berntsen-rhodes.federatedjournals.com Open in urlscan Pro
104.21.54.102 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Submission: On January 24 via manual (January 24th 2023, 11:10:29 am UTC) from SC — Scanned from NZ

Summary HTTP 47 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 11 domains to perform 47 HTTP transactions. The main IP is 104.21.54.102, located in and belongs to CLOUDFLARENET, US. The main domain is berntsen-rhodes.federatedjournals.com.
TLS certificate: Issued by E1 on November 18th 2022. Valid for: 3 months.

This is the only time berntsen-rhodes.federatedjournals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	104.21.54.102 104.21.54.102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.217.194.95 172.217.194.95	15169 (GOOGLE) (GOOGLE)
2	199.232.46.208 199.232.46.208	54113 (FASTLY) (FASTLY)
9	74.125.200.190 74.125.200.190	15169 (GOOGLE) (GOOGLE)
2	142.250.4.147 142.250.4.147	15169 (GOOGLE) (GOOGLE)
3	74.125.68.94 74.125.68.94	15169 (GOOGLE) (GOOGLE)
1	104.238.222.52 104.238.222.52	23470 (RELIABLESITE) (RELIABLESITE)
1	42.99.140.216 42.99.140.216	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
7	142.250.4.95 142.250.4.95	15169 (GOOGLE) (GOOGLE)
1	172.217.194.120 172.217.194.120	15169 (GOOGLE) (GOOGLE)
1 2	172.217.194.155 172.217.194.155	15169 (GOOGLE) (GOOGLE)
1	74.125.24.149 74.125.24.149	15169 (GOOGLE) (GOOGLE)
1	142.251.10.95 142.251.10.95	15169 (GOOGLE) (GOOGLE)
1	142.251.12.132 142.251.12.132	15169 (GOOGLE) (GOOGLE)
1	74.125.68.119 74.125.68.119	15169 (GOOGLE) (GOOGLE)
2	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
47	17

6 104.21.54.102 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

berntsen-rhodes.federatedjournals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.46.208 (Singapore)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 74.125.200.190 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f190.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.238.222.52 (United States)

ASN23470 (RELIABLESITE, US)

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.216 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-216.pacnet.net

coresos.phinf.naver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.120 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f120.1e100.net

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.119 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f119.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 maps.googleapis.com — Cisco Umbrella Rank: 350 jnn-pa.googleapis.com — Cisco Umbrella Rank: 188	288 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	829 KB
6	gstatic.com fonts.gstatic.com maps.gstatic.com www.gstatic.com	153 KB
6	federatedjournals.com 1 redirects berntsen-rhodes.federatedjournals.com	41 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 210	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	16 KB
2	unsplash.com images.unsplash.com — Cisco Umbrella Rank: 4204	102 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 90	19 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 233	4 KB
1	naver.net coresos.phinf.naver.net — Cisco Umbrella Rank: 98533	69 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 18899	424 KB
47	11

	Domain	Requested by
12	maps.googleapis.com	www.google.com maps.googleapis.com berntsen-rhodes.federatedjournals.com
9	www.youtube.com	berntsen-rhodes.federatedjournals.com www.youtube.com
6	berntsen-rhodes.federatedjournals.com	1 redirects berntsen-rhodes.federatedjournals.com
4	jnn-pa.googleapis.com	www.youtube.com
3	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google.com	berntsen-rhodes.federatedjournals.com www.youtube.com
2	images.unsplash.com	berntsen-rhodes.federatedjournals.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	maps.gstatic.com	www.google.com
1	coresos.phinf.naver.net	berntsen-rhodes.federatedjournals.com
1	i.postimg.cc	berntsen-rhodes.federatedjournals.com
1	fonts.googleapis.com	berntsen-rhodes.federatedjournals.com
47	16

This site contains links to these domains. Also see Links.

