c63db9b48b45a5a8ab455910c3d6eb12e
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fa370c72f02112bcc13707e385526da7a4c1c3770fb1646b79ed841613093c29
fdeddda6872052e957921cb5ed1ac9f5af08dd6ac35ca43949ae87723b6dd0b5
fee5bd3b52e7c28c4cafad35d628c5830ac635a22c0db83a4e94fe4a39b58549
ff7c449ce793438eb4bad2682bc26200baab4a588374ced0c5b50550f85f8f41

blog.blazeinfosec.com Open in urlscan Pro 2606:4700:20::681a:8f5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

90 Requests

100 %HTTPS

100 %IPv6

12 Domains

14 Subdomains

16 IPs

2 Countries

16729 kBTransfer

20639 kBSize

7 Cookies

29 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.blazeinfosec.com Open in urlscan Pro
2606:4700:20::681a:8f5 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

100 %
HTTPS

100 %
IPv6

12
Domains

14
Subdomains

16
IPs

2
Countries

16729 kB
Transfer

20639 kB
Size

7
Cookies

90 HTTP transactions
2 data transactions