Domain
federatedjournals.com
www.facebook.com
twitter.com
www.linkedin.com
www.angelhomethai.com
godofredo.ninja

Subject Issuer	Validity	Valid
*.federatedjournals.com E1	`2022-11-18` - `2023-02-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
images.unsplash.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
postimg.cc R3	`2022-12-17` - `2023-03-17`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Frame ID: F13F49D6D511D0B38A48F8A3B90997F9
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
Frame ID: 814F86C0A59B34AD9394CD12192BC412
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d101606.47975263363!2d126.88239551640623!3d37.266625099999985!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x357b43210db72241%3A0x478cb2d6220dbcff!2z7IiY7JuQ7Lac7J6l66eI7IKs7KeA!5e0!3m2!1sko!%20%3Ca%20href=
Frame ID: 74B010572F2FB3BB42B6E39DA0CBBEEA
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

평택 출장마사지를 받으면 몸에 도움이 됩니다.

Page URL History Show full URLs

https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735 HTTP 301
https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

47
Requests

96 %
HTTPS

0 %
IPv6

11
Domains

16
Subdomains

17
IPs

4
Countries

1947 kB
Transfer

5037 kB
Size

4
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://federatedjournals.com/
Title: Federated Journals

Search URL Search Domain Scan URL

URL: https://federatedjournals.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ghost

Search URL Search Domain Scan URL

URL: https://twitter.com/ghost

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=%ED%8F%89%ED%83%9D%20%EC%B6%9C%EC%9E%A5%EB%A7%88%EC%82%AC%EC%A7%80%EB%A5%BC%20%EB%B0%9B%EC%9C%BC%EB%A9%B4%20%EB%AA%B8%EC%97%90%20%EB%8F%84%EC%9B%80%EC%9D%B4%20%EB%90%A9%EB%8B%88%EB%8B%A4.&url=https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/&title=%ED%8F%89%ED%83%9D%20%EC%B6%9C%EC%9E%A5%EB%A7%88%EC%82%AC%EC%A7%80%EB%A5%BC%20%EB%B0%9B%EC%9C%BC%EB%A9%B4%20%EB%AA%B8%EC%97%90%20%EB%8F%84%EC%9B%80%EC%9D%B4%20%EB%90%A9%EB%8B%88%EB%8B%A4.

Search URL Search Domain Scan URL

URL: https://www.angelhomethai.com/pt
Title: 평택출장마사지

Search URL Search Domain Scan URL

URL: https://godofredo.ninja/
Title: @GodoFredoNinja

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735 HTTP 301
https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

47 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Redirect Chain

https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735
https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/

44 KB
13 KB

558ms
557ms

Document
text/html

104.21.54.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.54.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: aa25b3c149c16936e3a1dba202bfdc013a9376f71532cf5eee2c6f8c1320f98b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 78e8527a4a731c5d-AKL
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 24 Jan 2023 11:10:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sg5D6y0f%2F3Gazu8tzeuy0STrqg65%2Fk2vmrwOnufrr1b0FK7lHlId9lBEVUQH1rcSczjvyUjKGzlwaC%2FGWrJ9%2B23ANewm9psqKC9XjqFRBuDX7Zs70A8j%2FiY2m6Ku0efaYurNsU2bmPv%2BzSn6fbvAe1BUna4aE0II"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: DYNAMIC
cf-ray: 78e85273ca5e1c5d-AKL
date: Tue, 24 Jan 2023 11:10:21 GMT
location: /pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzBa3QUfjRSeBjTosVByRCsA6dRrJ7QHwfSE2P%2FJMMuxrTlOOjtvsH2JGRBsTE7GgrfCWGGcb%2B749jd1oHOI2sXEHwgJkXeSdUh%2FE3JX6UaJssxu5AksEqYfTc7GcOTMWla%2F%2B23Wg%2FfnvvucKW43HxcxrIRWUVU%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 823ms
278ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=PT+Serif:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

ESF /

Resource Hash

faf34e1ed712a796a6c4c31623402245d16c7be043004e68a8e121f9a371f785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://berntsen-rhodes.federatedjournals.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 24 Jan 2023 11:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 11:10:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Jan 2023 11:10:22 GMT

GET
H3 200 main.css
berntsen-rhodes.federatedjournals.com/assets/styles/ 44 KB
11 KB 428ms
427ms Stylesheet
text/css 104.21.54.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berntsen-rhodes.federatedjournals.com/assets/styles/main.css?v=9d84f9fccf
Requested by: Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.54.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f8cc662191e0110205bbcb47df600abbeb50f3332ddb33739d795f49a7118959

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:10:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 30 May 2022 20:38:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"afdf-18116b13fe7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMx4KpsSlS3nZ6TjC1Pl%2FLd4fPsuPT3qQRuVjXxI8odyswSVs93qa2MgOXXzrkQSu1AoEfAQ%2B7An1NvpAChUphzZLisq66HeXjVbhCrHmR%2BuQvexvLqLUbLifizdK1shpmsK6SVlhvTTtJv%2Br7FEwrsd3TnS%2FS3U"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 78e8527dccd71c4c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cards.min.js Show response
berntsen-rhodes.federatedjournals.com/public/ 7 KB
2 KB 1031ms
1030ms Script
application/javascript 104.21.54.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berntsen-rhodes.federatedjournals.com/public/cards.min.js?v=9d84f9fccf
Requested by: Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.54.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:10:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"9e5964261251e02cc1d6dfb44e28481f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7js2CZpXb%2Fzi%2FW5qL7UXTRBpKu%2BBJWpke7J4lNDt%2FNskWIeZudtXJ%2FhKpbCas6Bx9Nf%2FTp%2BEeqIX0HKOZpcWgxMK3oLcXB1ktYs1nELL8DCP%2FWn97x5uq7Ucvi4xUUkdzIf6YK0RcWCa9YlR7H%2FnXaFX2HrfmjNu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 78e852807fe11c4c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cards.min.css
berntsen-rhodes.federatedjournals.com/public/ 24 KB
5 KB 1035ms
1035ms Stylesheet
text/css 104.21.54.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berntsen-rhodes.federatedjournals.com/public/cards.min.css?v=9d84f9fccf
Requested by: Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.54.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9e692a13239c25f564ca4e0c3f878ae6f3ffe1faa861581a61d1b2e3d2682407

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:10:23 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"14afe209771f42a09ce98eb4029464f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3y8cqR2TChlC6Kb6TT%2Fx0h%2BMfNJFZyS9V%2BlDOHgU%2FUZSWXkmEpRAVJkXT%2BjMyUyA%2BYVu7xOIlpsVU%2FJ8nldBSahWWHQVZIWsnXsYAReu0jOeviWJY0ptxJljWR%2Bsr9mPgYlvIUKPHREx45GWBX2Y6u6DrmD1FRY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 78e8527dccd81c4c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 photo-1559752160-bdad0b5e2161
images.unsplash.com/ 27 KB
27 KB 965ms
492ms Image
image/jpeg 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1559752160-bdad0b5e2161?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=400&ixid=MnwxfDB8MXxyYW5kb218MHx8ZmFjZXx8fHx8fDE2NzM3ODE1Mzk&ixlib=rb-4.0.3&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=400

Requested by

Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c7ab89f7934a2ff42f92c3b88afd763e7fefbaae51db7b941eea3a0ec8a3be46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-imgix-render-farm: 01.592
date: Tue, 24 Jan 2023 11:10:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Dec 2022 11:17:14 GMT
server: imgix
age: 4233190
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: e00c9fdc051b717ec428356dc2271ada978406e5
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 27470
x-served-by: cache-sjc10080-SJC, cache-qpg1236-QPG

GET
H2 200 qZpIRUvRHnQ Show response
www.youtube.com/embed/ Frame 814F 67 KB
28 KB 901ms
353ms Document
text/html 74.125.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/qZpIRUvRHnQ?t=2

Requested by

Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f190.1e100.net

Software

ESF /

Resource Hash

c0136e24b42fdc9786600c61c7b6ad040dcb077ad5a49576c7a025e76eafaa26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 11:10:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 embed Show response
www.google.com/maps/ Frame 74B0 4 KB
2 KB 972ms
424ms Document
text/html 142.250.4.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d101606.47975263363!2d126.88239551640623!3d37.266625099999985!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x357b43210db72241%3A0x478cb2d6220dbcff!2z7IiY7JuQ7Lac7J6l66eI7IKs7KeA!5e0!3m2!1sko!%20%3Ca%20href=

Requested by

Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f147.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d854b1691113ada0dbbf80be2a790ec70889236909005a8a02181e3fc43f522e

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-YXToXnl0Kzci4cUlhwmH6g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1438
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-YXToXnl0Kzci4cUlhwmH6g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Tue, 24 Jan 2023 11:10:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
server-timing: gfet4t7; dur=152
vary: Accept-Language Origin X-Origin Referer
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 photo-1564304220505-daf4fe149c38
images.unsplash.com/ 74 KB
75 KB 708ms
235ms Image
image/jpeg 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1564304220505-daf4fe149c38?crop=entropy&cs=tinysrgb&fit=crop&fm=jpg&h=600&ixid=MnwxfDB8MXxyYW5kb218MHx8cGhvdG98fHx8fHwxNjc0NTQ3NzUx&ixlib=rb-4.0.3&q=80&utm_campaign=api-credit&utm_medium=referral&utm_source=unsplash_source&w=800

Requested by

Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1dc9a40d317acb28b914a5d0dfe256b56cd09a7197299a37417bbadbebeaea7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-imgix-render-farm: 01.592
date: Tue, 24 Jan 2023 11:10:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Nov 2022 09:57:10 GMT
server: imgix
age: 6052394
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 598cfd3b5fea438b0e071180f4bc31863bb0c437
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 76281
x-served-by: cache-sjc10043-SJC, cache-qpg1236-QPG

GET
H3 200 post.js Show response
berntsen-rhodes.federatedjournals.com/assets/scripts/ 24 KB
9 KB 1027ms
1027ms Script
application/javascript 104.21.54.102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://berntsen-rhodes.federatedjournals.com/assets/scripts/post.js?v=9d84f9fccf
Requested by: Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.54.102 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e1764d00d17731f649015560a7e9a4d1c0bc0014866a4f9c02f48c53b4c89c74

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:10:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 30 May 2022 20:38:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"5f4f-18116b13fe7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7rcWGoOpvCvfvcL37B2toCsnRmqm41muU3CpUALSbcFFlbdVfCuTc0e5GtgYYQktkl6Q1PnvLqdoUKU8uYa0t8MJ5UIDRjYQgTMDDdj9z1SqqY9snxKNV3FMPl5Ma1Dh4oXGrl%2Fj%2F5CUVjhqomSlw8MMMm%2BBfuM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 78e852807fdf1c4c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 www-player.css
www.youtube.com/s/player/4248d311/ Frame 814F 360 KB
49 KB 274ms
273ms Stylesheet
text/css 74.125.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f190.1e100.net

Software

sffe /

Resource Hash

f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 414308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49911
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Jan 2024 16:05:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 814F 15 KB
16 KB 820ms
272ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:37:45 GMT
x-content-type-options: nosniff
age: 73958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 14:37:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 814F 15 KB
15 KB 887ms
340ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 22:42:17 GMT
x-content-type-options: nosniff
age: 44886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 22:42:17 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 74B0 168 KB
55 KB 274ms
273ms Script
text/javascript 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d101606.47975263363!2d126.88239551640623!3d37.266625099999985!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x357b43210db72241%3A0x478cb2d6220dbcff!2z7IiY7JuQ7Lac7J6l66eI7IKs7KeA!5e0!3m2!1sko!%20%3Ca%20href=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

mafe /

Resource Hash

8b85ef47ca7ce7621638b031a849064cbe8ed2d373317d1c1373dbb2fc4f2314

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:09:45 GMT
content-encoding: gzip
server: mafe
age: 38
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56016
x-xss-protection: 0
expires: Tue, 24 Jan 2023 11:39:45 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 1054ms
575ms Font
font/woff2 74.125.68.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=PT+Serif:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f94.1e100.net

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://berntsen-rhodes.federatedjournals.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 12:37:24 GMT
x-content-type-options: nosniff
age: 340379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 12:37:24 GMT

GET
H2 200 image.png
i.postimg.cc/2SKDmyXJ/ 424 KB
424 KB 852ms
302ms Image
image/png 104.238.222.52
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/2SKDmyXJ/image.png
Requested by: Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.222.52 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 4042fe10b2324bb76f5ea51a7a309a0ddce1d00a5f7b1cfc0e73aee846a0ebb2

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:10:24 GMT
last-modified: Thu, 05 Jan 2023 09:31:57 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 433936
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2_7fiUd018svcxnokklwy1jro_yts0wm.jpg
coresos.phinf.naver.net/a/307d5h/ 69 KB
69 KB 2428ms
1428ms Image
image/jpeg 42.99.140.216
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coresos.phinf.naver.net/a/307d5h/2_7fiUd018svcxnokklwy1jro_yts0wm.jpg
Requested by: Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-216.pacnet.net
Software: /
Resource Hash: 91ccc5cf744595f8fa1b0cedf92ccf2c4ffd707ead29adca96b0e78aa2388463

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 11:10:26 GMT
Last-Modified: Tue, 24 Jan 2023 11:10:25 GMT
P3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Content-Type: image/jpeg
Cache-Control: max-age=2591989
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 70229
Expires: Thu, 23 Feb 2023 11:10:15 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame 814F 342 KB
107 KB 374ms
373ms Script
text/javascript 74.125.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f190.1e100.net

Software

sffe /

Resource Hash

a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:05:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 414290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109432
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Jan 2024 16:05:33 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame 814F 2 MB
597 KB 274ms
274ms Script
text/javascript 74.125.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f190.1e100.net

Software

sffe /

Resource Hash

f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 414320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611243
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Jan 2024 16:05:03 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame 814F 9 KB
3 KB 768ms
768ms Script
text/javascript 74.125.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f190.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 02:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 20 Jan 2024 02:31:16 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 74B0 3 B
46 B 904ms
277ms XHR
application/json 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/51/6/intl/en_gb/ Frame 74B0 222 KB
68 KB 899ms
274ms Script
text/javascript 172.217.194.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/51/6/intl/en_gb/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.120 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f120.1e100.net

Software

sffe /

Resource Hash

927347a3f7482e39634264833314a535945e1a96256ace6f1ef80ad1a695a7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 20:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69386
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 21:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 20:36:35 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 814F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

274ms
273ms

XHR
application/json

172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2

Protocol

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f155.1e100.net

Software

cafe /

Resource Hash

0151604b06104e5f6b58d2d388b7a19be6f48a52fe952b3437063333822b7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 24 Jan 2023 11:10:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 814F 29 B
588 B 819ms
273ms Script
text/javascript 74.125.24.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f149.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:08:07 GMT
x-content-type-options: nosniff
age: 138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 11:23:07 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 822ms
275ms Preflight
text/html 142.251.10.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 24 Jan 2023 11:10:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 814F 67 KB
30 KB 280ms
279ms XHR
application/json+protobuf 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

2a021a46dfc7048b2a3a23a309cf645372048fca5b17768f99ed5a3989d95818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 24 Jan 2023 11:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31129
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame 814F 119 KB
36 KB 274ms
273ms Script
text/javascript 74.125.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f190.1e100.net

Software

sffe /

Resource Hash

f3b85842f1435a024c577c49e634cfdfc799a7d3fb19e8909d1bdd29017ad912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 16:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 413836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37215
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 Jan 2024 16:13:08 GMT

GET
H2 200 x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js Show response
www.google.com/js/th/ Frame 814F 36 KB
14 KB 274ms
272ms Script
text/javascript 142.250.4.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f147.1e100.net

Software

sffe /

Resource Hash

c785098fc813e82b53e7f3d9481dac324593ee84f738d62f621788fd597f91bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 20:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14250
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 20:49:54 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame 814F 26 KB
8 KB 275ms
273ms Script
text/javascript 74.125.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f190.1e100.net

Software

sffe /

Resource Hash

39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 22 Jan 2023 06:47:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 188581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8333
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 Jan 2024 06:47:24 GMT

GET
DATA 200
OK truncated
/ Frame 814F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJXdFo_fOHUcM4oL6yTY0ff-XdVetafdsjczMMqr0w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 814F 4 KB
4 KB 820ms
273ms Image
image/jpeg 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJXdFo_fOHUcM4oL6yTY0ff-XdVetafdsjczMMqr0w=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

fife /

Resource Hash

adaeb2d791d1e7289c0044d4392e653508e97e1f9ab5d96699ae43e04acea21d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 08:53:17 GMT
x-content-type-options: nosniff
age: 8228
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3997
x-xss-protection: 0
server: fife
etag: "v1b8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 25 Jan 2023 08:53:17 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/qZpIRUvRHnQ/ Frame 814F 19 KB
19 KB 822ms
273ms Image
image/webp 74.125.68.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/qZpIRUvRHnQ/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f119.1e100.net

Software

sffe /

Resource Hash

2ccee3a7957bb31bbc236bbbaae62050902380fc5f7bb6cd6f50c855250f3321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 10:48:39 GMT
x-content-type-options: nosniff
age: 1306
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19018
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Jan 2023 12:48:39 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 814F 4 KB
3 KB 826ms
274ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 11:10:26 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 74B0 271 KB
76 KB 431ms
430ms Script
text/javascript 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

bbeee5045a5e289de2ee33ca8c453f85d79ccbb0b951f2ffe5f00da786145468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 20:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77371
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 21:59:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 20:30:35 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 74B0 157 KB
58 KB 273ms
272ms Script
text/javascript 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

51170d11b56d3ca82a0d8475d7fa0a89f6476c135b59e2a6fa4ec9ff0585bc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 20:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59325
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 21:59:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 20:30:35 GMT

GET
H2 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 74B0 75 KB
27 KB 672ms
671ms Script
text/javascript 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

7f318fe2bed380515c3409a139d311e4150b52f0fc536cfddcddb733ad3eceaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 20:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27375
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 21:59:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 20:30:36 GMT

GET
H2 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 74B0 3 KB
1 KB 724ms
724ms Script
text/javascript 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

6edde9a4553ca6fcb40d39e3f516eccce24c4aa1213c53a032e432e31d113c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 20:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 21:59:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 20:30:36 GMT

GET
DATA 200
OK truncated
/ Frame 74B0 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 74B0 26 KB
26 KB 750ms
749ms Image
image/png 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i223417&2i101716&2e1&3u10&4m2&1u300&2u150&5m6&1e0&5sen-NZ&6sus&10b1&12b1&14i1379903&client=google-maps-embed&token=76909

Requested by

Host: berntsen-rhodes.federatedjournals.com
URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

616a708eb443cbf5a883c2e5fd9f725d607a767186e1a19fda6652b3758a7515

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:10:25 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=82
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26191
x-xss-protection: 0
expires: Wed, 25 Jan 2023 11:10:25 GMT

GET
H2 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 74B0 27 KB
10 KB 722ms
721ms Script
text/javascript 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

a543212f60528529154e14b5d50ac8944156f4d90d3f4ca36a072266702d4b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 20:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10011
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 21:59:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 20:30:36 GMT

GET
H2 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/ Frame 74B0 3 KB
1 KB 744ms
743ms Script
text/javascript 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_NZ&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f95.1e100.net

Software

sffe /

Resource Hash

6b05d7e56e2187a7121bb1028d3a96b98ec3f5f20de9d8aa3eaf4d9efe4bdac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 21:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1404
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 21:59:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 21:10:04 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 814F 94 B
138 B 277ms
277ms XHR
application/json+protobuf 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

f20077c2f6bea9c8760e78ecd6547d5d3b0b379e98eb34f2fb2870ce78e54c5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 24 Jan 2023 11:10:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 274ms
274ms Preflight
text/html 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 24 Jan 2023 11:10:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame 74B0 12 KB
2 KB 284ms
283ms Script
text/javascript 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d37.016556844650474&2d126.39400056344338&2m2&1d37.52475580930245&2d127.65630121757894&2u10&4sen-NZ&5e0&6sm%40631000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._7hucvg&client=google-maps-embed&token=9288

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

mafe /

Resource Hash

31ff4e753dc97d0449bdda364faa4932f32a8e7300a61d99fdedc1c553fcdab8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 11:10:26 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2156
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 74B0 62 B
84 B 277ms
277ms Script
text/javascript 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=46778

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

mafe /

Resource Hash

5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 11:10:26 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 814F 48 KB
14 KB 273ms
272ms Script
text/javascript 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 02:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 25 Jan 2023 02:13:44 GMT

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame 74B0 62 B
83 B 277ms
277ms Script
text/javascript 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7sa4yxm1&10e1&11b0&callback=_xdc_._mqwjf0&client=google-maps-embed&token=62133

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/6/intl/en_gb/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

mafe /

Resource Hash

4b35fc5571cc2c4ba24b419ae07510b5aa392cb93e0579e70bf29104c9969814

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 11:10:26 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 814F 28 B
50 B 319ms
318ms XHR
application/json 74.125.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f190.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time: 1674558626815
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt3Nnc5T1E5QUdRbyif-b6eBg%3D%3D
X-YouTube-Ad-Signals: dt=1674558624273&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C680%2C383&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 24 Jan 2023 11:10:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 814F 28 B
50 B 281ms
281ms XHR
application/json 74.125.200.190
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.200.190 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f190.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time: 1674558628963
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/qZpIRUvRHnQ?t=2
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt3Nnc5T1E5QUdRbyif-b6eBg%3D%3D
X-YouTube-Ad-Signals: dt=1674558624273&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C680%2C383&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 24 Jan 2023 11:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 9o0w6mFupJM
.youtube.com/	1970-01-20 13:28:30	Name: DEVICE_INFO Value: ChxOekU1TWpFM05EVXlNalV3TXpJME16RXlNdz09EJ/5vp4GGJ/5vp4G
.youtube.com/	1970-01-20 13:28:30	Name: VISITOR_INFO1_LIVE Value: w6w9OQ9AGQo
.unsplash.com/	1970-01-20 17:54:54	Name: ugid Value: 0e02b5c1b3bba2a60804c7ed5c4f56c25581862

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/(Line 320) Message: Mixed Content: The page at 'https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/' was loaded over HTTPS, but requested an insecure element 'http://coresos.phinf.naver.net/a/307d5h/2_7fiUd018svcxnokklwy1jro_yts0wm.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/ Message: Mixed Content: The page at 'https://berntsen-rhodes.federatedjournals.com/pyeongtaeg-culjangmasajireul-badeumyeon-mome-doumi-doebnida-1674547735/' was loaded over HTTPS, but requested an insecure element 'http://coresos.phinf.naver.net/a/307d5h/2_7fiUd018svcxnokklwy1jro_yts0wm.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

berntsen-rhodes.federatedjournals.com
coresos.phinf.naver.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.postimg.cc
i.ytimg.com
images.unsplash.com
jnn-pa.googleapis.com
maps.googleapis.com
maps.gstatic.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.21.54.102
104.238.222.52
142.250.4.147
142.250.4.95
142.251.10.95
142.251.12.132
172.217.194.120
172.217.194.155
172.217.194.94
172.217.194.95
199.232.46.208
42.99.140.216
74.125.200.190
74.125.24.149
74.125.68.119
74.125.68.94
0151604b06104e5f6b58d2d388b7a19be6f48a52fe952b3437063333822b7782
1dc9a40d317acb28b914a5d0dfe256b56cd09a7197299a37417bbadbebeaea7b
2a021a46dfc7048b2a3a23a309cf645372048fca5b17768f99ed5a3989d95818
2ccee3a7957bb31bbc236bbbaae62050902380fc5f7bb6cd6f50c855250f3321
31ff4e753dc97d0449bdda364faa4932f32a8e7300a61d99fdedc1c553fcdab8
39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4042fe10b2324bb76f5ea51a7a309a0ddce1d00a5f7b1cfc0e73aee846a0ebb2
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b35fc5571cc2c4ba24b419ae07510b5aa392cb93e0579e70bf29104c9969814
51170d11b56d3ca82a0d8475d7fa0a89f6476c135b59e2a6fa4ec9ff0585bc12
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e
616a708eb443cbf5a883c2e5fd9f725d607a767186e1a19fda6652b3758a7515
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b05d7e56e2187a7121bb1028d3a96b98ec3f5f20de9d8aa3eaf4d9efe4bdac9
6edde9a4553ca6fcb40d39e3f516eccce24c4aa1213c53a032e432e31d113c19
7b1adc0636586712a85c1e426ec943c01638115eb6bcd58f593fd0984c0c4ac0
7f318fe2bed380515c3409a139d311e4150b52f0fc536cfddcddb733ad3eceaa
8b85ef47ca7ce7621638b031a849064cbe8ed2d373317d1c1373dbb2fc4f2314
91ccc5cf744595f8fa1b0cedf92ccf2c4ffd707ead29adca96b0e78aa2388463
927347a3f7482e39634264833314a535945e1a96256ace6f1ef80ad1a695a7fb
9e692a13239c25f564ca4e0c3f878ae6f3ffe1faa861581a61d1b2e3d2682407
a543212f60528529154e14b5d50ac8944156f4d90d3f4ca36a072266702d4b10
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
aa25b3c149c16936e3a1dba202bfdc013a9376f71532cf5eee2c6f8c1320f98b
adaeb2d791d1e7289c0044d4392e653508e97e1f9ab5d96699ae43e04acea21d
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
bbeee5045a5e289de2ee33ca8c453f85d79ccbb0b951f2ffe5f00da786145468
c0136e24b42fdc9786600c61c7b6ad040dcb077ad5a49576c7a025e76eafaa26
c785098fc813e82b53e7f3d9481dac324593ee84f738d62f621788fd597f91bd
c7ab89f7934a2ff42f92c3b88afd763e7fefbaae51db7b941eea3a0ec8a3be46
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d854b1691113ada0dbbf80be2a790ec70889236909005a8a02181e3fc43f522e
e1764d00d17731f649015560a7e9a4d1c0bc0014866a4f9c02f48c53b4c89c74
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f20077c2f6bea9c8760e78ecd6547d5d3b0b379e98eb34f2fb2870ce78e54c5d
f3b85842f1435a024c577c49e634cfdfc799a7d3fb19e8909d1bdd29017ad912
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
f8cc662191e0110205bbcb47df600abbeb50f3332ddb33739d795f49a7118959
f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856
faf34e1ed712a796a6c4c31623402245d16c7be043004e68a8e121f9a371f785

berntsen-rhodes.federatedjournals.com Open in urlscan Pro 104.21.54.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

96 %HTTPS

0 %IPv6

11 Domains

16 Subdomains

17 IPs

4 Countries

1947 kBTransfer

5037 kBSize

4 Cookies

9 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

berntsen-rhodes.federatedjournals.com Open in urlscan Pro
104.21.54.102 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

96 %
HTTPS

0 %
IPv6

11
Domains

16
Subdomains

17
IPs

4
Countries

1947 kB
Transfer

5037 kB
Size

4
Cookies

47 HTTP transactions
2 data transactions